This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json) Hash identifier: wnlesx42NvCnWoa+kj3WxomA2fBhzSbwQ3N/9uMEsL4= Subject key identifier: 88:16:33:9F:32:00:53:BF:41:48:FF:3E:03:0C:F7:E7:6E:4E:12:E4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 31A9BBEE5A4629B89C577D09BAB9D4EB467A307F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa Signing time: Wed 10 Dec 2025 05:40:46 +0000 ROA not before: Wed 10 Dec 2025 05:40:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01c:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:a9:bb:ee:5a:46:29:b8:9c:57:7d:09:ba:b9:d4:eb:46:7a:30:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=719ac5bdb0c13e0e30f4f18a733d0e2bd4d5766c0ce6d78a395d1d9bec0d670e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:be:ca:a2:fd:4c:cd:c8:fe:8e:d5:b2:12:cd: 7b:7a:64:09:97:91:25:e7:11:9b:fa:aa:2f:cc:a0: 32:1e:91:d3:41:00:77:7c:29:47:f8:7f:7e:30:57: 9c:4b:fd:b0:66:fa:ae:29:7a:b5:be:c9:02:e6:ed: a3:d5:76:65:f6:81:cf:bb:0d:1c:d6:39:2a:ee:d1: aa:10:34:24:84:af:d8:57:d1:b5:cd:8d:13:a7:49: 53:0e:5b:6f:e9:b7:e4:32:db:29:31:8a:2b:60:7e: 96:c5:7e:d0:4b:05:04:ff:e9:2e:e3:9b:b1:ad:93: 19:fe:b8:2d:dd:c7:69:a1:8a:b7:3e:74:8d:af:99: b2:11:e1:b6:ea:40:ed:af:e9:7a:a2:3e:6d:7d:1f: 35:41:5d:3f:8c:b5:af:03:24:4c:49:72:53:47:a4: 05:c1:50:4d:a6:05:61:25:d9:c4:c9:92:4b:84:44: 93:1f:d3:60:74:58:d5:92:18:17:4c:ea:a3:4f:73: 49:a5:ff:86:e2:51:c0:48:cd:c9:e1:07:3d:95:67: 8d:0a:81:d0:20:3a:cd:3b:95:97:46:9d:d5:33:f5: 43:b5:63:5e:51:4a:7e:72:43:df:d8:3d:4a:55:65: 29:4e:e0:8e:b2:de:43:32:34:1c:b0:98:10:85:89: a4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:16:33:9F:32:00:53:BF:41:48:FF:3E:03:0C:F7:E7:6E:4E:12:E4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01c:800::/38 Signature Algorithm: sha256WithRSAEncryption 25:ad:53:de:73:f7:6b:b6:06:ac:04:10:13:a4:2a:45:c9:fc: cf:c9:8a:8a:fe:b4:61:b2:8e:08:6d:f0:af:c0:3d:28:fd:9a: b1:9f:87:ca:0a:a9:c9:7f:cc:0a:dd:50:9f:5d:b5:93:92:ac: 69:c3:d4:1a:6f:85:a8:15:60:83:26:29:97:5f:3d:aa:b0:b2: e5:6c:25:1b:39:c6:45:2d:e4:12:52:fb:3b:bf:f7:b6:c2:26: a1:87:57:09:f9:b0:0c:a9:0a:dd:b6:c8:e6:3f:4f:32:62:14: 16:64:c7:2f:73:d9:06:84:ec:48:90:e5:36:96:3a:25:45:35: 5c:80:51:5f:c1:ca:b5:00:b1:0c:53:bc:1e:ef:fa:ab:f6:94: 7b:1b:c9:2a:11:42:4c:8a:f2:d3:f8:bb:84:7e:b6:38:ae:35: a1:4e:31:fc:5c:01:7b:95:7f:27:b8:76:a4:57:d9:2f:77:68: 14:81:08:dc:62:3a:b9:3f:aa:7e:29:cd:bc:d3:51:c2:60:35: 5c:4d:97:72:a2:9d:f0:67:4f:55:8e:48:be:4f:a7:2a:a1:8f: 37:cf:ac:90:35:da:09:a6:35:2c:80:1c:7c:e4:55:38:6f:6e: 18:e4:a0:7d:19:c9:7f:6c:5c:cd:54:16:1b:6b:24:dc:bf:ba: 8c:33:36:64 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMam77lpGKbicV30JurnU60Z6MH8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDcxOWFjNWJkYjBjMTNlMGUzMGY0ZjE4YTczM2QwZTJiZDRkNTc2NmMwY2U2 ZDc4YTM5NWQxZDliZWMwZDY3MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ2+yqL9TM3I/o7VshLNe3pkCZeRJecRm/qqL8ygMh6R00EAd3wpR/h/fjBX nEv9sGb6ril6tb7JAubto9V2ZfaBz7sNHNY5Ku7RqhA0JISv2FfRtc2NE6dJUw5b b+m35DLbKTGKK2B+lsV+0EsFBP/pLuObsa2TGf64Ld3HaaGKtz50ja+ZshHhtupA 7a/peqI+bX0fNUFdP4y1rwMkTElyU0ekBcFQTaYFYSXZxMmSS4REkx/TYHRY1ZIY F0zqo09zSaX/huJRwEjNyeEHPZVnjQqB0CA6zTuVl0ad1TP1Q7VjXlFKfnJD39g9 SlVlKU7gjrLeQzI0HLCYEIWJpJUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIFjOf MgBTv0FI/z4DDPfnbk4S5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI MA0GCSqGSIb3DQEBCwUAA4IBAQAlrVPec/drtgasBBATpCpFyfzPyYqK/rRhso4I bfCvwD0o/Zqxn4fKCqnJf8wK3VCfXbWTkqxpw9Qab4WoFWCDJimXXz2qsLLlbCUb OcZFLeQSUvs7v/e2wiahh1cJ+bAMqQrdtsjmP08yYhQWZMcvc9kGhOxIkOU2ljol RTVcgFFfwcq1ALEMU7we7/qr9pR7G8kqEUJMivLT+LuEfrY4rjWhTjH8XAF7lX8n uHakV9kvd2gUgQjcYjq5P6p+Kc2801HCYDVcTZdyop3wZ09Vjki+T6cqoY83z6yQ NdoJpjUsgBx85FU4b24Y5KB9Gcl/bFzNVBYbayTcv7qMMzZk -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:42 2025 by rpki-client