This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json) Hash identifier: ujWc56PwI93Ut8xCL2KM6u8eiEtwHxUuQfaOHtenOqc= Subject key identifier: 41:D1:FF:68:58:E4:FB:4C:B8:F3:99:51:4E:B7:3F:D7:63:86:24:FF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 68E3715A2B2579BDB2591D1C3B946C9337CFA1CE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa Signing time: Sat 15 Nov 2025 05:50:30 +0000 ROA not before: Sat 15 Nov 2025 05:50:30 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d012:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:e3:71:5a:2b:25:79:bd:b2:59:1d:1c:3b:94:6c:93:37:cf:a1:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:30 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=1a762677e96e568b31438da21a00adf4ebc72ac872a377f03a7c10d0e362390a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:89:38:c0:90:af:dc:24:d5:e4:3d:ad:c7:fd: c4:40:6e:d1:be:ee:88:97:3c:f2:4b:fa:ae:ec:64: 8b:23:ec:06:1e:da:59:49:2a:8f:48:04:a7:f8:f2: 47:d5:56:1a:c2:33:57:85:eb:19:6d:7e:71:44:f8: c7:31:cc:57:8d:6e:65:b4:93:d1:1e:16:44:1c:e2: 7e:3d:8f:ad:14:29:f5:24:74:21:bf:70:4d:d5:5b: 1c:80:49:52:ec:cf:48:32:b9:fc:5e:7f:1f:db:4b: 80:0c:d5:f9:32:e6:c5:19:c0:70:83:e5:b7:81:f6: b0:2c:1c:5d:a7:b5:b1:f0:f2:d5:82:64:ba:d2:17: 7e:c3:82:98:59:a7:fb:3c:d4:9e:b6:b4:2b:d6:5c: d5:2f:d8:da:13:61:56:a3:46:2c:8a:8b:43:3a:92: 1d:35:35:11:69:94:66:9c:44:8f:93:4d:b2:28:d7: 65:e7:0f:06:b8:ff:8e:d0:d3:dd:62:eb:c4:4a:13: b7:33:75:cf:01:6b:4c:f6:24:4f:83:45:85:4b:6e: b0:da:1c:25:20:db:44:be:fc:d3:35:cd:3f:3e:dd: 37:d8:dc:e2:f6:20:fb:bc:ae:f2:26:14:42:5b:d6: 3d:0b:c3:fe:8d:7f:d9:4f:df:96:8b:bc:87:2e:75: 09:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D1:FF:68:58:E4:FB:4C:B8:F3:99:51:4E:B7:3F:D7:63:86:24:FF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d012:c00::/38 Signature Algorithm: sha256WithRSAEncryption 28:c1:2e:57:1f:be:e7:0a:48:13:0a:f2:97:cb:70:9a:1c:01: c3:45:a5:da:18:8e:66:86:62:58:cf:49:17:80:f7:8d:ac:f1: 8c:7a:fa:4f:77:3f:9a:c2:ac:3c:ed:2b:3d:ac:1d:1d:1b:b0: 15:38:a3:1c:6f:ff:1a:5c:29:86:c4:06:b4:ec:c8:1d:b2:c6: ba:90:b2:42:f6:48:dc:67:01:5e:cc:1c:09:01:cc:1f:4c:9c: 50:1d:a8:1c:9d:07:8a:78:10:7a:b5:0b:08:5f:04:e9:0b:72: bb:1c:91:19:a9:2e:ee:25:7b:0a:f4:2e:54:57:22:1d:58:0a: b0:99:0e:84:29:fc:53:98:47:df:a6:a7:2d:ee:f4:ee:a6:c6: bb:5d:03:a7:50:e2:c0:50:27:42:e0:fc:ea:84:94:ed:91:f7: 29:9d:1c:71:d5:05:b5:60:c3:df:1e:32:96:c3:86:d4:48:8f: 0d:41:00:5f:59:b5:37:af:f4:82:f0:e3:48:12:3a:c0:aa:e2: 03:e5:92:92:de:2f:bb:04:37:6b:77:d2:a2:d8:d2:a4:8b:08: 19:58:62:1e:e0:82:b4:9b:19:0f:fa:fb:19:14:94:44:89:50: d8:b7:a0:d8:c0:71:cf:3d:b8:db:d7:97:23:8c:84:8b:5b:51: 22:49:10:4b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUaONxWisleb2yWR0cO5RskzfPoc4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDFhNzYyNjc3ZTk2ZTU2OGIzMTQzOGRhMjFhMDBhZGY0ZWJjNzJhYzg3MmEz NzdmMDNhN2MxMGQwZTM2MjM5MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM6JOMCQr9wk1eQ9rcf9xEBu0b7uiJc88kv6ruxkiyPsBh7aWUkqj0gEp/jy R9VWGsIzV4XrGW1+cUT4xzHMV41uZbST0R4WRBzifj2PrRQp9SR0Ib9wTdVbHIBJ UuzPSDK5/F5/H9tLgAzV+TLmxRnAcIPlt4H2sCwcXae1sfDy1YJkutIXfsOCmFmn +zzUnra0K9Zc1S/Y2hNhVqNGLIqLQzqSHTU1EWmUZpxEj5NNsijXZecPBrj/jtDT 3WLrxEoTtzN1zwFrTPYkT4NFhUtusNocJSDbRL780zXNPz7dN9jc4vYg+7yu8iYU QlvWPQvD/o1/2U/flou8hy51Cc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRB0f9o WOT7TLjzmVFOtz/XY4Yk/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM MA0GCSqGSIb3DQEBCwUAA4IBAQAowS5XH77nCkgTCvKXy3CaHAHDRaXaGI5mhmJY z0kXgPeNrPGMevpPdz+awqw87Ss9rB0dG7AVOKMcb/8aXCmGxAa07Mgdssa6kLJC 9kjcZwFezBwJAcwfTJxQHagcnQeKeBB6tQsIXwTpC3K7HJEZqS7uJXsK9C5UVyId WAqwmQ6EKfxTmEffpqct7vTupsa7XQOnUOLAUCdC4PzqhJTtkfcpnRxx1QW1YMPf HjKWw4bUSI8NQQBfWbU3r/SC8ONIEjrAquID5ZKS3i+7BDdrd9Ki2NKkiwgZWGIe 4IK0mxkP+vsZFJREiVDYt6DYwHHPPbjb15cjjISLW1EiSRBL -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:37 2025 by rpki-client