This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa File: b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa (raw, json) Hash identifier: SYsQpjOmf4AWvZzWcnyEuvq4PXNS5XLyO/2ey5Wi8kY= Subject key identifier: D2:E7:28:33:5B:EE:BA:A2:B3:4B:7B:3E:54:07:20:E8:44:36:D6:08 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4409B6252267EE8AD9FA611BA155E31E0DE952CB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa Signing time: Sat 15 Nov 2025 06:10:44 +0000 ROA not before: Sat 15 Nov 2025 06:10:44 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:09:b6:25:22:67:ee:8a:d9:fa:61:1b:a1:55:e3:1e:0d:e9:52:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:44 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=8825be2ff09ad6d4d5b8186cf741f126ffa54e35800229b3277ef3c6d1f6bc0c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3b:1a:c5:a0:55:a3:45:34:5e:0f:f4:e9:26: 49:c5:1f:94:72:fc:57:0d:ea:31:a8:41:45:da:91: dc:e2:c0:3e:ad:95:c6:85:41:66:e6:40:41:a8:8c: 10:e8:e0:67:d5:70:62:5c:ee:6f:24:3e:be:fb:d3: 9d:29:c3:2a:62:e2:4f:19:3e:87:8e:0a:12:95:bf: ae:1a:ea:48:e5:e1:5f:52:19:9b:9b:87:d1:75:7c: bd:94:61:ac:53:04:55:29:fc:ad:3a:34:15:c1:5d: 3f:5a:89:84:d3:0b:d3:85:2d:0d:3d:9c:30:fb:d3: 1b:e8:04:e1:cd:7f:a1:66:0f:e7:0b:a1:07:9c:6e: 94:4c:1f:87:49:54:9a:b8:38:50:93:1c:33:99:7a: 49:92:40:16:b1:cd:f3:91:28:b1:ab:aa:0f:df:62: 7d:46:e4:41:a8:b8:53:ad:2b:ff:f5:30:46:e1:ae: ef:af:58:58:4c:66:13:58:2c:ec:91:5c:86:f0:a7: 69:d8:7a:36:1f:72:75:80:86:04:ff:86:95:13:23: 6f:e8:f3:9a:eb:1b:8c:23:45:d5:d1:e1:15:2c:ae: d5:f7:12:84:5b:05:cd:e2:b5:8c:4a:98:42:51:91: ae:c4:82:d0:6e:6b:53:30:a0:4d:cb:93:28:69:e6: ab:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:E7:28:33:5B:EE:BA:A2:B3:4B:7B:3E:54:07:20:E8:44:36:D6:08 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 5d:69:63:a8:98:02:06:2d:14:e6:13:7e:da:73:e7:63:27:e1: 6e:09:21:9a:ca:3e:4e:bc:0f:88:d8:7c:da:f1:5a:03:2a:ee: 88:76:5a:07:4e:a8:cd:c1:27:d9:17:31:90:20:85:5e:b8:cb: ba:54:07:81:16:ff:99:5e:c3:d9:8e:f5:04:0c:82:f9:48:9c: 71:e4:d2:27:13:ee:8f:6a:4c:8c:28:12:d2:51:45:2f:eb:80: 37:31:77:d5:0a:03:c0:59:b0:9b:15:03:a0:82:5d:c7:0e:6d: 04:1d:a1:19:d0:5f:e8:87:00:da:23:43:c1:37:7b:48:c5:7a: 06:94:9e:09:ff:5e:5f:fe:a4:61:9b:bc:97:5d:b0:f0:6b:cd: 00:18:25:65:e5:d0:2d:25:00:20:1e:ed:3a:98:72:9e:53:71: 5e:25:bc:08:0e:ec:08:8a:63:fd:7a:2d:99:9a:c3:4f:7b:4f: 9a:6d:ee:95:b5:c5:0e:da:52:2b:d7:3d:de:32:a0:94:0c:3f: cd:e3:ba:a3:dc:c5:34:98:81:52:12:a7:4f:d1:a0:0a:ce:b8: 24:65:04:02:9a:c0:c3:47:77:d3:84:f5:90:7e:9d:05:ea:8f: f5:28:b7:ae:2b:fb:c7:54:3a:91:f9:39:ad:26:17:e4:3d:ea: f1:3c:8c:d5 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIURAm2JSJn7orZ+mEboVXjHg3pUsswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwNDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDg4MjViZTJmZjA5YWQ2ZDRkNWI4MTg2Y2Y3NDFmMTI2ZmZhNTRlMzU4MDAy MjliMzI3N2VmM2M2ZDFmNmJjMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQ7GsWgVaNFNF4P9OkmScUflHL8Vw3qMahBRdqR3OLAPq2VxoVBZuZAQaiM EOjgZ9VwYlzubyQ+vvvTnSnDKmLiTxk+h44KEpW/rhrqSOXhX1IZm5uH0XV8vZRh rFMEVSn8rTo0FcFdP1qJhNML04UtDT2cMPvTG+gE4c1/oWYP5wuhB5xulEwfh0lU mrg4UJMcM5l6SZJAFrHN85EosauqD99ifUbkQai4U60r//UwRuGu769YWExmE1gs 7JFchvCnadh6Nh9ydYCGBP+GlRMjb+jzmusbjCNF1dHhFSyu1fcShFsFzeK1jEqY QlGRrsSC0G5rUzCgTcuTKGnmq/cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTS5ygz W+66orNLez5UByDoRDbWCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjBjYjY2MWMtNDNjMy00YzJhLTg2ZTMtY2M4ODY0MmQ2MzE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg wDANBgkqhkiG9w0BAQsFAAOCAQEAXWljqJgCBi0U5hN+2nPnYyfhbgkhmso+TrwP iNh82vFaAyruiHZaB06ozcEn2RcxkCCFXrjLulQHgRb/mV7D2Y71BAyC+UicceTS JxPuj2pMjCgS0lFFL+uANzF31QoDwFmwmxUDoIJdxw5tBB2hGdBf6IcA2iNDwTd7 SMV6BpSeCf9eX/6kYZu8l12w8GvNABglZeXQLSUAIB7tOphynlNxXiW8CA7sCIpj /XotmZrDT3tPmm3ulbXFDtpSK9c93jKglAw/zeO6o9zFNJiBUhKnT9GgCs64JGUE AprAw0d304T1kH6dBeqP9Si3riv7x1Q6kfk5rSYX5D3q8TyM1Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:41 2025 by rpki-client