This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json) Hash identifier: KKCYW7T4PGjCt69va6i/7xdfIZwZdihP2cwDSj6oTl4= Subject key identifier: 7C:4A:9C:8A:98:BD:59:E4:28:E7:5E:BD:C0:2B:63:89:1A:7B:39:15 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3602B1472A1C2DAB238ADBAA0A4F3879994CCF47 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa Signing time: Tue 25 Nov 2025 20:10:35 +0000 ROA not before: Tue 25 Nov 2025 20:10:35 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:2040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:02:b1:47:2a:1c:2d:ab:23:8a:db:aa:0a:4f:38:79:99:4c:cf:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:10:35 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=e6a2845d71e8f84cc388fbaf0a44af5ed64a54b9be32df043c8fde0c7ea683e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:06:e4:d0:63:d8:7e:2f:67:4e:9c:89:93:24: d0:09:aa:f3:11:2e:67:02:9a:f4:eb:cd:41:db:0c: d2:8b:0b:33:6b:ed:f5:cf:8a:67:a1:53:db:50:fa: da:86:26:73:16:44:29:d2:ff:a0:05:f8:20:33:6d: 52:97:4e:89:1a:69:3b:98:6e:b1:51:dc:f8:d7:85: 78:0f:eb:30:d2:34:df:0e:3e:1f:be:2f:99:df:3c: 24:16:43:01:ae:da:99:c8:23:5f:a2:e4:94:ef:b0: 9e:7d:8f:d8:a2:b8:46:26:5c:cc:87:10:ad:0d:fe: 91:71:a0:c4:ed:69:66:19:41:1a:13:9b:4f:ae:eb: ca:8b:43:a6:d5:75:4b:8e:61:95:5e:eb:2e:57:27: d3:f5:c6:1f:02:fa:ac:e1:06:9c:93:35:2f:b3:6d: 52:51:68:02:5f:83:d5:00:76:26:6a:28:20:e1:45: 5a:a3:63:3c:c6:7b:73:a2:46:8c:fe:04:ad:54:31: 5a:37:0c:de:46:05:fb:46:2f:7a:b0:aa:25:85:89: 2d:bf:b6:90:32:3e:0d:f0:04:80:5a:37:be:fe:2b: c1:32:20:2b:e1:d4:56:2e:b9:90:eb:a4:11:fb:82: cd:6d:ed:db:67:e2:c9:69:8f:2f:de:32:e1:b1:e7: ba:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:4A:9C:8A:98:BD:59:E4:28:E7:5E:BD:C0:2B:63:89:1A:7B:39:15 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:2040::/46 Signature Algorithm: sha256WithRSAEncryption 7c:da:1d:0b:d2:7d:82:a0:4a:b8:47:76:af:e4:23:48:da:07: 0e:2d:f7:00:e5:ad:23:c8:6a:e6:85:2f:8b:97:64:9f:ed:51: c8:c6:15:01:43:5c:dd:2e:e9:8b:d9:c4:82:dc:e9:f6:32:0e: 76:50:da:03:20:bb:fa:64:cc:c8:47:0b:cc:b6:b6:27:be:e3: b5:d3:e3:f3:7b:72:45:43:22:cf:1a:2f:08:30:ef:56:ae:38: c6:be:72:43:30:62:6b:b1:94:7d:8d:7f:0b:3d:16:8d:1f:ed: 24:1a:3b:4c:28:88:59:6c:b3:a5:e3:13:39:b0:eb:04:2a:77: fd:b1:99:38:ef:24:3e:43:b2:de:67:d6:4f:d0:c0:3d:4f:10: 3c:ea:99:68:2c:68:82:1b:17:94:1e:e4:00:3b:5c:40:2b:cc: 8b:74:7d:c2:84:e3:1b:3c:d3:ef:f5:ee:a0:f2:c9:33:37:86: e6:12:3e:3f:5b:c0:4c:f1:8d:73:c0:37:99:4c:3a:a9:e3:cb: 35:45:80:39:b6:bf:cf:50:eb:3d:e7:3d:52:dc:4d:4c:d6:22: 32:cb:f4:10:ba:83:d3:b5:fb:05:f8:8b:4e:87:7a:e5:fc:8a: f8:a1:b1:1b:19:37:a6:a8:c3:63:cb:3e:5e:02:35:71:af:5d: 3b:11:f9:17 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUNgKxRyocLasjituqCk84eZlMz0cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDEwMzVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGU2YTI4NDVkNzFlOGY4NGNjMzg4ZmJhZjBhNDRhZjVlZDY0YTU0YjliZTMy ZGYwNDNjOGZkZTBjN2VhNjgzZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMMG5NBj2H4vZ06ciZMk0Amq8xEuZwKa9OvNQdsM0osLM2vt9c+KZ6FT21D6 2oYmcxZEKdL/oAX4IDNtUpdOiRppO5husVHc+NeFeA/rMNI03w4+H74vmd88JBZD Aa7amcgjX6LklO+wnn2P2KK4RiZczIcQrQ3+kXGgxO1pZhlBGhObT67ryotDptV1 S45hlV7rLlcn0/XGHwL6rOEGnJM1L7NtUlFoAl+D1QB2JmooIOFFWqNjPMZ7c6JG jP4ErVQxWjcM3kYF+0YverCqJYWJLb+2kDI+DfAEgFo3vv4rwTIgK+HUVi65kOuk EfuCzW3t22fiyWmPL94y4bHnuq8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR8SpyK mL1Z5CjnXr3AK2OJGns5FTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg QDANBgkqhkiG9w0BAQsFAAOCAQEAfNodC9J9gqBKuEd2r+QjSNoHDi33AOWtI8hq 5oUvi5dkn+1RyMYVAUNc3S7pi9nEgtzp9jIOdlDaAyC7+mTMyEcLzLa2J77jtdPj 83tyRUMizxovCDDvVq44xr5yQzBia7GUfY1/Cz0WjR/tJBo7TCiIWWyzpeMTObDr BCp3/bGZOO8kPkOy3mfWT9DAPU8QPOqZaCxoghsXlB7kADtcQCvMi3R9woTjGzzT 7/XuoPLJMzeG5hI+P1vATPGNc8A3mUw6qePLNUWAOba/z1DrPec9UtxNTNYiMsv0 ELqD07X7BfiLTod65fyK+KGxGxk3pqjDY8s+XgI1ca9dOxH5Fw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:57 2025 by rpki-client