This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json) Hash identifier: gkw2e88e0fVbSnIPKbfHPR0XYbsnzBB4Yj+2X3zwyfY= Subject key identifier: 8B:07:B4:34:E0:81:18:D6:3E:2C:3E:A9:BB:17:4D:10:9D:AF:E5:C0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 66F94F33125A339DE8796D056DFA3DF1B504EC04 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa Signing time: Sat 15 Nov 2025 06:00:50 +0000 ROA not before: Sat 15 Nov 2025 06:00:50 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d011:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:f9:4f:33:12:5a:33:9d:e8:79:6d:05:6d:fa:3d:f1:b5:04:ec:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:50 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=ff1d021bfe70417f9610a934ab57f2f35225b6678450d0b5bb1820efd6106189, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:eb:19:06:01:ab:89:e3:d6:9b:7b:0d:b8:87: e7:a8:29:21:29:b3:fe:b6:88:7f:f2:b1:78:41:3c: 7f:0d:41:48:89:57:a0:9e:8a:b3:97:80:83:ac:6a: 19:96:da:bd:06:2e:54:20:63:03:82:24:a3:e8:64: 4b:cb:69:4c:7c:aa:93:41:c8:1d:30:27:cd:cd:7a: 3f:40:5c:d3:04:97:c6:74:fd:e6:71:7e:4d:9e:f2: 72:f2:dc:a2:04:03:63:98:b0:3c:c9:b2:f9:9a:6f: 9e:37:5a:b8:3c:e3:ea:59:c1:df:63:15:fa:6e:33: 44:c7:58:58:f1:91:94:43:aa:b5:03:e7:0c:ef:a7: 84:57:2f:61:1e:d6:45:1f:3c:cd:ef:71:38:16:ee: ea:9e:38:32:9c:27:ea:12:a9:76:c4:82:3f:bc:55: 4f:fc:33:9f:00:7d:e9:ca:5f:0b:6c:c6:47:2b:60: bf:16:b7:5b:b2:1c:5a:e0:33:ab:73:19:52:63:a9: 28:a2:4f:fc:fa:01:e7:dd:35:08:a2:c6:de:4d:7c: c5:3a:1c:c7:af:b6:2b:8c:7a:b7:50:9d:ca:60:a0: 1e:7b:45:3a:65:9e:05:3a:b5:9e:bf:c7:9b:29:79: 22:bc:5b:a8:da:32:c4:44:28:45:ec:18:35:45:fe: db:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:07:B4:34:E0:81:18:D6:3E:2C:3E:A9:BB:17:4D:10:9D:AF:E5:C0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d011:800::/38 Signature Algorithm: sha256WithRSAEncryption 96:bf:3a:66:9d:a3:cd:5d:bb:f5:4c:8b:c5:7e:c3:07:45:57: c7:6f:6d:2e:18:21:43:f8:45:45:92:75:b9:f0:53:11:c6:be: ec:a3:47:5e:4e:1f:7f:cf:6d:dd:6c:5a:db:66:50:49:b9:e1: e1:c9:c4:68:d8:14:47:ca:0a:d1:dd:98:a8:4e:f1:0c:33:a8: 66:ee:eb:c6:9c:32:61:d9:aa:a6:4d:49:2a:0d:fe:0c:56:a4: 7d:cd:7f:db:f5:1b:d2:24:e5:55:e9:6b:f6:01:81:d3:39:5e: 8c:85:89:72:39:20:df:d6:95:b0:8e:7a:c7:fc:d1:18:d4:ae: ec:2f:72:c9:67:0c:2e:c2:d0:60:fe:49:f8:ed:c6:ab:46:c2: 06:b7:dd:1c:12:e2:34:a2:09:bd:a7:c6:00:69:0b:94:96:30: 82:2e:f2:e8:2e:3d:cf:96:16:d9:52:36:7d:21:5c:f5:eb:34: ef:32:3e:ab:86:4b:51:f7:bf:8d:7b:dc:ce:19:3d:7b:7b:8b: ac:1e:2b:97:f0:4d:4c:df:3b:3e:ac:a9:71:55:44:38:69:01: ac:bb:fd:d1:91:be:57:57:67:0d:4e:e5:de:5e:08:93:33:99: 01:8e:d5:26:03:b5:d4:2e:77:b1:b2:c3:82:8b:46:60:1f:66: 1a:8f:52:e9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZvlPMxJaM53oeW0Fbfo98bUE7AQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwNTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGZmMWQwMjFiZmU3MDQxN2Y5NjEwYTkzNGFiNTdmMmYzNTIyNWI2Njc4NDUw ZDBiNWJiMTgyMGVmZDYxMDYxODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzrGQYBq4nj1pt7DbiH56gpISmz/raIf/KxeEE8fw1BSIlXoJ6Ks5eAg6xq GZbavQYuVCBjA4Iko+hkS8tpTHyqk0HIHTAnzc16P0Bc0wSXxnT95nF+TZ7ycvLc ogQDY5iwPMmy+ZpvnjdauDzj6lnB32MV+m4zRMdYWPGRlEOqtQPnDO+nhFcvYR7W RR88ze9xOBbu6p44Mpwn6hKpdsSCP7xVT/wznwB96cpfC2zGRytgvxa3W7IcWuAz q3MZUmOpKKJP/PoB5901CKLG3k18xTocx6+2K4x6t1CdymCgHntFOmWeBTq1nr/H myl5IrxbqNoyxEQoRewYNUX+2xMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLB7Q0 4IEY1j4sPqm7F00Qna/lwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI MA0GCSqGSIb3DQEBCwUAA4IBAQCWvzpmnaPNXbv1TIvFfsMHRVfHb20uGCFD+EVF knW58FMRxr7so0deTh9/z23dbFrbZlBJueHhycRo2BRHygrR3ZioTvEMM6hm7uvG nDJh2aqmTUkqDf4MVqR9zX/b9RvSJOVV6Wv2AYHTOV6MhYlyOSDf1pWwjnrH/NEY 1K7sL3LJZwwuwtBg/kn47carRsIGt90cEuI0ogm9p8YAaQuUljCCLvLoLj3PlhbZ UjZ9IVz16zTvMj6rhktR97+Ne9zOGT17e4usHiuX8E1M3zs+rKlxVUQ4aQGsu/3R kb5XV2cNTuXeXgiTM5kBjtUmA7XULnexssOCi0ZgH2Yaj1Lp -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:51 2025 by rpki-client