This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json) Hash identifier: 8+cfgW8jM60HsxkTyRmuje83+2/arogE0V3bbVDdaAs= Subject key identifier: 70:CD:AC:FD:13:4D:34:97:8C:61:F5:44:A0:3A:36:5D:C9:1A:40:E0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4E1BCF7F9390073C52BFA0BCC03BA70AD7C39E4A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa Signing time: Wed 10 Dec 2025 05:41:06 +0000 ROA not before: Wed 10 Dec 2025 05:41:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:1b:cf:7f:93:90:07:3c:52:bf:a0:bc:c0:3b:a7:0a:d7:c3:9e:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e0cc5e3ad1be22bb3410fd93791df916bd89619ec95b406a18b4a0ce850e13f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ad:57:04:5d:c7:8f:97:d6:e1:ab:ba:54:7c: df:55:ba:5b:01:5d:7c:4e:df:09:c4:8f:ff:29:14: 41:db:a2:9a:a8:59:b2:73:c5:9c:96:9b:4d:a8:7a: 69:5f:0e:25:98:92:5e:4e:1c:ac:3a:c6:71:39:4c: 60:54:04:4d:9b:46:04:c5:46:12:8d:df:79:a1:75: a4:28:9f:19:83:95:7a:88:5a:59:2f:89:c5:04:d0: 56:fc:0d:3f:7a:d9:46:1b:90:48:41:49:b6:92:6a: 04:e4:72:e8:e7:01:27:98:60:11:89:49:59:59:c0: b8:b4:b2:2c:6e:15:79:9f:4e:01:0c:af:c2:eb:53: 4d:54:c0:69:2d:62:3c:28:69:1d:1d:b8:5c:1d:47: 5f:32:b1:7c:9f:ea:93:0c:c5:9e:24:da:a4:21:41: fe:49:14:ea:c3:c7:52:cf:cf:4d:e0:8d:f8:0d:d5: 8d:6c:59:a2:34:a7:bb:b6:ba:f4:3b:a3:73:ad:b1: 49:87:10:40:1f:e1:e4:b9:03:26:d3:68:3a:0b:fa: be:25:31:cb:29:63:ba:57:9a:25:07:fa:a7:8b:b0: e6:1c:e7:26:06:94:42:50:b9:99:3e:d0:c4:45:0f: 69:c4:87:04:74:c2:fb:51:69:fb:41:c6:a6:26:a4: c5:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:CD:AC:FD:13:4D:34:97:8C:61:F5:44:A0:3A:36:5D:C9:1A:40:E0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:2000::/40 Signature Algorithm: sha256WithRSAEncryption 54:90:98:de:9c:3a:c7:08:88:0c:6c:ff:04:ad:4e:1b:bf:5b: 81:7a:87:7b:63:50:67:c8:90:e4:e9:34:0e:00:65:13:c8:89: 53:0a:0a:30:c9:f1:ef:85:14:68:a3:18:57:46:3d:06:ad:5c: b9:28:5a:6c:96:3a:db:b4:3f:8d:79:de:84:77:2b:14:9f:a3: 7d:d2:81:d2:82:4a:d0:ed:9c:79:5a:55:9d:c6:36:9a:5e:fd: e0:2b:af:ed:6d:23:e5:0c:07:e2:45:b2:d3:a5:d3:32:16:61: 11:c1:a7:22:0d:d1:f1:fc:ef:1f:81:45:d2:8d:c9:dd:a6:0d: 79:fd:72:e2:49:b3:0a:89:84:5c:a2:47:09:66:82:1d:67:12: 95:24:c0:2e:a2:df:a5:dc:bd:46:df:3c:47:bf:b6:99:64:bb: 35:f8:23:30:30:d3:ee:81:4c:dc:ae:6c:7b:56:ab:d6:e1:27: 72:8c:82:a5:db:75:98:c6:73:a3:f5:28:fb:d9:5e:70:f5:81: e1:c0:33:23:16:7a:fa:1d:98:08:72:0b:83:f9:38:0d:ed:f6: 11:ef:b1:10:1f:d5:57:4e:04:58:9e:1f:ab:7a:c3:84:08:26: 24:2d:ec:bd:5d:81:7f:a9:3a:9d:d0:9e:14:0e:ee:01:0b:e2: 09:ab:35:e7 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUThvPf5OQBzxSv6C8wDunCtfDnkowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGUwY2M1ZTNhZDFiZTIyYmIzNDEwZmQ5Mzc5MWRmOTE2YmQ4OTYxOWVjOTVi NDA2YTE4YjRhMGNlODUwZTEzZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKKtVwRdx4+X1uGrulR831W6WwFdfE7fCcSP/ykUQduimqhZsnPFnJabTah6 aV8OJZiSXk4crDrGcTlMYFQETZtGBMVGEo3feaF1pCifGYOVeohaWS+JxQTQVvwN P3rZRhuQSEFJtpJqBORy6OcBJ5hgEYlJWVnAuLSyLG4VeZ9OAQyvwutTTVTAaS1i PChpHR24XB1HXzKxfJ/qkwzFniTapCFB/kkU6sPHUs/PTeCN+A3VjWxZojSnu7a6 9Dujc62xSYcQQB/h5LkDJtNoOgv6viUxyyljuleaJQf6p4uw5hznJgaUQlC5mT7Q xEUPacSHBHTC+1Fp+0HGpiakxTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwzaz9 E000l4xh9USgOjZdyRpA4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g MA0GCSqGSIb3DQEBCwUAA4IBAQBUkJjenDrHCIgMbP8ErU4bv1uBeod7Y1BnyJDk 6TQOAGUTyIlTCgowyfHvhRRooxhXRj0GrVy5KFpsljrbtD+Ned6EdysUn6N90oHS gkrQ7Zx5WlWdxjaaXv3gK6/tbSPlDAfiRbLTpdMyFmERwaciDdHx/O8fgUXSjcnd pg15/XLiSbMKiYRcokcJZoIdZxKVJMAuot+l3L1G3zxHv7aZZLs1+CMwMNPugUzc rmx7VqvW4SdyjIKl23WYxnOj9Sj72V5w9YHhwDMjFnr6HZgIcguD+TgN7fYR77EQ H9VXTgRYnh+resOECCYkLey9XYF/qTqd0J4UDu4BC+IJqzXn -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:20 2025 by rpki-client