This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa File: 8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa (raw, json) Hash identifier: hRtHSwvasoh37z0A2AO2GCP/fR8jhdW7U3hFYsBsbEM= Subject key identifier: 52:59:50:BA:7A:EC:B0:50:A2:4D:BB:9A:E6:D3:3E:E8:C7:8C:93:EB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 14457506E3D59082A60477BD23DD8F189E427B1B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa Signing time: Sat 15 Nov 2025 06:20:54 +0000 ROA not before: Sat 15 Nov 2025 06:20:54 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:45:75:06:e3:d5:90:82:a6:04:77:bd:23:dd:8f:18:9e:42:7b:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:54 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=046c4498bd6be35d1e1d88a07fd3c4b5fda3387519b08eddd441edeebc42a8c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:08:76:3f:84:0c:0e:ed:82:8b:c7:97:b6:90: 52:28:1b:f6:62:bd:ed:4c:73:3a:53:fd:36:4b:f7: fa:80:de:40:28:bc:69:cb:47:77:38:44:b7:df:f2: 48:2f:9f:dd:c0:9c:96:86:30:17:21:dc:fd:85:2e: 66:00:26:96:32:1c:eb:22:a5:d6:54:83:ba:e4:15: b2:3d:1e:1b:ad:b0:a3:cc:ff:fd:a7:c8:b6:68:64: dc:ac:cb:0d:90:75:b3:bc:cc:d6:ac:49:32:14:f0: e3:8e:c7:82:24:8e:97:6c:97:76:e1:e1:26:fd:50: 3f:76:bc:a6:fa:aa:be:a2:08:5c:7c:bf:18:9e:f8: d3:52:47:d5:58:c4:3a:07:15:e9:8a:e3:b3:40:fb: c9:64:e8:6a:03:92:04:bc:bc:8a:a5:0c:ce:dc:66: 2b:35:1c:44:f3:ec:29:be:d4:76:5d:88:16:1b:f3: 9c:de:2a:5b:8c:20:5d:5a:3b:0a:7d:57:7d:a5:ca: 47:e3:8c:e1:53:49:0d:a7:bf:ee:f9:93:6a:e8:84: b6:9d:4b:df:ce:f2:3b:da:fc:70:9f:1b:3b:5c:88: 6c:12:91:23:49:50:4d:1a:03:4e:6b:58:ff:80:e5: dd:34:f0:21:44:54:5a:94:70:ae:d7:12:2a:87:67: c9:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:59:50:BA:7A:EC:B0:50:A2:4D:BB:9A:E6:D3:3E:E8:C7:8C:93:EB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:8000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:ef:95:54:44:8d:fb:b0:03:bd:1d:a3:dd:2a:16:33:c7:d4: 5c:e8:14:36:89:17:a4:f9:58:95:36:cf:0f:d7:8f:28:fa:c4: 53:6a:84:60:1b:63:75:ff:70:56:1a:b5:9f:a7:1d:40:6c:07: 65:77:f2:16:6c:c4:a2:e3:53:19:e5:5b:96:d6:d2:58:c7:f2: ec:3b:66:90:fa:25:60:2a:4e:60:0b:ea:b9:9b:ed:f5:29:c3: 1e:4b:68:0c:2e:86:0d:a8:a0:a9:ca:62:77:1f:6f:e6:59:58: 3b:bb:49:41:4f:01:fc:f2:e3:e1:b4:5e:dd:01:ef:70:c0:ad: 22:02:5d:7c:74:d4:d2:b3:d2:b7:bc:05:a1:e0:7f:9f:10:36: 95:3e:d6:7b:08:37:3b:47:0d:3e:00:cd:6c:4d:8d:c8:e6:48: 8e:7d:50:a7:cd:56:e2:dc:b7:bb:24:52:d7:c8:31:36:77:d7: da:46:f2:b5:5d:c2:4e:d8:af:b7:1a:fe:20:ff:d9:73:5d:e7: 75:7d:a0:9a:b6:b5:b3:d9:30:0b:06:6a:11:7b:a1:35:a9:c5: 88:f2:3a:3c:52:bc:21:fc:7d:33:32:79:55:b2:1e:44:9e:57: 5e:a5:76:93:0f:20:0f:b7:81:ab:2b:3c:4b:3a:47:1a:b2:95: 33:21:d1:2e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFEV1BuPVkIKmBHe9I92PGJ5CexswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwNTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA0NmM0NDk4YmQ2YmUzNWQxZTFkODhhMDdmZDNjNGI1ZmRhMzM4NzUxOWIw OGVkZGQ0NDFlZGVlYmM0MmE4YzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOEIdj+EDA7tgovHl7aQUigb9mK97UxzOlP9Nkv3+oDeQCi8actHdzhEt9/y SC+f3cCcloYwFyHc/YUuZgAmljIc6yKl1lSDuuQVsj0eG62wo8z//afItmhk3KzL DZB1s7zM1qxJMhTw447HgiSOl2yXduHhJv1QP3a8pvqqvqIIXHy/GJ7401JH1VjE OgcV6Yrjs0D7yWToagOSBLy8iqUMztxmKzUcRPPsKb7Udl2IFhvznN4qW4wgXVo7 Cn1XfaXKR+OM4VNJDae/7vmTauiEtp1L387yO9r8cJ8bO1yIbBKRI0lQTRoDTmtY /4Dl3TTwIURUWpRwrtcSKodnyXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSWVC6 euywUKJNu5rm0z7ox4yT6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGE1N2U5ODItYzZiOC00YWE3LWIzMGEtMzhiZWQ2NGRmYzMxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A MA0GCSqGSIb3DQEBCwUAA4IBAQAP75VURI37sAO9HaPdKhYzx9Rc6BQ2iRek+ViV Ns8P148o+sRTaoRgG2N1/3BWGrWfpx1AbAdld/IWbMSi41MZ5VuW1tJYx/LsO2aQ +iVgKk5gC+q5m+31KcMeS2gMLoYNqKCpymJ3H2/mWVg7u0lBTwH88uPhtF7dAe9w wK0iAl18dNTSs9K3vAWh4H+fEDaVPtZ7CDc7Rw0+AM1sTY3I5kiOfVCnzVbi3Le7 JFLXyDE2d9faRvK1XcJO2K+3Gv4g/9lzXed1faCatrWz2TALBmoRe6E1qcWI8jo8 Urwh/H0zMnlVsh5EnldepXaTDyAPt4GrKzxLOkcaspUzIdEu -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:51 2025 by rpki-client