This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa File: 93549c76-d7f3-48f4-9e55-b485fec00b13.roa (raw, json) Hash identifier: egvMWpVo9GPZY6jYf8b8QnreCp4x58YJTM+RWjvJiYg= Subject key identifier: 68:8E:AD:0F:78:F9:62:BA:99:58:0A:C9:3D:74:1E:51:CC:02:BA:96 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 33A6012154248705C113D4883D65F96F195EA786 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa Signing time: Sat 06 Dec 2025 04:00:36 +0000 ROA not before: Sat 06 Dec 2025 04:00:36 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07b:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:a6:01:21:54:24:87:05:c1:13:d4:88:3d:65:f9:6f:19:5e:a7:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 04:00:36 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=afddfa91b30a39b169961509345aa00976ecd11aa2ced033a14cf3cde6d86f9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:61:d6:14:87:f5:da:2a:02:87:27:ac:42:1d: 52:3f:56:4a:27:62:3b:4f:1a:29:25:62:4a:e0:73: 43:7a:cf:e4:36:04:db:23:30:db:82:91:fc:99:e3: 75:9a:75:fa:1a:4b:14:da:c9:04:40:26:6c:5f:cc: 12:94:c9:6a:20:b3:3b:4b:c9:17:bc:db:2c:b6:c1: 17:f7:d4:86:d4:42:5f:ee:86:d0:a7:5a:26:27:f3: 1f:0f:35:77:22:ab:c2:1b:45:cd:d0:b0:69:44:c7: 76:6f:d7:f1:ca:df:45:7e:7c:de:19:f3:93:21:37: f3:03:c5:e3:1e:69:e1:4a:0a:95:63:39:ba:a2:ee: 84:3f:c3:3f:5c:21:ba:ad:fa:74:ef:cc:9c:4d:99: 20:b0:9b:a6:70:f3:0a:1b:30:22:80:48:29:02:33: 48:30:68:0e:35:20:17:51:c0:cd:3e:af:54:ac:48: cb:56:cb:b5:1d:19:cd:b1:6f:60:2a:0b:ed:9d:b2: 8d:b4:cb:5b:cb:29:c2:7c:46:da:d8:f4:66:1d:73: b2:87:70:6d:33:59:05:1d:f8:d9:cc:33:d7:c5:47: dc:d0:a3:56:31:8d:81:58:b9:7a:f7:83:34:c2:b4: f6:a3:3b:2a:10:67:28:d6:6a:bc:9d:bf:82:8b:cd: 86:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:8E:AD:0F:78:F9:62:BA:99:58:0A:C9:3D:74:1E:51:CC:02:BA:96 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07b:a000::/40 Signature Algorithm: sha256WithRSAEncryption 48:74:58:95:0c:3d:1c:2b:7c:ad:66:02:8b:b7:45:7c:3e:1a: 35:f9:99:1c:60:df:6f:29:af:2d:72:ca:3a:01:8f:3b:18:1f: 4f:26:12:31:29:4b:a2:45:8b:2a:3c:37:da:7e:56:04:4b:0f: 0b:93:de:d0:76:ba:39:13:54:70:e2:7d:b9:43:a6:da:b8:cd: 97:7c:e1:58:da:54:df:b3:5d:34:c4:e5:fb:18:0b:f8:7e:1e: 92:ec:44:da:01:20:a7:3b:4d:50:6d:71:e1:b1:89:9c:87:af: ca:5c:fc:79:02:29:d4:f7:56:c4:3f:9e:02:28:1e:2d:ee:63: 47:fe:73:e7:b8:e0:f2:74:af:d3:98:9b:48:90:18:c3:81:dd: e9:eb:40:fe:45:b8:e4:d4:e4:e7:07:1d:bb:fb:7f:52:a0:b9: dc:35:32:ee:30:8b:b3:5a:48:3f:6c:f0:9a:b2:39:e6:4c:bd: ae:e1:0f:5c:ad:9e:07:41:11:5f:6d:2a:97:d6:e6:e8:6e:a3: 97:ea:ab:35:e1:8d:aa:12:63:d9:19:5c:6e:27:2a:ff:6f:fd: 2b:32:f0:a4:15:92:a7:42:9b:ba:a1:89:e1:99:46:cb:0d:14: 5b:8c:3d:c5:b6:b7:57:58:4a:df:ee:a4:89:ce:aa:c6:e7:a2: b0:4c:cf:0a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUM6YBIVQkhwXBE9SIPWX5bxlep4YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwNDAwMzZaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQGFmZGRmYTkxYjMwYTM5YjE2OTk2MTUwOTM0NWFhMDA5NzZlY2QxMWFhMmNl ZDAzM2ExNGNmM2NkZTZkODZmOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALph1hSH9doqAocnrEIdUj9WSidiO08aKSViSuBzQ3rP5DYE2yMw24KR/Jnj dZp1+hpLFNrJBEAmbF/MEpTJaiCzO0vJF7zbLLbBF/fUhtRCX+6G0KdaJifzHw81 dyKrwhtFzdCwaUTHdm/X8crfRX583hnzkyE38wPF4x5p4UoKlWM5uqLuhD/DP1wh uq36dO/MnE2ZILCbpnDzChswIoBIKQIzSDBoDjUgF1HAzT6vVKxIy1bLtR0ZzbFv YCoL7Z2yjbTLW8spwnxG2tj0Zh1zsodwbTNZBR342cwz18VH3NCjVjGNgVi5eveD NMK09qM7KhBnKNZqvJ2/govNhp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRojq0P ePliuplYCsk9dB5RzAK6ljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTM1NDljNzYtZDdmMy00OGY0LTllNTUtYjQ4NWZlYzAwYjEzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug MA0GCSqGSIb3DQEBCwUAA4IBAQBIdFiVDD0cK3ytZgKLt0V8Pho1+ZkcYN9vKa8t cso6AY87GB9PJhIxKUuiRYsqPDfaflYESw8Lk97Qdro5E1Rw4n25Q6bauM2XfOFY 2lTfs100xOX7GAv4fh6S7ETaASCnO01QbXHhsYmch6/KXPx5AinU91bEP54CKB4t 7mNH/nPnuODydK/TmJtIkBjDgd3p60D+Rbjk1OTnBx27+39SoLncNTLuMIuzWkg/ bPCasjnmTL2u4Q9crZ4HQRFfbSqX1ubobqOX6qs14Y2qEmPZGVxuJyr/b/0rMvCk FZKnQpu6oYnhmUbLDRRbjD3FtrdXWErf7qSJzqrG56KwTM8K -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:59 2025 by rpki-client