This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json) Hash identifier: 0lLkgE+xMhGDl8J2C8HaXDxH7FbOYqmTBO4rUZEDTT0= Subject key identifier: 61:05:BF:3A:1A:3B:94:7E:FC:BF:3D:93:69:9C:9A:DD:EA:EF:B2:BC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 518B9EBD95A5E816180D97713A598658BBCF1CE4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa Signing time: Sat 15 Nov 2025 05:40:10 +0000 ROA not before: Sat 15 Nov 2025 05:40:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01c:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:8b:9e:bd:95:a5:e8:16:18:0d:97:71:3a:59:86:58:bb:cf:1c:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=27a34a4eef226de6bacde982b8fe12183745fe035076cb7d5b89892978567c03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:06:16:fb:63:40:86:1d:1c:81:da:bc:9c:59: c5:12:f6:64:73:22:14:54:41:44:b1:8a:03:0c:21: 43:62:11:31:1e:ed:9c:23:74:5e:c3:c2:bd:14:53: 47:2d:48:1d:ee:14:fd:4e:01:4c:ff:0d:3a:e0:df: 6d:d5:24:79:a2:ae:cc:1e:35:a7:45:35:57:4b:aa: 61:eb:78:c0:40:ac:f2:8e:cd:51:41:e7:ad:f3:8b: e5:c0:fc:05:f5:ff:15:ed:a5:e4:11:bd:a8:5e:1e: ec:89:8c:5c:ee:30:c6:d9:ca:d3:38:1f:bc:22:88: a8:ea:ef:10:cb:9d:c7:e3:9d:73:d3:0f:62:59:51: 04:29:6a:a5:66:49:e0:a2:d2:6d:8b:e0:a7:d6:1e: 03:aa:70:d1:00:3c:2b:93:da:f0:12:bb:2b:f4:e2: f2:1c:d7:89:10:71:4c:f3:a5:9c:b3:11:25:e7:be: 84:f6:bf:1f:fc:0d:de:a0:28:0f:55:c4:0a:2b:7b: d8:48:9d:7c:4d:20:5e:4d:e4:9d:e6:f4:35:9f:8d: 58:50:54:35:84:59:6e:40:a3:21:a8:fb:c7:0d:f2: 88:06:b4:5c:09:67:d8:a5:76:44:fe:31:91:4d:82: 72:e9:30:78:58:7b:d4:f1:86:61:bc:5d:7b:1d:cc: dc:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:05:BF:3A:1A:3B:94:7E:FC:BF:3D:93:69:9C:9A:DD:EA:EF:B2:BC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01c:800::/38 Signature Algorithm: sha256WithRSAEncryption 4f:2d:37:e5:6e:45:67:24:d6:db:40:d7:5f:1e:7f:9f:bb:ca: 61:80:25:66:28:90:cd:74:0e:c5:2e:40:f2:cd:af:30:96:14: 73:e9:fd:e3:3d:0b:4d:c8:bc:76:d2:01:2e:60:e9:56:0a:51: d6:e3:01:94:bb:cf:88:8d:eb:1d:90:2f:22:1c:21:5c:29:47: e9:75:b7:7f:d7:1f:55:60:9f:2b:8c:19:e1:5a:47:b9:d4:a0: a2:5c:df:72:67:8c:86:51:d5:f1:21:99:27:f3:d1:63:67:28: ef:65:53:9c:ba:77:95:06:22:75:6c:05:29:6a:3c:8f:78:16: 4b:43:5a:e2:e9:b3:c2:21:88:e5:af:e4:1d:f4:93:3d:5c:49: 1f:33:61:0e:20:8a:db:db:b7:85:9c:d6:bc:96:22:dd:d2:b2: b9:98:59:e6:e6:a2:a4:e9:4f:6c:65:32:83:3d:19:93:d2:f9: fa:35:8c:d1:ea:f5:4a:a5:5d:76:5a:bd:21:11:82:f8:35:04: 4d:01:a3:07:77:9f:21:71:85:86:18:6d:e6:92:3e:d0:e4:2b: 2d:18:a2:3e:9d:dc:f9:ad:47:41:ce:16:14:d5:c8:44:f2:a3: 6a:72:1c:45:20:d8:45:ea:d8:f1:9a:32:06:c4:27:65:25:5c: 56:22:8c:82 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUUYuevZWl6BYYDZdxOlmGWLvPHOQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDI3YTM0YTRlZWYyMjZkZTZiYWNkZTk4MmI4ZmUxMjE4Mzc0NWZlMDM1MDc2 Y2I3ZDViODk4OTI5Nzg1NjdjMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKIGFvtjQIYdHIHavJxZxRL2ZHMiFFRBRLGKAwwhQ2IRMR7tnCN0XsPCvRRT Ry1IHe4U/U4BTP8NOuDfbdUkeaKuzB41p0U1V0uqYet4wECs8o7NUUHnrfOL5cD8 BfX/Fe2l5BG9qF4e7ImMXO4wxtnK0zgfvCKIqOrvEMudx+Odc9MPYllRBClqpWZJ 4KLSbYvgp9YeA6pw0QA8K5Pa8BK7K/Ti8hzXiRBxTPOlnLMRJee+hPa/H/wN3qAo D1XECit72EidfE0gXk3kneb0NZ+NWFBUNYRZbkCjIaj7xw3yiAa0XAln2KV2RP4x kU2CcukweFh71PGGYbxdex3M3LsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhBb86 GjuUfvy/PZNpnJrd6u+yvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI MA0GCSqGSIb3DQEBCwUAA4IBAQBPLTflbkVnJNbbQNdfHn+fu8phgCVmKJDNdA7F LkDyza8wlhRz6f3jPQtNyLx20gEuYOlWClHW4wGUu8+IjesdkC8iHCFcKUfpdbd/ 1x9VYJ8rjBnhWke51KCiXN9yZ4yGUdXxIZkn89FjZyjvZVOcuneVBiJ1bAUpajyP eBZLQ1ri6bPCIYjlr+Qd9JM9XEkfM2EOIIrb27eFnNa8liLd0rK5mFnm5qKk6U9s ZTKDPRmT0vn6NYzR6vVKpV12Wr0hEYL4NQRNAaMHd58hcYWGGG3mkj7Q5CstGKI+ ndz5rUdBzhYU1chE8qNqchxFINhF6tjxmjIGxCdlJVxWIoyC -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:36 2025 by rpki-client