This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa File: b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa (raw, json) Hash identifier: von9WpzT+bCMwkXTyZuWRYqyrO2V9aeV0hcYzpoICqo= Subject key identifier: AA:EE:DB:DC:11:BA:4F:5E:A7:67:45:1B:79:BF:0D:F0:25:F4:0A:2E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 271744235ED916A7AEDC5FF245A9795C4C84A90D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa Signing time: Wed 10 Dec 2025 06:10:12 +0000 ROA not before: Wed 10 Dec 2025 06:10:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:17:44:23:5e:d9:16:a7:ae:dc:5f:f2:45:a9:79:5c:4c:84:a9:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e975e4c2905bc342f7e5fb846c5d27b3ba2fac067b47575d2555b181863a18e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:8b:1a:88:c7:81:16:14:d3:f7:54:0e:a9:09: b5:dd:b6:03:5b:08:41:9c:b6:46:99:f5:05:83:16: 92:7e:47:a0:bd:ef:90:b9:e8:bd:0f:64:cb:32:27: 48:8a:93:ea:6f:34:df:a8:e5:c8:ff:9e:d9:86:e0: 5a:14:54:ac:24:dd:44:1b:be:9a:db:d0:06:4c:f5: 38:90:99:81:fb:04:06:0b:ab:85:5e:5c:5b:e0:e9: dd:d1:1a:26:79:49:72:9d:dd:bc:4b:dc:5b:23:a8: 35:ec:1d:1b:77:3b:9c:36:18:5a:95:ab:63:17:c0: dc:c7:8e:b0:f1:c5:66:45:26:e2:9e:13:fa:7c:81: a5:9b:bf:b5:d2:4e:ef:9d:fd:24:01:0a:6d:3a:2b: 1c:db:4f:3d:d0:b9:4a:66:d4:f9:9e:b7:58:36:15: d9:65:7b:52:4c:52:c0:65:7b:2c:c9:82:57:2f:fd: 6c:18:a3:4f:2e:b8:9b:9c:0a:9c:2a:6e:c3:f8:90: 9d:5d:68:52:74:31:10:e1:d2:d3:c4:f1:e7:bb:a8: 5f:56:a2:ab:83:43:ce:44:50:54:ff:ca:c6:83:6e: 7f:9f:dd:cd:e3:c0:04:67:14:87:f1:0c:88:9d:de: 16:00:39:f4:65:08:45:96:8e:5c:32:14:14:16:df: 3f:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:EE:DB:DC:11:BA:4F:5E:A7:67:45:1B:79:BF:0D:F0:25:F4:0A:2E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 4c:f0:ab:07:93:c4:8a:ce:d7:be:f7:a8:87:d3:db:3f:7e:d4: 82:13:4a:23:b4:8e:06:06:64:b3:4b:81:1e:4f:e2:01:b0:f7: ea:53:d2:d7:5b:ea:06:cd:6f:ba:ff:96:e9:b0:df:7d:6d:83: 18:3c:e2:01:a1:0a:e6:73:5c:a5:ba:7c:c8:0b:bc:cb:30:f0: 7f:2d:b5:4c:19:7f:8e:82:4b:4b:c3:52:a1:f6:41:25:00:dc: 22:e9:08:3a:32:2e:f2:1b:32:26:8c:11:c2:23:d9:81:23:ee: 34:4a:00:cb:cf:d9:52:88:95:16:8d:e7:37:83:a3:67:c2:fd: 63:4a:7a:81:a8:d9:d3:9b:42:bd:d3:c6:54:60:56:1b:f8:1c: ad:3e:2a:be:8b:04:24:91:64:82:83:ff:5a:7f:0b:e3:90:02: 0b:69:b6:2c:cc:96:5d:38:e1:17:68:fc:ee:ff:56:35:fd:3f: 0f:fe:c2:4b:11:52:0f:ee:3c:96:e6:f1:af:6b:02:c3:a0:ef: 4b:4d:e9:78:2e:18:d1:54:d6:8d:84:49:24:04:32:6e:9d:19: e7:10:f0:83:7c:55:38:ef:cc:1b:d2:c9:ee:73:b2:f0:72:ad: 0f:ad:fd:98:79:e1:8b:99:50:68:db:dc:01:03:5d:1f:23:06: 23:66:f0:43 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJxdEI17ZFqeu3F/yRal5XEyEqQ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU5NzVlNGMyOTA1YmMzNDJmN2U1ZmI4NDZjNWQyN2IzYmEyZmFjMDY3YjQ3 NTc1ZDI1NTViMTgxODYzYTE4ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI2LGojHgRYU0/dUDqkJtd22A1sIQZy2Rpn1BYMWkn5HoL3vkLnovQ9kyzIn SIqT6m8036jlyP+e2YbgWhRUrCTdRBu+mtvQBkz1OJCZgfsEBgurhV5cW+Dp3dEa JnlJcp3dvEvcWyOoNewdG3c7nDYYWpWrYxfA3MeOsPHFZkUm4p4T+nyBpZu/tdJO 7539JAEKbTorHNtPPdC5SmbU+Z63WDYV2WV7UkxSwGV7LMmCVy/9bBijTy64m5wK nCpuw/iQnV1oUnQxEOHS08Tx57uoX1aiq4NDzkRQVP/KxoNuf5/dzePABGcUh/EM iJ3eFgA59GUIRZaOXDIUFBbfPw8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSq7tvc EbpPXqdnRRt5vw3wJfQKLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjBjYjY2MWMtNDNjMy00YzJhLTg2ZTMtY2M4ODY0MmQ2MzE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg wDANBgkqhkiG9w0BAQsFAAOCAQEATPCrB5PEis7Xvveoh9PbP37UghNKI7SOBgZk s0uBHk/iAbD36lPS11vqBs1vuv+W6bDffW2DGDziAaEK5nNcpbp8yAu8yzDwfy21 TBl/joJLS8NSofZBJQDcIukIOjIu8hsyJowRwiPZgSPuNEoAy8/ZUoiVFo3nN4Oj Z8L9Y0p6gajZ05tCvdPGVGBWG/gcrT4qvosEJJFkgoP/Wn8L45ACC2m2LMyWXTjh F2j87v9WNf0/D/7CSxFSD+48lubxr2sCw6DvS03peC4Y0VTWjYRJJAQybp0Z5xDw g3xVOO/MG9LJ7nOy8HKtD639mHnhi5lQaNvcAQNdHyMGI2bwQw== -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:42 2025 by rpki-client