This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json) Hash identifier: ENDK/8diyOjInTMZsjBd2JNXO+sT6fdpn87amrUhOMU= Subject key identifier: 52:EE:79:56:93:2C:57:D6:FF:B9:5A:D5:47:38:F2:EF:F3:E6:2F:7D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 35C7205BC1CA0D47BCC1C4E70BC2D32F0FE67F71 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa Signing time: Tue 02 Dec 2025 01:51:23 +0000 ROA not before: Tue 02 Dec 2025 01:51:23 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d030:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:c7:20:5b:c1:ca:0d:47:bc:c1:c4:e7:0b:c2:d3:2f:0f:e6:7f:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:23 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=b79387594649727c965d63a3b8395f2b58310201ef1f192ee2d2a22493370f6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:e5:5a:96:12:c0:46:04:73:b0:e9:03:8e:88: 9c:4c:b1:a6:a6:fe:8f:f6:56:35:88:a9:07:01:66: ed:c0:fe:67:eb:ee:24:6e:6f:b3:36:0c:eb:c9:bb: c0:a1:a7:63:82:47:ff:93:15:96:74:fc:37:6e:b5: fa:ad:9b:61:fa:4e:41:6d:b3:d1:63:1a:76:62:13: f8:20:3b:d8:31:a7:16:e1:fc:0c:2f:50:70:48:86: a1:b2:39:84:83:7c:a2:9b:32:0b:6d:44:82:fb:af: d1:5b:56:d9:99:30:94:d3:4e:ae:01:c7:26:bf:e4: ce:1e:f6:88:9e:cf:45:2e:95:e1:a0:81:0c:71:da: 74:3c:27:14:14:5f:ff:7f:c1:44:9a:00:04:15:c6: bd:dc:d5:b9:83:f3:74:75:fb:49:dc:0e:9d:2e:19: a8:26:57:ce:e8:76:23:0b:38:e7:a1:c6:71:d5:3a: 5d:1b:86:77:52:14:d0:a5:16:19:26:e4:40:ee:68: f9:86:2e:05:52:db:6f:97:9d:09:2a:27:71:cc:b4: e2:07:fb:1d:e5:dc:09:3a:2a:f2:a2:ae:63:7e:eb: 2a:a4:3e:bd:df:9e:89:c3:38:77:a0:d9:29:8b:8f: 2f:c8:8a:ad:ea:e4:0a:8f:ca:77:c9:36:3c:8e:23: b2:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:EE:79:56:93:2C:57:D6:FF:B9:5A:D5:47:38:F2:EF:F3:E6:2F:7D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:c000::/40 Signature Algorithm: sha256WithRSAEncryption 95:7e:51:e3:62:ff:94:1e:99:7f:82:4b:f6:d0:ac:6f:6d:3c: 3a:c8:fb:e2:dd:a7:27:4f:20:a9:cb:a2:82:2d:d6:64:cf:17: ca:6c:eb:68:d3:ea:2b:0a:58:76:7c:f3:e6:18:bb:0d:c9:f6: 23:05:a2:c9:14:2c:e2:b5:dd:19:40:5a:fc:d3:ca:58:71:43: 08:10:23:fd:f4:3c:4b:f7:90:78:ea:32:be:3e:e5:8f:c4:33: 05:90:a0:0b:35:2a:28:d0:82:29:66:66:85:ae:5d:79:bc:d7: dc:d4:15:c3:33:a1:19:1e:98:c2:43:46:81:d9:7c:90:f2:23: 03:ee:d7:d5:94:c4:ad:cc:91:30:85:d7:ca:d6:cf:f0:12:33: 65:26:33:b4:57:a3:ef:81:8c:1b:1b:b6:38:2e:a5:38:3e:97: f3:41:d2:31:be:7d:97:5a:1f:0c:f3:41:71:87:df:7a:9d:af: ff:f4:ce:a3:9f:04:c6:0d:f9:e1:8b:d7:b5:c3:df:33:db:79: a7:af:17:ff:60:24:cf:8a:ae:b2:2d:2c:83:c6:15:07:30:a2: 03:6e:33:e6:f6:71:3d:fd:9b:81:3d:7e:02:f7:a1:c2:44:ce: 45:77:b6:e4:1b:42:b4:c8:17:d6:ea:3a:dc:da:e6:ed:5e:c5: cf:dc:cf:4c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNccgW8HKDUe8wcTnC8LTLw/mf3EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMjNaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGI3OTM4NzU5NDY0OTcyN2M5NjVkNjNhM2I4Mzk1ZjJiNTgzMTAyMDFlZjFm MTkyZWUyZDJhMjI0OTMzNzBmNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnlWpYSwEYEc7DpA46InEyxpqb+j/ZWNYipBwFm7cD+Z+vuJG5vszYM68m7 wKGnY4JH/5MVlnT8N261+q2bYfpOQW2z0WMadmIT+CA72DGnFuH8DC9QcEiGobI5 hIN8opsyC21Egvuv0VtW2ZkwlNNOrgHHJr/kzh72iJ7PRS6V4aCBDHHadDwnFBRf /3/BRJoABBXGvdzVuYPzdHX7SdwOnS4ZqCZXzuh2Iws456HGcdU6XRuGd1IU0KUW GSbkQO5o+YYuBVLbb5edCSonccy04gf7HeXcCToq8qKuY37rKqQ+vd+eicM4d6DZ KYuPL8iKrerkCo/Kd8k2PI4jsq8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRS7nlW kyxX1v+5WtVHOPLv8+YvfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA MA0GCSqGSIb3DQEBCwUAA4IBAQCVflHjYv+UHpl/gkv20KxvbTw6yPvi3acnTyCp y6KCLdZkzxfKbOto0+orClh2fPPmGLsNyfYjBaLJFCzitd0ZQFr808pYcUMIECP9 9DxL95B46jK+PuWPxDMFkKALNSoo0IIpZmaFrl15vNfc1BXDM6EZHpjCQ0aB2XyQ 8iMD7tfVlMStzJEwhdfK1s/wEjNlJjO0V6PvgYwbG7Y4LqU4PpfzQdIxvn2XWh8M 80Fxh996na//9M6jnwTGDfnhi9e1w98z23mnrxf/YCTPiq6yLSyDxhUHMKIDbjPm 9nE9/ZuBPX4C96HCRM5Fd7bkG0K0yBfW6jrc2ubtXsXP3M9M -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:48 2025 by rpki-client