This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa File: b6b5f2f6-236d-447e-aeb1-24c947937396.roa (raw, json) Hash identifier: n8CeI7S1n3R4AOQ+0WTon1BcbtRSS/i1xpWcl4FoYr4= Subject key identifier: 42:5F:21:9E:1B:B4:FA:ED:D0:9E:7D:68:B4:E8:A8:97:15:31:3C:70 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0390C009BCB8A226157CCBD9E1DC727ECC71975C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa Signing time: Tue 18 Nov 2025 00:30:18 +0000 ROA not before: Tue 18 Nov 2025 00:30:18 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:90:c0:09:bc:b8:a2:26:15:7c:cb:d9:e1:dc:72:7e:cc:71:97:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:30:18 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=c586ffe82acf80cf0b8580c9ca95095c8a52aa21c66893ef853e3cabd8fabb22, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ee:3e:12:5e:1e:8f:a9:24:1e:0d:48:91:31: 41:a4:4d:4e:5b:38:47:6f:2e:a2:36:15:2e:b0:21: 6b:58:f0:8e:be:96:ad:6a:dd:34:ae:32:97:e8:aa: 3a:e5:98:16:63:63:e1:09:9a:71:eb:a3:e3:f6:48: 2b:cb:2e:ca:62:12:5f:8a:e4:38:01:2c:5e:60:f7: 91:8b:4d:87:1b:a8:3a:e5:82:4d:ee:3c:31:5b:84: bc:8f:46:48:b7:00:cb:81:42:82:ab:08:d7:12:3f: e8:b6:7e:9b:b3:b1:9c:86:4a:69:c0:5e:38:ae:ee: 94:4f:4d:2a:87:cc:76:2c:b9:1b:06:f3:02:3f:57: d8:40:c7:5a:93:ec:dd:4f:e3:72:54:8a:dc:a6:f2: 29:b5:bd:71:1e:85:98:f0:32:e5:68:7e:d0:90:37: 33:2d:22:c8:1d:4b:e0:f2:f0:83:65:43:c3:1c:db: a8:e7:ed:6c:87:cc:10:c3:0c:f9:80:02:c3:62:e2: 6c:ba:79:93:6b:89:95:bf:c7:d8:09:a3:98:2c:76: 98:9a:26:53:1b:e2:bd:5b:1e:6b:69:4b:4a:95:12: ef:d9:c3:b9:93:7c:9a:5d:7c:67:ed:a4:d5:7e:0c: fd:8a:6e:36:10:1c:d6:ea:1d:86:5a:53:c0:40:89: e0:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:5F:21:9E:1B:B4:FA:ED:D0:9E:7D:68:B4:E8:A8:97:15:31:3C:70 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 64:64:c9:09:70:53:9d:0a:51:a4:db:eb:1b:31:56:1d:12:2a: eb:60:e9:ea:42:d9:94:87:c9:d4:c4:97:c9:4b:5f:e3:27:49: e5:f4:ba:e9:06:d7:89:68:85:4a:85:21:f1:6d:02:7d:c8:69: c7:3e:91:ff:85:33:27:4e:69:4f:e0:e7:03:0a:21:21:62:d0: 4c:69:10:34:b5:18:ee:08:9c:ea:24:4e:5e:a9:1d:21:76:48: 20:05:4b:04:88:07:9d:bc:59:38:01:aa:41:5c:eb:ce:ca:59: 81:8e:37:90:d0:8a:d9:79:41:f1:3e:80:f5:d9:2c:be:e7:59: e6:a2:f3:4c:d8:65:01:d8:2c:17:04:4e:2f:c3:46:4a:37:0d: ae:26:e0:5b:1a:03:ae:1c:20:c7:90:ed:fe:e0:0b:86:6c:ee: 3f:b5:25:6e:5d:42:cc:65:bf:bc:cf:3b:d9:e4:cb:3f:55:cd: 77:da:9d:1a:f8:5a:a3:b4:81:10:64:f4:73:96:f8:e5:5a:a0: 4a:e2:00:bc:df:55:27:63:cf:64:18:98:ad:51:db:f6:bb:29: 61:be:31:8c:61:fb:5e:e2:dc:9f:8d:8d:72:82:a6:cb:03:b0: a3:0f:d6:d0:ff:0c:0c:be:b4:8a:f0:88:c8:cf:49:88:03:a6: a8:52:ce:79 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUA5DACby4oiYVfMvZ4dxyfsxxl1wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDMwMThaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGM1ODZmZmU4MmFjZjgwY2YwYjg1ODBjOWNhOTUwOTVjOGE1MmFhMjFjNjY4 OTNlZjg1M2UzY2FiZDhmYWJiMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPuPhJeHo+pJB4NSJExQaRNTls4R28uojYVLrAha1jwjr6WrWrdNK4yl+iq OuWYFmNj4Qmaceuj4/ZIK8suymISX4rkOAEsXmD3kYtNhxuoOuWCTe48MVuEvI9G SLcAy4FCgqsI1xI/6LZ+m7OxnIZKacBeOK7ulE9NKofMdiy5GwbzAj9X2EDHWpPs 3U/jclSK3KbyKbW9cR6FmPAy5Wh+0JA3My0iyB1L4PLwg2VDwxzbqOftbIfMEMMM +YACw2LibLp5k2uJlb/H2AmjmCx2mJomUxvivVsea2lLSpUS79nDuZN8ml18Z+2k 1X4M/YpuNhAc1uodhlpTwECJ4F8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCXyGe G7T67dCefWi06KiXFTE8cDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjZiNWYyZjYtMjM2ZC00NDdlLWFlYjEtMjRjOTQ3OTM3Mzk2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A wDANBgkqhkiG9w0BAQsFAAOCAQEAZGTJCXBTnQpRpNvrGzFWHRIq62Dp6kLZlIfJ 1MSXyUtf4ydJ5fS66QbXiWiFSoUh8W0Cfchpxz6R/4UzJ05pT+DnAwohIWLQTGkQ NLUY7gic6iROXqkdIXZIIAVLBIgHnbxZOAGqQVzrzspZgY43kNCK2XlB8T6A9dks vudZ5qLzTNhlAdgsFwROL8NGSjcNribgWxoDrhwgx5Dt/uALhmzuP7Ulbl1CzGW/ vM872eTLP1XNd9qdGvhao7SBEGT0c5b45VqgSuIAvN9VJ2PPZBiYrVHb9rspYb4x jGH7XuLcn42NcoKmywOwow/W0P8MDL60ivCIyM9JiAOmqFLOeQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:44 2025 by rpki-client