This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa File: b7f51085-242e-4975-929d-5a48b9aa7650.roa (raw, json) Hash identifier: ppO1E1UVTB8NtvsrS+9CGJkFLU+bSeOLcSFoxbOqL00= Subject key identifier: 83:5B:01:37:07:BF:FF:33:12:F1:23:06:1A:92:D2:2C:A3:56:D0:EC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 713DAFB727EC159B7EF85A56593032509CA380F4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa Signing time: Sat 06 Dec 2025 00:40:11 +0000 ROA not before: Sat 06 Dec 2025 00:40:11 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07b:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:3d:af:b7:27:ec:15:9b:7e:f8:5a:56:59:30:32:50:9c:a3:80:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 00:40:11 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=8f1cb639851c7aa4df2b77207c0fb8cf66bb72fab41b8168ad93ff64c525b644, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ba:1c:87:c0:e1:a1:e5:8a:31:ef:a9:d2:39: 00:cf:f2:9d:47:00:24:cb:43:7d:16:fa:e9:fd:ba: 6a:b6:7a:7a:05:3f:ba:5b:c8:ba:ce:33:91:ab:62: 07:5c:00:88:32:e2:98:f0:95:5f:75:47:a7:ba:47: 95:b2:fc:a8:6e:1c:89:bc:c6:66:9f:46:a0:37:d4: 97:19:58:70:fb:05:39:aa:4d:2d:c0:11:d4:1e:fb: e4:72:c3:63:a8:99:9e:a0:e1:c1:c7:57:b7:59:7c: 5d:94:19:b0:42:e9:e7:11:aa:1d:24:81:83:d1:89: 75:97:be:b7:d2:8f:b3:c4:bc:3d:12:95:f5:9f:50: eb:4e:9f:2d:7b:3a:11:b2:49:1f:3d:68:53:45:a5: 1e:63:ab:30:f1:37:e2:c0:f2:f9:b9:44:9e:05:db: 5c:71:fb:6e:5a:87:e3:8d:ab:c8:e2:a8:9c:0f:2b: 33:6e:da:0e:6e:cb:ff:23:d6:4f:3a:27:87:aa:f8: a3:0e:7e:c7:d3:ea:75:f1:1b:11:2f:85:fa:3f:de: 8d:68:08:2f:4c:4f:76:67:e0:43:3a:50:a1:09:d5: b2:95:f0:74:42:a3:7f:3d:2b:1a:b3:bc:c1:d1:7c: 65:37:c5:55:e4:8b:93:4b:70:9b:a0:02:8a:76:6c: 8e:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:5B:01:37:07:BF:FF:33:12:F1:23:06:1A:92:D2:2C:A3:56:D0:EC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07b:5000::/40 Signature Algorithm: sha256WithRSAEncryption 8b:d9:e4:8d:77:23:51:39:54:1d:d3:df:44:5a:79:26:64:10: 46:7a:0d:47:6a:b6:77:f2:9f:79:eb:58:a8:21:2c:3c:f6:d1: da:51:7c:78:8b:10:0f:72:1d:35:fa:6c:8f:ca:05:a2:fe:3b: 5b:1c:16:43:6c:18:4a:7e:dd:4b:33:64:66:2f:16:ac:92:eb: 7d:c1:3a:82:6f:87:38:0d:49:52:e3:27:56:80:37:6c:af:bf: 17:90:2e:2a:41:05:98:78:71:51:59:69:e4:63:78:52:22:92: ee:f1:c6:10:10:37:88:c8:82:dd:8f:81:78:20:db:e2:dd:25: 98:31:41:fb:ea:7c:0d:e1:7e:97:ae:41:dd:18:df:3a:ae:04: 9e:2c:9c:4f:33:db:1e:6a:68:3f:e0:97:ee:8f:9f:a4:1f:98: d4:2d:64:83:d2:9f:07:df:60:3b:27:7b:e3:a8:8a:6c:74:81: 61:21:21:52:12:26:fe:db:38:fb:8c:b1:f3:16:44:e9:e5:cc: d9:d9:b6:0b:b3:0b:ed:70:84:08:dc:b7:f3:4b:1c:f1:41:47: ff:89:80:f9:46:b7:45:ee:e3:f0:c5:02:af:a5:9d:04:de:71: a3:b2:15:3e:27:05:d8:ce:c7:0c:cf:cc:8a:c1:24:74:04:00: 3a:34:ac:c7 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcT2vtyfsFZt++FpWWTAyUJyjgPQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwMDQwMTFaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDhmMWNiNjM5ODUxYzdhYTRkZjJiNzcyMDdjMGZiOGNmNjZiYjcyZmFiNDFi ODE2OGFkOTNmZjY0YzUyNWI2NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKC6HIfA4aHlijHvqdI5AM/ynUcAJMtDfRb66f26arZ6egU/ulvIus4zkati B1wAiDLimPCVX3VHp7pHlbL8qG4cibzGZp9GoDfUlxlYcPsFOapNLcAR1B775HLD Y6iZnqDhwcdXt1l8XZQZsELp5xGqHSSBg9GJdZe+t9KPs8S8PRKV9Z9Q606fLXs6 EbJJHz1oU0WlHmOrMPE34sDy+blEngXbXHH7blqH442ryOKonA8rM27aDm7L/yPW Tzonh6r4ow5+x9PqdfEbES+F+j/ejWgIL0xPdmfgQzpQoQnVspXwdEKjfz0rGrO8 wdF8ZTfFVeSLk0twm6ACinZsjgMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDWwE3 B7//MxLxIwYaktIso1bQ7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjdmNTEwODUtMjQyZS00OTc1LTkyOWQtNWE0OGI5YWE3NjUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtQ MA0GCSqGSIb3DQEBCwUAA4IBAQCL2eSNdyNROVQd099EWnkmZBBGeg1HarZ38p95 61ioISw89tHaUXx4ixAPch01+myPygWi/jtbHBZDbBhKft1LM2RmLxaskut9wTqC b4c4DUlS4ydWgDdsr78XkC4qQQWYeHFRWWnkY3hSIpLu8cYQEDeIyILdj4F4INvi 3SWYMUH76nwN4X6XrkHdGN86rgSeLJxPM9seamg/4Jfuj5+kH5jULWSD0p8H32A7 J3vjqIpsdIFhISFSEib+2zj7jLHzFkTp5czZ2bYLswvtcIQI3LfzSxzxQUf/iYD5 RrdF7uPwxQKvpZ0E3nGjshU+JwXYzscMz8yKwSR0BAA6NKzH -----END CERTIFICATE-----Generated at Sat Dec 6 10:56:38 2025 by rpki-client