This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json) Hash identifier: YPoj3fAjsC5lH6iG0NDk4hX8g7TtZ3btXlF6HrtjAEo= Subject key identifier: 03:28:F9:06:67:8E:6E:62:91:B9:7D:C5:72:D3:65:BD:19:D6:FD:F8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3D8B49C9FFF1C29F62B0925D44B2E705043002EC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa Signing time: Sat 15 Nov 2025 05:30:54 +0000 ROA not before: Sat 15 Nov 2025 05:30:54 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:8b:49:c9:ff:f1:c2:9f:62:b0:92:5d:44:b2:e7:05:04:30:02:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:54 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=8f4df7977b7cd627324f2f6b9b133340328b714f6a52965fe447a35b65144b20, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0a:b7:c8:c7:f6:d4:c8:49:02:5e:78:1c:2b: 29:e8:25:ce:fd:da:9c:93:f3:11:c3:2b:c7:3c:4a: 93:3b:c3:50:dd:dc:55:0f:e8:8f:de:98:2a:f0:c6: 95:97:62:e8:ef:66:63:76:9f:d2:5b:91:f4:36:4f: d0:8c:2b:50:58:a2:51:4e:77:ea:a4:35:90:0e:d2: 77:e8:ea:fd:37:41:aa:91:d0:a2:e4:bd:d2:47:16: 19:86:c7:3c:1f:3b:f2:8d:1b:25:0c:27:e7:28:75: d7:98:55:2c:0e:95:16:4b:d0:06:c2:f3:1e:9c:42: 82:1c:a9:19:36:4c:30:93:77:56:05:b7:ba:1c:42: 00:dd:dc:c4:1c:6d:e6:36:70:ed:a9:7e:6a:84:22: 26:6a:f8:cc:28:0c:83:aa:fd:63:f6:06:52:ca:58: b8:6f:90:ed:40:79:88:97:63:ba:2c:be:26:d2:23: 75:d2:a9:e7:ae:38:d6:11:c9:70:d4:32:55:5d:31: 6c:4c:6a:25:95:2d:55:62:e9:fa:17:fb:14:87:49: ca:50:d8:5e:13:da:15:97:96:a9:c2:44:0e:13:d4: 73:a3:b9:25:cc:65:be:cb:c4:3d:91:b8:30:72:30: b2:e1:68:ea:48:98:fb:ae:98:78:f1:a2:6a:99:2b: 4a:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:28:F9:06:67:8E:6E:62:91:B9:7D:C5:72:D3:65:BD:19:D6:FD:F8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:6000::/40 Signature Algorithm: sha256WithRSAEncryption c1:c1:3a:0d:70:1b:62:3f:4f:bb:e0:6a:f6:2d:71:5b:a9:1b: 8e:3b:6e:a7:53:92:d5:32:fb:2e:08:d7:5c:f9:e5:6b:69:c7: e0:b0:b4:14:c5:db:bb:17:be:c6:7e:9f:38:d9:d7:7d:5d:dc: 43:2a:28:0b:1f:f0:df:29:26:f3:e3:37:6b:76:1f:42:86:77: 5e:28:1c:26:ee:5c:0a:bd:e9:ae:87:f0:f6:93:f2:d7:74:2b: 9e:40:83:69:2f:92:dc:30:c7:19:ab:0f:a5:17:06:d1:24:dc: 5a:e9:be:6a:32:a8:31:7e:f0:e5:8c:a5:38:18:d5:eb:04:ce: 65:d2:37:10:7d:02:b2:00:09:22:76:e5:3c:5d:19:d5:e8:17: b2:74:1d:dd:c8:3d:67:3b:4d:22:cd:59:8d:b6:51:d8:9d:3a: 7c:fc:4a:e5:b2:78:e7:8e:6f:06:15:7b:ae:a4:b0:c9:e4:93: 8e:c1:d0:45:a7:0d:af:c7:0e:fb:94:aa:97:10:cb:c7:e0:ba: 4e:c1:56:ad:db:c1:d5:c2:07:02:74:33:6a:55:d5:3f:a0:81: 63:1d:f9:82:c2:e0:5b:7b:12:2f:c4:95:5e:2a:09:3c:f1:39: 6e:2b:56:47:6f:7f:49:8c:3a:97:45:a3:2e:f7:9b:65:27:91: 88:8a:91:08 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPYtJyf/xwp9isJJdRLLnBQQwAuwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDhmNGRmNzk3N2I3Y2Q2MjczMjRmMmY2YjliMTMzMzQwMzI4YjcxNGY2YTUy OTY1ZmU0NDdhMzViNjUxNDRiMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIKt8jH9tTISQJeeBwrKeglzv3anJPzEcMrxzxKkzvDUN3cVQ/oj96YKvDG lZdi6O9mY3af0luR9DZP0IwrUFiiUU536qQ1kA7Sd+jq/TdBqpHQouS90kcWGYbH PB878o0bJQwn5yh115hVLA6VFkvQBsLzHpxCghypGTZMMJN3VgW3uhxCAN3cxBxt 5jZw7al+aoQiJmr4zCgMg6r9Y/YGUspYuG+Q7UB5iJdjuiy+JtIjddKp56441hHJ cNQyVV0xbExqJZUtVWLp+hf7FIdJylDYXhPaFZeWqcJEDhPUc6O5JcxlvsvEPZG4 MHIwsuFo6kiY+66YePGiapkrSv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDKPkG Z45uYpG5fcVy02W9Gdb9+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg MA0GCSqGSIb3DQEBCwUAA4IBAQDBwToNcBtiP0+74Gr2LXFbqRuOO26nU5LVMvsu CNdc+eVracfgsLQUxdu7F77Gfp842dd9XdxDKigLH/DfKSbz4zdrdh9ChndeKBwm 7lwKvemuh/D2k/LXdCueQINpL5LcMMcZqw+lFwbRJNxa6b5qMqgxfvDljKU4GNXr BM5l0jcQfQKyAAkiduU8XRnV6BeydB3dyD1nO00izVmNtlHYnTp8/Erlsnjnjm8G FXuupLDJ5JOOwdBFpw2vxw77lKqXEMvH4LpOwVat28HVwgcCdDNqVdU/oIFjHfmC wuBbexIvxJVeKgk88TluK1ZHb39JjDqXRaMu95tlJ5GIipEI -----END CERTIFICATE-----Generated at Sat Dec 6 19:19:29 2025 by rpki-client