This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json) Hash identifier: uJ6EhaDtxPLykQpNQwGfpIb6jcEFP0fv7xATDUXeQFU= Subject key identifier: 74:4F:2F:B9:A0:9B:D7:64:28:5E:86:16:61:6F:A5:E1:1D:C5:71:81 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 76D491257AD54BD9A37AE92596DBD049A89FE872 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa Signing time: Sat 15 Nov 2025 06:20:38 +0000 ROA not before: Sat 15 Nov 2025 06:20:38 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:d4:91:25:7a:d5:4b:d9:a3:7a:e9:25:96:db:d0:49:a8:9f:e8:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:38 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=bd0496535a1ae016f1b47c26065534441e22b7ba374c862585b587d2501a3b7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e1:68:89:99:ef:c6:4c:4d:b9:c4:90:11:f2: 7e:94:5c:09:f2:08:60:67:f2:d4:61:e4:50:6c:1a: 8d:44:85:b7:32:df:81:8a:e1:00:d3:7d:42:dc:86: f7:73:96:01:09:d0:1d:df:a0:7e:7c:bb:e6:0e:8b: 24:fd:68:3c:80:e5:cc:fd:90:7d:dd:40:27:1f:69: 12:6f:7a:cb:c3:41:13:99:e6:62:57:4c:27:5c:46: 53:49:50:b4:d9:1c:d7:ba:e8:8a:a3:05:a3:b2:0f: fe:11:d7:1a:0d:07:1e:49:cb:de:07:dc:22:65:3f: e5:b3:fc:ce:fb:5a:c7:46:e4:81:1b:ce:94:20:47: 40:8a:e7:ae:1c:b5:ff:9e:d6:0c:68:2c:60:e4:bb: 68:9a:03:2f:02:e5:24:1a:6a:84:e5:65:3f:87:64: 5c:c1:24:9e:c0:b8:63:a9:06:41:2d:83:20:21:d2: b0:f7:65:4d:fc:bd:ad:32:b6:5b:3f:e9:af:55:de: 52:91:94:f6:da:36:21:a1:2d:80:3e:11:28:ee:d2: 81:d9:87:c0:fc:e1:44:aa:de:9e:b8:5d:c6:5d:93: bc:da:41:2e:a0:92:f7:79:12:e1:72:6b:f1:28:b5: fe:93:f3:c0:cb:66:fd:e7:9e:61:7d:be:71:ac:f5: 39:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:4F:2F:B9:A0:9B:D7:64:28:5E:86:16:61:6F:A5:E1:1D:C5:71:81 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:c000::/40 Signature Algorithm: sha256WithRSAEncryption 4c:b6:15:b1:94:6e:17:76:1d:c3:db:b8:67:90:1c:cd:2d:7e: 82:1a:84:35:61:a2:73:96:cb:31:f2:10:e9:78:08:e6:66:b3: 70:c0:e3:0e:94:a7:72:20:41:68:0a:72:0d:45:04:be:00:5d: 3b:7d:2a:e8:a5:b9:86:47:bf:5f:3a:4a:49:58:b3:d1:e3:d4: 76:5d:1d:9d:bf:f0:ad:ea:fb:71:e0:03:0c:ca:9f:02:38:af: 0b:38:54:84:af:20:44:10:65:47:14:ba:ee:c6:c4:ae:b4:44: 58:88:5c:b8:8e:90:1c:d4:b2:2f:72:af:62:84:26:63:9f:94: 7f:e0:61:f6:3f:93:7f:3f:fa:d8:8a:84:d2:5c:09:de:b8:a8: 0f:21:94:42:a5:c8:c5:11:f2:6f:56:f0:fc:83:d3:b5:56:d5: f1:f2:b5:71:54:7c:cd:27:f6:db:fc:f8:e4:76:5a:f8:a2:14: 8f:cd:bc:1c:13:83:24:28:54:e7:65:61:bb:4b:5c:cf:ae:e0: 27:cc:7b:2d:35:d6:4f:37:cf:91:5f:49:f8:51:ba:2d:a8:57: 2c:91:34:92:1c:95:18:33:c3:67:6b:bf:3b:ca:98:a7:c4:aa: f6:29:02:12:28:77:b4:01:91:7f:c5:6f:f7:4c:99:ff:ed:c1: 38:13:b6:45 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdtSRJXrVS9mjeuklltvQSaif6HIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMzhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGJkMDQ5NjUzNWExYWUwMTZmMWI0N2MyNjA2NTUzNDQ0MWUyMmI3YmEzNzRj ODYyNTg1YjU4N2QyNTAxYTNiN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMrhaImZ78ZMTbnEkBHyfpRcCfIIYGfy1GHkUGwajUSFtzLfgYrhANN9QtyG 93OWAQnQHd+gfny75g6LJP1oPIDlzP2Qfd1AJx9pEm96y8NBE5nmYldMJ1xGU0lQ tNkc17roiqMFo7IP/hHXGg0HHknL3gfcImU/5bP8zvtax0bkgRvOlCBHQIrnrhy1 /57WDGgsYOS7aJoDLwLlJBpqhOVlP4dkXMEknsC4Y6kGQS2DICHSsPdlTfy9rTK2 Wz/pr1XeUpGU9to2IaEtgD4RKO7SgdmHwPzhRKrenrhdxl2TvNpBLqCS93kS4XJr 8Si1/pPzwMtm/eeeYX2+caz1OZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0Ty+5 oJvXZChehhZhb6XhHcVxgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA MA0GCSqGSIb3DQEBCwUAA4IBAQBMthWxlG4Xdh3D27hnkBzNLX6CGoQ1YaJzlssx 8hDpeAjmZrNwwOMOlKdyIEFoCnINRQS+AF07fSropbmGR79fOkpJWLPR49R2XR2d v/Ct6vtx4AMMyp8COK8LOFSEryBEEGVHFLruxsSutERYiFy4jpAc1LIvcq9ihCZj n5R/4GH2P5N/P/rYioTSXAneuKgPIZRCpcjFEfJvVvD8g9O1VtXx8rVxVHzNJ/bb /Pjkdlr4ohSPzbwcE4MkKFTnZWG7S1zPruAnzHstNdZPN8+RX0n4UbotqFcskTSS HJUYM8Nna787ypinxKr2KQISKHe0AZF/xW/3TJn/7cE4E7ZF -----END CERTIFICATE-----Generated at Sat Dec 6 21:33:37 2025 by rpki-client