This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json) Hash identifier: tmevR6jVjqTQhCTdUvwnCKMJO/dmv8/+wVm4tNw7PAk= Subject key identifier: 1D:55:84:6E:93:ED:AA:ED:8C:E8:C0:E6:3B:A4:E9:DE:A7:92:1D:98 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 9229B5F0813C262C8ED426CD63E4BBC512D5F4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa Signing time: Sat 15 Nov 2025 05:41:07 +0000 ROA not before: Sat 15 Nov 2025 05:41:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 92:29:b5:f0:81:3c:26:2c:8e:d4:26:cd:63:e4:bb:c5:12:d5:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4880a55a27d07e86fc472d9f7212444e5523b7128c21a08bb44c2da03a336f90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4d:97:0a:d7:7d:59:78:82:90:7e:78:27:f3: ca:58:a5:a1:69:e3:89:18:9e:7f:66:19:23:cc:e7: c3:93:83:9c:08:e7:56:fb:c4:c9:7e:bc:eb:75:b8: d9:31:0c:57:7c:ad:a6:d9:0b:54:af:d5:c3:55:45: 3f:12:d2:90:18:44:76:bc:7c:d9:74:ed:60:52:a6: 6b:a7:0d:b7:62:e4:29:53:08:4f:96:d2:44:e8:c5: 22:5a:b3:72:9a:93:ba:cf:c1:59:29:b6:ba:88:e3: d9:48:6c:d8:4c:45:90:02:2f:db:bb:79:74:27:aa: 52:71:06:cc:51:8b:c1:36:9d:89:26:82:d6:8d:d5: 7b:21:d9:13:9c:61:e2:19:8c:aa:f6:04:c1:30:ed: 19:4e:a7:28:04:3a:ee:3f:ba:c0:27:c3:48:de:e4: 1d:9a:86:2c:dd:a4:17:de:4a:c3:0e:0d:20:d0:b0: 2c:3f:7b:8f:c2:8b:40:4b:4a:4a:a8:ed:23:5c:5b: 6a:b3:fe:27:de:bd:3a:d1:e2:07:9a:21:59:ad:2a: 39:47:a3:0b:83:6d:5d:24:f3:3e:15:88:0f:ed:50: 73:64:ba:d9:08:fa:8b:18:1f:9d:02:79:cf:75:6e: f6:b0:e5:72:1d:db:ad:75:08:c9:54:cd:36:2a:02: ad:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:55:84:6E:93:ED:AA:ED:8C:E8:C0:E6:3B:A4:E9:DE:A7:92:1D:98 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:5000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:10:70:f9:b6:b6:e2:41:2a:d6:60:a6:5a:92:e4:cf:bd:4a: 4c:4b:6b:15:e0:c2:85:c9:97:2c:af:25:1c:af:7d:e3:14:53: 84:71:5c:6c:70:44:49:48:9e:a6:50:b0:bf:b7:45:07:79:aa: 1b:c6:bb:3b:19:db:34:a3:9d:a5:5f:9a:23:a9:ab:b4:0a:5b: 44:cc:de:aa:49:96:f6:ec:d3:c1:f6:c0:22:2f:5b:9d:7c:48: 7d:af:24:f5:26:6d:c3:e8:c6:b9:46:6d:1a:63:9c:68:63:91: 02:04:e6:90:ba:ec:07:a3:4d:7c:fa:07:48:0b:17:81:5b:45: 07:a3:05:1d:83:99:6b:61:5e:8b:65:82:c9:79:eb:4a:f3:71: 36:99:4d:90:45:00:0b:b9:3e:19:e1:e7:83:4e:1d:40:1b:ab: 9d:d6:87:c1:80:77:d0:03:27:99:43:64:e5:7e:dc:c8:ae:aa: 64:aa:81:a9:3f:72:12:55:4f:f5:12:b2:a1:56:8f:44:34:b5: 50:17:8e:8d:30:dc:c9:8d:50:05:4a:df:9e:3b:11:cd:9b:15: b6:32:40:d4:b6:97:08:bc:d3:84:16:3c:2e:34:cc:51:fa:30: 34:5a:57:2f:8e:56:28:84:1a:0c:54:16:5b:5a:b5:ad:5f:bb: 77:13:db:e2 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAJIptfCBPCYsjtQmzWPku8US1fQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ4ODBhNTVhMjdkMDdlODZmYzQ3MmQ5ZjcyMTI0NDRlNTUyM2I3MTI4YzIx YTA4YmI0NGMyZGEwM2EzMzZmOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZNlwrXfVl4gpB+eCfzyliloWnjiRief2YZI8znw5ODnAjnVvvEyX6863W4 2TEMV3ytptkLVK/Vw1VFPxLSkBhEdrx82XTtYFKma6cNt2LkKVMIT5bSROjFIlqz cpqTus/BWSm2uojj2Uhs2ExFkAIv27t5dCeqUnEGzFGLwTadiSaC1o3VeyHZE5xh 4hmMqvYEwTDtGU6nKAQ67j+6wCfDSN7kHZqGLN2kF95Kww4NINCwLD97j8KLQEtK SqjtI1xbarP+J969OtHiB5ohWa0qOUejC4NtXSTzPhWID+1Qc2S62Qj6ixgfnQJ5 z3Vu9rDlch3brXUIyVTNNioCrc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdVYRu k+2q7YzowOY7pOnep5IdmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ MA0GCSqGSIb3DQEBCwUAA4IBAQAOEHD5trbiQSrWYKZakuTPvUpMS2sV4MKFyZcs ryUcr33jFFOEcVxscERJSJ6mULC/t0UHeaobxrs7Gds0o52lX5ojqau0CltEzN6q SZb27NPB9sAiL1udfEh9ryT1Jm3D6Ma5Rm0aY5xoY5ECBOaQuuwHo018+gdICxeB W0UHowUdg5lrYV6LZYLJeetK83E2mU2QRQALuT4Z4eeDTh1AG6ud1ofBgHfQAyeZ Q2TlftzIrqpkqoGpP3ISVU/1ErKhVo9ENLVQF46NMNzJjVAFSt+eOxHNmxW2MkDU tpcIvNOEFjwuNMxR+jA0WlcvjlYohBoMVBZbWrWtX7t3E9vi -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:36 2025 by rpki-client