This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa File: 88e98e26-39c9-4a1c-82e8-cc63267ca942.roa (raw, json) Hash identifier: 7QfXSrOAO1HLsE5R3y8EnYs9y/MK2fnartn/d2Pey2A= Subject key identifier: 81:0F:E1:76:B5:09:AD:5A:D8:59:A5:E6:DB:AD:DA:13:12:DF:EB:72 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1B2A2860C941E68C1D1B27255B83A7C55DD1DFFE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa Signing time: Tue 25 Nov 2025 20:00:41 +0000 ROA not before: Tue 25 Nov 2025 20:00:41 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:8020::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:2a:28:60:c9:41:e6:8c:1d:1b:27:25:5b:83:a7:c5:5d:d1:df:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:41 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=2f3544960ea6e4c7f555b1ad4a6e24d91bcc077a2c25e6b354ba1fc70b816a9b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:88:5f:78:07:e3:9c:2c:3e:28:99:96:53:be: bb:0a:34:18:e0:2b:ca:b9:a5:80:9b:7d:ce:f7:ef: 2d:5b:02:07:ee:f9:ec:5a:37:57:44:0d:7b:d9:4b: 34:e8:e3:b3:90:84:5f:de:c1:9c:6f:6a:dc:43:a1: 2a:11:97:14:ea:02:67:9f:c4:23:00:be:9d:30:81: b9:5e:7e:51:5b:d1:5e:02:e0:95:fb:a9:6d:ad:7e: 89:10:33:1f:db:66:f4:a0:1b:6d:21:2a:aa:e0:a1: 8a:99:8e:c8:71:fb:59:c5:66:01:2e:82:bd:b9:ab: fa:c6:20:63:7a:02:12:39:81:4b:a1:f1:97:45:f6: a3:8d:0e:85:1a:0a:6e:92:79:f3:19:b4:a9:c6:c3: 0f:9e:3e:19:b2:ba:39:c9:72:60:b2:b0:45:c3:b7: a9:22:28:fd:da:df:41:aa:04:54:74:cd:4e:d9:42: 5f:a3:30:e3:48:77:d7:43:24:1e:76:e6:d4:61:07: 17:57:47:98:0f:90:fb:66:26:43:54:ec:7d:6b:be: b4:74:75:33:62:de:88:e6:0c:53:66:a6:41:77:ad: 68:b7:93:d6:31:24:33:04:a2:d4:9f:79:05:51:03: 9d:87:c3:69:fa:fe:6c:2d:a0:ec:18:31:b0:9d:bf: 0c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:0F:E1:76:B5:09:AD:5A:D8:59:A5:E6:DB:AD:DA:13:12:DF:EB:72 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:8020::/46 Signature Algorithm: sha256WithRSAEncryption a0:a6:b3:fc:bb:b5:ae:fb:fc:a8:51:d4:87:f9:d4:9a:9e:23: cc:ad:b8:e5:87:39:6c:de:56:c1:e1:db:39:16:00:b0:94:d7: 37:d6:67:a8:f9:32:d1:a2:04:08:49:86:41:d8:d1:31:af:dc: ab:81:ad:b0:13:61:4e:ff:b6:39:a2:44:59:49:60:ea:43:a8: 79:68:60:ec:fe:9a:dc:44:9f:96:bc:55:cf:4d:2e:1f:5b:9a: 67:b0:c6:7e:75:e7:fc:fc:89:0c:d7:67:79:10:b8:d7:c4:b7: 7d:84:86:8a:0c:73:28:02:9f:87:c5:78:de:22:59:63:01:e6: 56:7a:69:4f:84:7f:bf:1b:bc:62:2b:c4:11:a9:2f:76:f8:36: 12:90:64:42:7d:2e:1f:05:5c:da:f1:95:05:63:64:25:90:a7: 88:bd:8c:b4:ee:6c:32:b5:73:7b:b6:ba:2e:46:cd:ad:3f:39: 05:a1:eb:82:5a:54:fe:36:1a:7c:8d:3d:00:71:d9:92:0d:e1: 7f:59:86:c0:98:fa:aa:2e:c0:c0:b3:36:a5:0f:4d:67:a3:79: 29:32:30:69:e0:85:8e:76:fc:ab:31:6d:91:ac:df:04:38:11: 27:d4:82:71:e8:22:74:c6:20:89:6f:07:26:9a:6c:80:fa:28: ca:b9:c2:22 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUGyooYMlB5owdGyclW4OnxV3R3/4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwNDFaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDJmMzU0NDk2MGVhNmU0YzdmNTU1YjFhZDRhNmUyNGQ5MWJjYzA3N2EyYzI1 ZTZiMzU0YmExZmM3MGI4MTZhOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN2IX3gH45wsPiiZllO+uwo0GOAryrmlgJt9zvfvLVsCB+757Fo3V0QNe9lL NOjjs5CEX97BnG9q3EOhKhGXFOoCZ5/EIwC+nTCBuV5+UVvRXgLglfupba1+iRAz H9tm9KAbbSEqquChipmOyHH7WcVmAS6Cvbmr+sYgY3oCEjmBS6Hxl0X2o40OhRoK bpJ58xm0qcbDD54+GbK6OclyYLKwRcO3qSIo/drfQaoEVHTNTtlCX6Mw40h310Mk Hnbm1GEHF1dHmA+Q+2YmQ1TsfWu+tHR1M2LeiOYMU2amQXetaLeT1jEkMwSi1J95 BVEDnYfDafr+bC2g7BgxsJ2/DDkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBD+F2 tQmtWthZpebbrdoTEt/rcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODhlOThlMjYtMzljOS00YTFjLTgyZTgtY2M2MzI2N2NhOTQyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA IDANBgkqhkiG9w0BAQsFAAOCAQEAoKaz/Lu1rvv8qFHUh/nUmp4jzK245Yc5bN5W weHbORYAsJTXN9ZnqPky0aIECEmGQdjRMa/cq4GtsBNhTv+2OaJEWUlg6kOoeWhg 7P6a3ESflrxVz00uH1uaZ7DGfnXn/PyJDNdneRC418S3fYSGigxzKAKfh8V43iJZ YwHmVnppT4R/vxu8YivEEakvdvg2EpBkQn0uHwVc2vGVBWNkJZCniL2MtO5sMrVz e7a6LkbNrT85BaHrglpU/jYafI09AHHZkg3hf1mGwJj6qi7AwLM2pQ9NZ6N5KTIw aeCFjnb8qzFtkazfBDgRJ9SCcegidMYgiW8HJppsgPooyrnCIg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:27 2025 by rpki-client