This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa File: 6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa (raw, json) Hash identifier: I8/RkMNt0pPp/VLxn4ngQbSoiq0fbcX03qSPBLoHsLA= Subject key identifier: DE:8A:8A:DC:B0:ED:B9:8A:38:A1:F4:2C:B1:0F:70:C1:FA:C1:85:21 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 225FB3804BEB2FC50D26E9ABB94809BEACF123C0 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa Signing time: Sat 15 Nov 2025 05:30:52 +0000 ROA not before: Sat 15 Nov 2025 05:30:52 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:5f:b3:80:4b:eb:2f:c5:0d:26:e9:ab:b9:48:09:be:ac:f1:23:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:52 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=28b0f27f221aca4793f3b641c631bd9144644ce13899350589afa52fb226c42f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:9f:eb:1b:27:30:b3:e8:00:e8:d9:ac:7f:08: b5:07:20:98:53:30:25:ad:76:a0:44:99:cc:40:f2: 9c:a2:e7:b5:23:ca:db:bf:2a:46:f8:2a:6b:5a:38: cf:5a:34:f7:49:d0:25:c2:53:80:c6:d3:90:ed:f7: 7d:9f:b2:9e:9a:c0:15:9e:86:f5:56:71:8a:c6:c2: 99:bc:93:a1:d4:1f:28:2e:aa:9b:6a:cc:85:79:fa: 62:e6:50:36:15:5f:1e:21:85:f4:ac:b1:93:3f:a0: 43:fc:75:7c:af:90:05:f2:93:9f:ef:fe:1f:64:71: 05:c7:2e:c6:ea:0e:e2:70:9c:92:c2:a3:f8:69:58: f4:c5:7e:0b:79:d7:34:84:f4:6b:1b:e0:16:71:31: c0:4c:93:ff:79:d3:87:e4:68:a7:42:c4:ab:67:dc: e5:9a:13:06:99:c6:4e:da:d8:44:58:92:bf:e8:b3: 81:5c:01:08:e9:ad:b7:1a:4a:dc:b3:95:99:f6:63: 9d:2d:73:80:2f:5c:83:69:5e:00:49:e3:0c:11:e6: e5:86:73:ce:8b:f3:66:23:c6:88:10:b6:cb:6d:50: a7:89:54:ae:b3:53:23:5a:22:9d:23:07:b7:12:ba: a0:c3:32:97:f7:bb:75:20:7e:eb:2e:96:84:52:4c: 44:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:8A:8A:DC:B0:ED:B9:8A:38:A1:F4:2C:B1:0F:70:C1:FA:C1:85:21 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:c000::/40 Signature Algorithm: sha256WithRSAEncryption 02:ef:45:29:7f:a8:40:a3:40:5f:37:ae:40:82:15:70:8f:ef: b6:3d:1b:df:3c:f2:91:97:34:64:e2:ac:82:86:48:31:a2:e1: eb:57:19:9a:62:b6:08:18:ce:08:ec:0c:5e:43:3a:41:08:03: ee:b7:9f:af:7f:07:7d:68:eb:72:ea:8c:56:b7:57:ec:c4:a5: 09:9c:78:3a:3c:72:44:f4:94:87:1b:9a:2a:5c:73:38:1c:5e: 85:7f:83:9c:a1:0d:09:4b:11:11:72:2b:d4:73:ce:51:36:bc: 12:65:90:4f:db:89:4c:92:e5:34:f5:8a:13:ee:e5:fe:84:e2: 31:ac:a0:c1:3b:ef:70:95:3e:4a:5a:1b:72:87:c7:eb:2c:b4: cd:a8:ed:c8:d8:86:e7:57:cc:d8:50:69:34:79:1d:04:13:b0: 48:05:96:2f:55:d0:db:d2:7c:42:50:78:26:6d:78:71:91:6e: fb:b0:bb:da:fc:6c:1b:a8:9b:6c:f3:e4:3a:67:2d:ae:0f:3d: ae:8d:3f:9a:b8:26:d2:50:09:a8:8c:c0:ee:a8:84:93:52:7e: 13:49:ff:b3:92:92:6a:88:98:fd:67:a9:12:a1:ff:d3:80:b6: 73:8e:7c:db:cc:b1:2b:3c:43:ad:f0:18:0a:66:32:89:28:ad: 8a:93:74:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIl+zgEvrL8UNJumruUgJvqzxI8AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDI4YjBmMjdmMjIxYWNhNDc5M2YzYjY0MWM2MzFiZDkxNDQ2NDRjZTEzODk5 MzUwNTg5YWZhNTJmYjIyNmM0MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKef6xsnMLPoAOjZrH8ItQcgmFMwJa12oESZzEDynKLntSPK278qRvgqa1o4 z1o090nQJcJTgMbTkO33fZ+ynprAFZ6G9VZxisbCmbyTodQfKC6qm2rMhXn6YuZQ NhVfHiGF9Kyxkz+gQ/x1fK+QBfKTn+/+H2RxBccuxuoO4nCcksKj+GlY9MV+C3nX NIT0axvgFnExwEyT/3nTh+Rop0LEq2fc5ZoTBpnGTtrYRFiSv+izgVwBCOmttxpK 3LOVmfZjnS1zgC9cg2leAEnjDBHm5YZzzovzZiPGiBC2y21Qp4lUrrNTI1oinSMH txK6oMMyl/e7dSB+6y6WhFJMRP8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeiorc sO25ijih9CyxD3DB+sGFITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NmVlNDI0ZDYtYTA2Ny00ZmI5LWE4MmUtMDU4OTBjZjhhODhmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FjA MA0GCSqGSIb3DQEBCwUAA4IBAQAC70Upf6hAo0BfN65AghVwj++2PRvfPPKRlzRk 4qyChkgxouHrVxmaYrYIGM4I7AxeQzpBCAPut5+vfwd9aOty6oxWt1fsxKUJnHg6 PHJE9JSHG5oqXHM4HF6Ff4OcoQ0JSxERcivUc85RNrwSZZBP24lMkuU09YoT7uX+ hOIxrKDBO+9wlT5KWhtyh8frLLTNqO3I2IbnV8zYUGk0eR0EE7BIBZYvVdDb0nxC UHgmbXhxkW77sLva/GwbqJts8+Q6Zy2uDz2ujT+auCbSUAmojMDuqISTUn4TSf+z kpJqiJj9Z6kSof/TgLZzjnzbzLErPEOt8BgKZjKJKK2Kk3TU -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:07 2025 by rpki-client