This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa File: 73488a43-875c-415a-9969-c278b245b9fb.roa (raw, json) Hash identifier: VU7lB6m2gdbVxKvohJWp0zHfASYkDARirmtnok+nB1Y= Subject key identifier: C3:A6:AD:24:99:B3:7E:25:23:88:B4:A3:7C:1F:4D:80:8D:C7:71:08 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 648461C638C2BC2185585D1CBFB90AC14CCB20D5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa Signing time: Sat 15 Nov 2025 06:40:05 +0000 ROA not before: Sat 15 Nov 2025 06:40:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:84:61:c6:38:c2:bc:21:85:58:5d:1c:bf:b9:0a:c1:4c:cb:20:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:40:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=955dda40b3228da117c92e879f1844963349e58bac367c5b68985789cf8690e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e6:4f:5b:9d:a4:a1:0f:14:42:b6:e9:dc:84: 91:b3:d3:6b:76:16:a3:ec:7d:8c:36:43:ef:0c:05: 1f:3b:3b:75:9b:42:17:73:fb:49:58:97:4f:0c:2a: b6:66:aa:b2:57:07:70:1c:87:a0:45:b4:76:bf:3e: 4f:fc:78:8b:da:0c:61:da:e5:82:ba:85:a6:9a:79: 76:50:11:3f:c4:84:58:c6:8f:d4:c7:e8:fd:3d:24: 9a:43:fc:35:00:ad:09:ef:15:76:84:37:9a:ba:cb: fa:d7:21:9c:9c:e1:a9:89:85:c6:c5:9d:f0:6f:5a: db:55:27:49:ce:98:48:68:a3:df:a2:9a:07:fb:f5: 10:68:fb:26:59:ca:bf:a0:28:c3:96:bb:2f:7d:b2: 44:93:25:e8:45:2e:33:54:2c:4f:1f:49:05:85:dd: 2a:4b:ef:d2:51:a1:27:84:68:70:e1:52:ef:37:0d: 18:8f:28:28:fd:b2:84:07:11:b5:de:40:3d:f9:ff: 91:66:6f:4f:96:5e:ec:7d:8f:9a:b5:79:66:1d:81: ec:0a:c7:94:2a:4a:a3:d8:9b:5b:98:c6:ed:5d:3d: b9:41:47:33:3e:c0:24:14:91:99:ab:14:3d:b7:5d: bd:66:4d:f7:a5:ea:5c:82:57:bc:9a:73:e0:10:d7: 2d:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:A6:AD:24:99:B3:7E:25:23:88:B4:A3:7C:1F:4D:80:8D:C7:71:08 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:e080::/48 Signature Algorithm: sha256WithRSAEncryption 29:86:74:66:ee:96:35:9b:5b:80:5e:83:f0:1f:02:a2:9b:1d: 48:fe:27:b5:ba:f8:8d:d0:ef:d4:14:98:4a:57:94:af:59:2e: 15:a0:ac:57:f7:79:9e:51:43:f9:30:14:fe:7b:53:18:07:37: cb:77:74:71:03:fc:10:3e:39:f3:56:98:6d:81:6f:27:42:ac: 5b:45:b3:f5:ca:25:e9:61:81:c2:0a:02:e1:62:3c:ce:9e:e7: a4:b0:8a:e7:0a:ea:a7:2b:4c:fe:83:ce:ca:3c:46:0a:3f:0f: 4e:16:bc:50:b7:d5:2f:f7:ad:b3:a2:45:af:fe:da:19:47:ad: bd:f9:f8:e7:dc:bf:8b:5a:0f:07:fd:7b:3f:da:9b:c1:81:47: 89:58:16:09:f8:79:2d:30:54:db:5d:e8:df:92:e0:cd:b9:92: 1c:a8:0f:50:74:66:14:d7:2e:13:02:e8:42:76:86:72:db:6e: d2:bd:60:0f:48:55:28:02:1e:94:d6:f7:a0:2a:fe:dd:75:c7: 19:ee:5d:e0:5a:3f:b3:63:e1:52:65:19:62:b4:a6:f3:b2:a0: 57:01:e4:da:c5:a3:d0:d5:39:84:48:ce:6f:07:f2:a7:0c:7a: f5:4c:04:5f:af:0d:21:c6:81:3e:13:98:0d:71:20:88:f3:6b: bb:99:74:27 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZIRhxjjCvCGFWF0cv7kKwUzLINUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjQwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDk1NWRkYTQwYjMyMjhkYTExN2M5MmU4NzlmMTg0NDk2MzM0OWU1OGJhYzM2 N2M1YjY4OTg1Nzg5Y2Y4NjkwZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJvmT1udpKEPFEK26dyEkbPTa3YWo+x9jDZD7wwFHzs7dZtCF3P7SViXTwwq tmaqslcHcByHoEW0dr8+T/x4i9oMYdrlgrqFppp5dlARP8SEWMaP1Mfo/T0kmkP8 NQCtCe8VdoQ3mrrL+tchnJzhqYmFxsWd8G9a21UnSc6YSGij36KaB/v1EGj7JlnK v6Aow5a7L32yRJMl6EUuM1QsTx9JBYXdKkvv0lGhJ4RocOFS7zcNGI8oKP2yhAcR td5APfn/kWZvT5Ze7H2PmrV5Zh2B7ArHlCpKo9ibW5jG7V09uUFHMz7AJBSRmasU PbddvWZN96XqXIJXvJpz4BDXLW8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDpq0k mbN+JSOItKN8H02AjcdxCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzM0ODhhNDMtODc1Yy00MTVhLTk5NjktYzI3OGIyNDViOWZiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g gDANBgkqhkiG9w0BAQsFAAOCAQEAKYZ0Zu6WNZtbgF6D8B8CopsdSP4ntbr4jdDv 1BSYSleUr1kuFaCsV/d5nlFD+TAU/ntTGAc3y3d0cQP8ED4581aYbYFvJ0KsW0Wz 9col6WGBwgoC4WI8zp7npLCK5wrqpytM/oPOyjxGCj8PTha8ULfVL/ets6JFr/7a GUetvfn459y/i1oPB/17P9qbwYFHiVgWCfh5LTBU213o35LgzbmSHKgPUHRmFNcu EwLoQnaGcttu0r1gD0hVKAIelNb3oCr+3XXHGe5d4Fo/s2PhUmUZYrSm87KgVwHk 2sWj0NU5hEjObwfypwx69UwEX68NIcaBPhOYDXEgiPNru5l0Jw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:46 2025 by rpki-client