This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa File: b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa (raw, json) Hash identifier: qWLwrd+6XLXoUgK+i124Sg8Ci333JGhmz/ucsf35pdg= Subject key identifier: 4A:A1:84:60:9F:AF:6D:F5:15:8E:50:50:63:4A:04:E5:2D:A8:7E:0E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3934EDB4C68D5C1F65BFA81B4462234B0ACF788F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa Signing time: Sun 23 Nov 2025 01:30:16 +0000 ROA not before: Sun 23 Nov 2025 01:30:16 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:34:ed:b4:c6:8d:5c:1f:65:bf:a8:1b:44:62:23:4b:0a:cf:78:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:16 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=8fb2f08d5a7b29f8051cd10c7af8c33232d86451fd62fd051df56aa63dd8a56a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:37:32:72:29:74:3b:a3:4b:f2:dd:2f:04:d8: 22:fe:13:f4:78:14:26:92:61:40:1f:64:b7:7c:5c: 95:d8:db:ed:a7:31:4e:18:8e:9e:9c:99:eb:33:76: a1:51:c1:45:16:60:41:1c:f7:c2:d2:20:2d:36:b3: 6f:df:ed:7c:49:76:60:09:89:98:5d:b7:99:76:a0: ad:35:d9:dd:bc:f4:4d:46:54:c2:de:e5:1d:1e:18: 1a:fa:f5:d7:33:62:f4:c3:17:1c:6a:34:f8:b5:4f: 59:6a:7e:6c:89:b4:df:0e:2f:26:c2:09:2c:65:6c: 9f:c1:6a:66:91:f9:5b:bc:9b:8a:d1:8e:c4:b6:27: 81:3e:5f:ac:0e:0b:82:25:83:62:55:d1:cb:d0:6c: cf:a4:20:c1:24:f6:a7:59:32:93:22:55:f6:d6:da: 22:d5:a9:43:4e:5b:37:d4:9c:45:0b:03:66:bc:7e: 59:36:94:d2:95:69:a4:68:dc:dc:90:36:b3:40:0f: 26:45:67:e7:6f:f4:00:93:a1:47:ff:05:8d:30:8e: 7b:b5:8d:f3:28:11:98:3b:91:f6:7c:6a:7a:6e:1a: b0:32:6e:31:41:8d:4e:36:a6:1f:5e:e1:be:80:a6: 10:e0:ae:da:b4:02:73:dd:44:06:15:3c:fb:0c:6a: 38:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:A1:84:60:9F:AF:6D:F5:15:8E:50:50:63:4A:04:E5:2D:A8:7E:0E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:840::/48 Signature Algorithm: sha256WithRSAEncryption 0f:19:7c:48:3a:f2:9f:0e:aa:2f:4d:09:2f:4b:76:b5:f4:1e: ec:8a:96:40:95:01:6d:a0:29:1e:68:2a:55:c5:0d:06:df:1d: 76:9a:1c:26:06:b0:5d:2c:04:aa:3f:ca:81:0e:ee:22:e6:1b: e8:98:64:e3:f0:8f:b4:94:d1:8d:db:c8:82:e9:2e:5c:4c:50: 64:7d:57:4f:27:bc:f1:c6:13:65:0e:65:91:b6:47:f4:51:72: 6c:6c:4d:14:80:0e:e3:7e:c3:7f:98:02:fa:ad:1b:d2:b1:70: 68:14:38:b8:35:7e:d1:8f:6c:9b:dd:8a:a1:0c:8a:1b:e7:d0: 68:63:75:73:dd:66:81:f7:a5:3b:98:d0:1d:36:8d:df:1c:8b: 49:c7:75:ba:2a:f5:b2:2d:44:e9:29:9c:8d:38:ad:94:48:91: 5a:81:ab:e1:b4:e4:13:99:5a:05:39:87:78:81:5d:74:39:b4: e4:99:3d:d9:c9:05:0c:dd:3c:7d:82:f2:a7:c1:c0:0c:07:c0: 38:27:ea:24:49:dc:23:3b:a8:d5:96:9e:59:e1:a0:f7:d7:a4: ad:a5:8b:85:a0:ab:ea:ad:e5:30:d4:56:40:aa:73:12:89:1a: 83:2b:c4:ac:8a:c9:ef:07:9e:10:61:15:5f:89:bb:3f:db:94: dc:6b:62:1d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUOTTttMaNXB9lv6gbRGIjSwrPeI8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMTZaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDhmYjJmMDhkNWE3YjI5ZjgwNTFjZDEwYzdhZjhjMzMyMzJkODY0NTFmZDYy ZmQwNTFkZjU2YWE2M2RkOGE1NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKc3MnIpdDujS/LdLwTYIv4T9HgUJpJhQB9kt3xcldjb7acxThiOnpyZ6zN2 oVHBRRZgQRz3wtIgLTazb9/tfEl2YAmJmF23mXagrTXZ3bz0TUZUwt7lHR4YGvr1 1zNi9MMXHGo0+LVPWWp+bIm03w4vJsIJLGVsn8FqZpH5W7ybitGOxLYngT5frA4L giWDYlXRy9Bsz6QgwST2p1kykyJV9tbaItWpQ05bN9ScRQsDZrx+WTaU0pVppGjc 3JA2s0APJkVn52/0AJOhR/8FjTCOe7WN8ygRmDuR9nxqem4asDJuMUGNTjamH17h voCmEOCu2rQCc91EBhU8+wxqOGUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKoYRg n69t9RWOUFBjSgTlLah+DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjgwNDdkZDctNGM2Ni00ZDhjLTg3ZTUtNzBlZDY4NTljZWY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoI QDANBgkqhkiG9w0BAQsFAAOCAQEADxl8SDrynw6qL00JL0t2tfQe7IqWQJUBbaAp HmgqVcUNBt8ddpocJgawXSwEqj/KgQ7uIuYb6Jhk4/CPtJTRjdvIgukuXExQZH1X Tye88cYTZQ5lkbZH9FFybGxNFIAO437Df5gC+q0b0rFwaBQ4uDV+0Y9sm92KoQyK G+fQaGN1c91mgfelO5jQHTaN3xyLScd1uir1si1E6SmcjTitlEiRWoGr4bTkE5la BTmHeIFddDm05Jk92ckFDN08fYLyp8HADAfAOCfqJEncIzuo1ZaeWeGg99ekraWL haCr6q3lMNRWQKpzEokagyvErIrJ7weeEGEVX4m7P9uU3GtiHQ== -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:23 2025 by rpki-client