This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json) Hash identifier: jxdM/zZDrdFrzSgn8h/OEa5FhC2Pev9+QnV32peh6/g= Subject key identifier: 2B:4D:69:94:BB:39:89:4F:C3:BA:BA:83:44:CF:F5:72:CC:50:05:30 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5C0BCFEF3D3127968727570F2C70F83F0E3A19C8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa Signing time: Sat 15 Nov 2025 05:30:51 +0000 ROA not before: Sat 15 Nov 2025 05:30:51 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:0b:cf:ef:3d:31:27:96:87:27:57:0f:2c:70:f8:3f:0e:3a:19:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:51 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9dc4a8c4eef207145da3b39127157ae04dfb80dfcd0b1cf79c53ed4cb282c828, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:be:97:31:72:fd:6b:9f:b8:6b:a8:4a:f7:6d: 88:e4:9f:4f:2c:9f:46:1d:3a:1f:14:f4:b2:d7:d2: ac:bb:f1:98:09:14:3f:9a:f9:2e:07:98:f4:69:00: 69:b0:aa:f5:da:06:60:5f:06:d5:9f:df:9a:00:99: 81:e9:a9:07:58:fe:f8:b6:d2:67:2c:57:fb:86:4e: ce:d0:e7:c3:13:cf:4f:c8:cc:59:46:8a:c6:78:0d: 37:2c:82:f3:3e:c8:aa:38:0d:7b:94:44:54:f8:4f: 14:08:b1:1c:cb:1f:c5:b3:ed:3e:25:12:5c:85:c2: 79:13:c0:3e:52:62:e7:50:ea:62:2b:47:87:36:1e: 6f:7d:be:eb:a3:7e:c4:f0:35:41:78:7f:b7:a5:be: ef:40:f1:b2:13:13:0e:3a:c6:b6:29:9e:87:7d:2c: 5d:d8:62:1d:91:7f:ec:94:91:aa:91:62:8f:3f:09: 21:b1:85:7b:30:0e:d8:8e:08:17:63:40:8a:50:3d: 08:47:d6:07:68:fa:3e:a4:00:2d:4a:f7:5b:c8:eb: 33:9d:b9:dd:e9:7c:9c:7f:ca:24:6f:d1:d3:f6:02: 87:89:b0:e0:b8:a1:04:1a:e1:25:cb:48:bd:10:67: 6f:65:e9:af:cb:32:67:7d:37:da:c5:0d:ca:a6:08: 26:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:4D:69:94:BB:39:89:4F:C3:BA:BA:83:44:CF:F5:72:CC:50:05:30 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:e000::/40 Signature Algorithm: sha256WithRSAEncryption 44:c4:f0:4e:52:58:78:05:b1:7e:b3:22:6f:e8:dc:4e:ad:d0: 46:22:79:1b:8c:a2:27:f9:a1:b6:d8:01:ba:dd:d0:8d:12:60: d8:59:2a:71:d5:ad:84:45:f6:3f:49:6d:bb:ab:76:85:94:1b: 7b:a7:d0:53:7a:3e:24:21:c9:b3:ab:2b:cd:33:86:cf:3f:3e: 11:73:b3:44:9a:56:25:c9:ef:7e:5f:91:86:cd:2d:95:07:52: 5a:1d:03:17:76:d9:3a:2c:ce:8d:59:6a:b7:0e:51:b7:2d:87: 5e:aa:d4:0e:3c:89:2a:8d:10:57:74:83:fb:a2:32:8e:e2:f8: 24:5e:c0:f5:85:31:ee:96:70:0f:b6:68:8d:f7:e4:8f:85:b8: 49:51:3a:be:e0:e2:4d:47:52:60:f5:e4:8b:c5:b2:fd:f3:84: 85:e1:d7:0c:de:4b:0a:fe:a8:d9:e3:2d:f6:9b:83:aa:7d:f8: de:07:e3:ae:47:8f:86:67:65:68:90:bb:e4:1c:3a:ee:55:41: dc:a1:ed:a3:97:bf:30:41:ee:7b:d5:1f:9a:64:2a:f1:b8:24: 3c:ec:ad:a9:49:f9:bb:a4:6b:49:49:9d:ee:26:53:b3:b7:f3: fe:79:f0:14:a7:cd:2b:1e:a5:47:c9:0d:77:8f:79:d0:5d:39: 2b:75:22:a9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXAvP7z0xJ5aHJ1cPLHD4Pw46GcgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDlkYzRhOGM0ZWVmMjA3MTQ1ZGEzYjM5MTI3MTU3YWUwNGRmYjgwZGZjZDBi MWNmNzljNTNlZDRjYjI4MmM4MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKe+lzFy/WufuGuoSvdtiOSfTyyfRh06HxT0stfSrLvxmAkUP5r5LgeY9GkA abCq9doGYF8G1Z/fmgCZgempB1j++LbSZyxX+4ZOztDnwxPPT8jMWUaKxngNNyyC 8z7IqjgNe5REVPhPFAixHMsfxbPtPiUSXIXCeRPAPlJi51DqYitHhzYeb32+66N+ xPA1QXh/t6W+70DxshMTDjrGtimeh30sXdhiHZF/7JSRqpFijz8JIbGFezAO2I4I F2NAilA9CEfWB2j6PqQALUr3W8jrM5253el8nH/KJG/R0/YCh4mw4LihBBrhJctI vRBnb2Xpr8syZ3032sUNyqYIJjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrTWmU uzmJT8O6uoNEz/VyzFAFMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg MA0GCSqGSIb3DQEBCwUAA4IBAQBExPBOUlh4BbF+syJv6NxOrdBGInkbjKIn+aG2 2AG63dCNEmDYWSpx1a2ERfY/SW27q3aFlBt7p9BTej4kIcmzqyvNM4bPPz4Rc7NE mlYlye9+X5GGzS2VB1JaHQMXdtk6LM6NWWq3DlG3LYdeqtQOPIkqjRBXdIP7ojKO 4vgkXsD1hTHulnAPtmiN9+SPhbhJUTq+4OJNR1Jg9eSLxbL984SF4dcM3ksK/qjZ 4y32m4OqffjeB+OuR4+GZ2VokLvkHDruVUHcoe2jl78wQe571R+aZCrxuCQ87K2p Sfm7pGtJSZ3uJlOzt/P+efAUp80rHqVHyQ13j3nQXTkrdSKp -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:25 2025 by rpki-client