This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa File: 84b89066-b432-45c3-befb-ffa2b4be3b71.roa (raw, json) Hash identifier: qG+bU7ixcQIZfmpwsNRHth99cLRWTckMu3amAI5pgoM= Subject key identifier: 86:ED:C9:08:8F:F5:80:EB:87:E9:31:6E:B0:13:F5:DE:ED:89:88:D4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2588A79329D866751A62F44DE7794856C7611243 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa Signing time: Wed 10 Dec 2025 06:11:30 +0000 ROA not before: Wed 10 Dec 2025 06:11:30 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d078:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:88:a7:93:29:d8:66:75:1a:62:f4:4d:e7:79:48:56:c7:61:12:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:30 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=dc6933b6ccb83041e8214776e5b0f034d3ce65c4b3a7e3f0800eca85da9dec3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:ad:39:6c:fb:4b:40:e0:ac:89:d3:ea:a7:92: 4b:3f:0b:4b:16:e8:bb:3f:93:71:dc:e9:89:9f:4c: 26:84:ca:53:ea:e9:e3:2d:13:73:d5:c6:c2:a8:ee: 44:1f:92:96:fe:7a:34:8a:0c:9f:fb:bd:d4:b2:e4: bc:b6:d6:88:bf:0b:f1:ec:0f:1a:5c:10:29:20:90: 7b:31:3d:e6:01:02:1b:60:16:4f:70:1e:9f:2a:73: f4:0c:fa:fb:38:2a:27:6a:60:56:5e:4c:de:21:81: 0d:3c:0e:7b:f4:71:b6:00:00:04:de:a3:06:17:1c: ae:48:ce:91:78:7a:bb:19:87:29:2e:f2:6e:4d:f8: 38:76:22:e8:e3:cc:6a:08:bc:77:dd:e7:31:da:96: 83:49:79:3c:f5:06:bc:f0:1a:f7:72:dd:96:02:0f: 1f:94:c8:a4:ed:42:38:a7:f9:9e:d5:8f:5b:e3:39: 96:e2:f9:42:86:5e:37:38:d3:69:74:71:c2:f2:38: 08:c3:8a:53:d7:88:cb:1d:9b:72:9f:94:e8:0b:d6: bf:5d:45:c2:db:c4:5f:e1:c0:6b:50:35:a0:2d:bd: d2:42:eb:a3:10:dd:f5:4d:0b:b9:1f:77:a4:87:f3: d2:c8:62:d7:ac:2b:f8:f8:0a:82:68:f0:fa:ab:20: 56:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:ED:C9:08:8F:F5:80:EB:87:E9:31:6E:B0:13:F5:DE:ED:89:88:D4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d078:4000::/40 Signature Algorithm: sha256WithRSAEncryption 73:7f:5e:78:45:42:24:f2:b0:c9:9a:15:72:ee:1e:0b:c7:f2: 17:b8:b7:b8:53:99:db:50:b8:b2:c1:5e:97:ef:9c:d5:60:f1: ac:90:63:3e:16:f7:35:f7:10:40:04:6c:92:20:40:62:09:ad: 47:71:c2:95:55:ad:5d:c1:a0:45:73:74:c0:82:f4:eb:19:0c: c3:37:e4:64:f6:b9:c7:1d:02:1d:cf:e4:85:68:ec:a6:a0:d5: 53:e7:9b:f2:b7:3c:7e:c9:ed:af:6d:ee:cb:7c:e7:a0:63:3e: 95:0c:5a:5b:3c:cf:48:77:92:de:bf:3c:ca:76:ba:66:3a:f8: 12:73:64:ae:e1:e5:90:4f:2e:d2:92:76:c5:cd:34:f9:80:e5: 64:04:e6:00:b9:6c:70:8b:b7:7e:95:8b:15:8e:b7:61:bc:53: bf:a8:d0:41:d1:6c:5f:65:99:19:78:99:b0:e4:f0:0c:8c:5c: c7:b0:6f:fe:22:e8:fb:21:94:14:85:fe:a4:ab:de:3a:d0:16: da:3d:ae:3f:f9:e1:41:ef:8c:27:69:7f:83:d3:b5:81:95:75: 4d:43:7a:ba:35:99:ae:8c:98:e4:84:d5:38:a6:95:2d:e1:04: 09:c7:45:20:0a:df:b9:d3:da:3a:06:c4:2d:66:29:b3:08:95: e7:e5:0a:15 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJYinkynYZnUaYvRN53lIVsdhEkMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMzBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRjNjkzM2I2Y2NiODMwNDFlODIxNDc3NmU1YjBmMDM0ZDNjZTY1YzRiM2E3 ZTNmMDgwMGVjYTg1ZGE5ZGVjM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI6tOWz7S0DgrInT6qeSSz8LSxbouz+TcdzpiZ9MJoTKU+rp4y0Tc9XGwqju RB+Slv56NIoMn/u91LLkvLbWiL8L8ewPGlwQKSCQezE95gECG2AWT3Aenypz9Az6 +zgqJ2pgVl5M3iGBDTwOe/RxtgAABN6jBhccrkjOkXh6uxmHKS7ybk34OHYi6OPM agi8d93nMdqWg0l5PPUGvPAa93LdlgIPH5TIpO1COKf5ntWPW+M5luL5QoZeNzjT aXRxwvI4CMOKU9eIyx2bcp+U6AvWv11FwtvEX+HAa1A1oC290kLroxDd9U0LuR93 pIfz0shi16wr+PgKgmjw+qsgVkECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSG7ckI j/WA64fpMW6wE/Xe7YmI1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODRiODkwNjYtYjQzMi00NWMzLWJlZmItZmZhMmI0YmUzYjcxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhA MA0GCSqGSIb3DQEBCwUAA4IBAQBzf154RUIk8rDJmhVy7h4Lx/IXuLe4U5nbULiy wV6X75zVYPGskGM+Fvc19xBABGySIEBiCa1HccKVVa1dwaBFc3TAgvTrGQzDN+Rk 9rnHHQIdz+SFaOymoNVT55vytzx+ye2vbe7LfOegYz6VDFpbPM9Id5LevzzKdrpm OvgSc2Su4eWQTy7SknbFzTT5gOVkBOYAuWxwi7d+lYsVjrdhvFO/qNBB0WxfZZkZ eJmw5PAMjFzHsG/+Iuj7IZQUhf6kq9460BbaPa4/+eFB74wnaX+D07WBlXVNQ3q6 NZmujJjkhNU4ppUt4QQJx0UgCt+509o6BsQtZimzCJXn5QoV -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:52 2025 by rpki-client