This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa File: 7af2d4a0-df22-4933-b605-1ecbbd66f982.roa (raw, json) Hash identifier: pEh8wQC0vgGgu46lCrsTZPCibthq+XEo2a0PwRoABqA= Subject key identifier: CE:1B:20:D9:A6:72:19:33:15:79:3A:47:90:29:DF:46:B6:CA:E6:B7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 46E9DD7C451C1EBF5EBA6A55918450A98664663C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa Signing time: Sat 15 Nov 2025 05:50:14 +0000 ROA not before: Sat 15 Nov 2025 05:50:14 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d015:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:e9:dd:7c:45:1c:1e:bf:5e:ba:6a:55:91:84:50:a9:86:64:66:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:14 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=40e8d2c4da126fd7f48a9e4155d890f25f71ff2a8cf8e6df5f527ce533a71db8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:23:7a:42:89:ce:cf:8e:ac:00:1c:1e:0c:d0: 8d:de:02:f8:da:73:e6:f2:c1:b7:b1:34:e8:a5:fb: ca:a6:36:49:f3:05:d0:8a:14:5a:08:80:7e:9f:20: 89:56:bf:ce:5a:65:7a:7b:77:fb:ac:1f:44:33:10: 34:5b:6d:15:6b:06:32:96:9c:46:78:83:c7:fb:91: 0e:af:d6:12:a2:91:d0:f4:79:de:67:42:88:fe:5a: 6d:57:03:16:63:d3:5b:c2:3a:a4:43:bb:d9:58:e2: 3b:bf:96:b6:d6:4d:e6:00:cf:92:0a:69:b1:b1:80: df:46:dc:8b:03:06:8b:a0:17:bd:54:bf:9a:a2:ca: d8:fe:b4:97:44:17:ff:2f:ea:be:f6:84:e9:3c:c8: 15:b1:ee:db:22:3f:8f:42:09:71:69:5a:48:82:ad: 48:db:de:8f:3d:14:80:af:e7:e6:bb:8a:dc:8f:c8: e1:41:ae:60:f7:3b:15:e3:fd:f0:74:87:ac:06:a9: f0:46:00:ad:f5:74:10:e2:24:4a:3d:3e:d6:d4:3f: 5d:da:e3:fd:4b:cd:d5:48:27:07:2e:46:6a:b0:fa: b5:30:47:4f:8f:6a:7b:57:d9:77:dd:0a:4e:ae:f8: cc:9d:c8:79:41:d9:63:cc:e5:ab:77:a6:1b:ab:3d: e9:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:1B:20:D9:A6:72:19:33:15:79:3A:47:90:29:DF:46:B6:CA:E6:B7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d015:c00::/38 Signature Algorithm: sha256WithRSAEncryption 73:06:50:9e:11:b8:de:cf:59:6e:34:1d:f0:e0:dd:f0:63:fc: 53:5e:8d:91:ee:ef:cd:4b:9d:06:44:37:90:a2:3f:4b:71:5a: aa:1d:8f:a0:fb:61:86:7e:d3:f6:f0:e3:f1:c3:99:87:0f:7a: 92:27:c8:48:e9:f0:f9:33:b0:9a:82:fa:b1:76:01:d1:82:7f: 5a:a9:93:c2:f8:ba:34:3e:72:21:aa:83:a8:91:db:2e:e0:22: 98:42:94:9a:63:8b:27:cf:e6:e0:54:1a:fa:b4:58:b9:8a:d6: f4:cf:00:cb:37:5f:fb:5c:97:d4:8c:de:ba:3b:6a:1d:f9:d5: f9:1a:88:62:33:73:cb:5e:4a:d7:03:0f:0a:b3:ae:b6:96:39: 96:4d:dd:78:08:8a:5c:98:e5:76:f3:19:02:a9:1c:2d:3f:74: 19:fa:e9:e1:96:86:8b:d4:b7:0a:b5:d6:40:40:53:0f:3f:3f: 18:4b:b7:6b:4b:57:ad:0c:2c:c3:63:57:27:97:18:a7:6b:19: e4:da:1f:05:ff:43:e8:c6:51:33:e1:24:e5:66:ad:b3:e9:72: dd:50:86:c2:2a:18:3b:ca:f8:25:2c:5f:61:cc:70:26:31:1d: c3:e6:04:a6:12:fa:ef:28:57:c2:68:23:9d:ff:50:88:56:a1: b2:9f:1a:f9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURundfEUcHr9eumpVkYRQqYZkZjwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQwZThkMmM0ZGExMjZmZDdmNDhhOWU0MTU1ZDg5MGYyNWY3MWZmMmE4Y2Y4 ZTZkZjVmNTI3Y2U1MzNhNzFkYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANEjekKJzs+OrAAcHgzQjd4C+Npz5vLBt7E06KX7yqY2SfMF0IoUWgiAfp8g iVa/zlplent3+6wfRDMQNFttFWsGMpacRniDx/uRDq/WEqKR0PR53mdCiP5abVcD FmPTW8I6pEO72VjiO7+WttZN5gDPkgppsbGA30bciwMGi6AXvVS/mqLK2P60l0QX /y/qvvaE6TzIFbHu2yI/j0IJcWlaSIKtSNvejz0UgK/n5ruK3I/I4UGuYPc7FeP9 8HSHrAap8EYArfV0EOIkSj0+1tQ/Xdrj/UvN1UgnBy5GarD6tTBHT49qe1fZd90K Tq74zJ3IeUHZY8zlq3emG6s96ZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOGyDZ pnIZMxV5OkeQKd9GtsrmtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2FmMmQ0YTAtZGYyMi00OTMzLWI2MDUtMWVjYmJkNjZmOTgyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUM MA0GCSqGSIb3DQEBCwUAA4IBAQBzBlCeEbjez1luNB3w4N3wY/xTXo2R7u/NS50G RDeQoj9LcVqqHY+g+2GGftP28OPxw5mHD3qSJ8hI6fD5M7CagvqxdgHRgn9aqZPC +Lo0PnIhqoOokdsu4CKYQpSaY4snz+bgVBr6tFi5itb0zwDLN1/7XJfUjN66O2od +dX5GohiM3PLXkrXAw8Ks662ljmWTd14CIpcmOV28xkCqRwtP3QZ+unhloaL1LcK tdZAQFMPPz8YS7drS1etDCzDY1cnlxinaxnk2h8F/0PoxlEz4STlZq2z6XLdUIbC Khg7yvglLF9hzHAmMR3D5gSmEvrvKFfCaCOd/1CIVqGynxr5 -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:29 2025 by rpki-client