This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json) Hash identifier: JBdbyv6ljnGUznf2Sz6Q5SWudjaFReNsMcSkKZVEDZg= Subject key identifier: 1E:C3:3A:F4:5C:B2:33:B3:24:EF:FC:62:8F:C5:8B:ED:9B:7D:EB:6F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 292E43FB830A61D98C016F6B9047FBD6970BA56A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa Signing time: Sat 15 Nov 2025 05:20:15 +0000 ROA not before: Sat 15 Nov 2025 05:20:15 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:2e:43:fb:83:0a:61:d9:8c:01:6f:6b:90:47:fb:d6:97:0b:a5:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:15 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9eba5932ee33740a0b4c265f9416ac52ee709b6b5de4c47135aff059133117b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:96:94:f7:4e:f9:2a:c8:3f:f2:b5:85:86:dc: 57:f0:b6:e7:8a:a7:00:a4:59:99:e4:5d:67:bb:92: 0c:1c:dd:89:d6:e0:b4:91:b3:76:2f:e7:87:6e:4c: 75:1e:95:93:0f:37:37:81:e6:e6:03:9f:48:0a:7d: 24:63:67:62:f5:c5:9a:d6:86:e2:fc:e4:61:9b:21: 2d:eb:5f:e4:f5:03:d6:2a:72:56:7f:2a:cd:b5:b8: df:fa:78:26:e5:6a:f9:4d:ce:83:de:dc:f0:fd:02: 8b:0b:a9:e9:53:f1:be:4e:30:3f:bf:de:c2:bc:09: 16:73:49:cb:e0:62:37:ac:36:0e:bb:2a:cb:75:6b: 9e:ac:c5:6b:ac:20:ea:e2:2a:63:c4:2f:55:9b:06: 7c:0c:36:68:8d:ee:b3:3c:3a:ef:eb:3f:9c:85:90: 35:c5:2c:e8:34:4f:70:76:0d:5e:85:e7:21:2d:89: 94:e9:a3:09:08:ca:c2:52:2f:b6:de:a9:fe:03:90: f0:39:aa:5a:8e:af:a7:b8:9f:5e:47:4a:00:82:ea: 50:9b:bc:ba:af:87:1c:46:b7:fd:32:d1:d4:fa:72: 82:36:87:9c:65:36:3a:e0:5b:68:26:12:6e:86:18: fc:60:a9:76:77:84:f3:57:2f:c6:ee:50:9b:65:e7: 55:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C3:3A:F4:5C:B2:33:B3:24:EF:FC:62:8F:C5:8B:ED:9B:7D:EB:6F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:8000::/40 Signature Algorithm: sha256WithRSAEncryption 2e:1e:28:e0:1d:8b:43:8b:78:1f:16:62:b2:2e:25:c9:f3:80: 82:af:12:da:cd:e1:4c:ce:79:f1:0d:6e:9c:ae:cd:fe:61:59: 52:ad:dd:c3:b6:f4:bb:b0:52:12:a4:e7:db:5c:2d:63:d7:81: 3a:f0:d2:7b:6a:77:00:0a:1a:c7:54:51:d6:a9:f4:da:16:ae: 67:63:45:d8:71:a9:0e:50:1e:3b:78:74:0b:b8:5b:11:e5:9c: ec:fb:03:00:46:81:5b:37:28:6c:e3:b6:05:0f:7c:12:d5:36: 52:d9:3c:ce:98:3d:78:74:79:eb:8a:2f:86:5d:dd:3f:77:47: f5:5f:a0:10:82:ec:2a:47:c4:41:e0:6b:16:bf:55:9e:91:99: d1:d1:aa:21:0c:70:b7:8e:0b:b4:4e:0c:ac:26:f0:07:57:ec: 69:a4:6d:48:f4:5b:fa:ba:b7:ce:6f:b9:95:07:27:8d:0b:cd: 11:5b:cc:e9:fa:9e:b7:97:84:90:dc:f6:48:49:c6:f6:7d:02: 7e:0e:4a:d8:ef:89:6f:0c:fe:5b:3a:7c:a5:94:58:dc:b2:0c: 32:5c:97:c4:6b:a2:b3:95:a2:05:1e:f9:2b:c8:3a:6b:96:fd: 0d:0c:3d:00:05:42:b7:7a:4e:82:2f:69:12:e1:1f:76:91:35: 24:9d:cb:29 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKS5D+4MKYdmMAW9rkEf71pcLpWowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDllYmE1OTMyZWUzMzc0MGEwYjRjMjY1Zjk0MTZhYzUyZWU3MDliNmI1ZGU0 YzQ3MTM1YWZmMDU5MTMzMTE3YjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIiWlPdO+SrIP/K1hYbcV/C254qnAKRZmeRdZ7uSDBzdidbgtJGzdi/nh25M dR6Vkw83N4Hm5gOfSAp9JGNnYvXFmtaG4vzkYZshLetf5PUD1ipyVn8qzbW43/p4 JuVq+U3Og97c8P0Ciwup6VPxvk4wP7/ewrwJFnNJy+BiN6w2Drsqy3VrnqzFa6wg 6uIqY8QvVZsGfAw2aI3uszw67+s/nIWQNcUs6DRPcHYNXoXnIS2JlOmjCQjKwlIv tt6p/gOQ8DmqWo6vp7ifXkdKAILqUJu8uq+HHEa3/TLR1PpygjaHnGU2OuBbaCYS boYY/GCpdneE81cvxu5Qm2XnVX8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQewzr0 XLIzsyTv/GKPxYvtm33rbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA MA0GCSqGSIb3DQEBCwUAA4IBAQAuHijgHYtDi3gfFmKyLiXJ84CCrxLazeFMznnx DW6crs3+YVlSrd3DtvS7sFISpOfbXC1j14E68NJ7ancAChrHVFHWqfTaFq5nY0XY cakOUB47eHQLuFsR5Zzs+wMARoFbNyhs47YFD3wS1TZS2TzOmD14dHnrii+GXd0/ d0f1X6AQguwqR8RB4GsWv1WekZnR0aohDHC3jgu0TgysJvAHV+xppG1I9Fv6urfO b7mVByeNC80RW8zp+p63l4SQ3PZIScb2fQJ+DkrY74lvDP5bOnyllFjcsgwyXJfE a6KzlaIFHvkryDprlv0NDD0ABUK3ek6CL2kS4R92kTUkncsp -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:17 2025 by rpki-client