This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json) Hash identifier: pQyvz1bDKaQcB0NKdY1phhzZfbUR5VYqC5I+sBb/DxE= Subject key identifier: 51:E1:BB:0E:5D:C1:1B:23:35:DA:0E:80:02:C4:DC:F6:0A:16:02:29 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7F2513C76AB0A78C763448D6FC15CA64DFAC2B8F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa Signing time: Sat 15 Nov 2025 06:30:31 +0000 ROA not before: Sat 15 Nov 2025 06:30:31 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:25:13:c7:6a:b0:a7:8c:76:34:48:d6:fc:15:ca:64:df:ac:2b:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:31 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4ff5f25c085ebade3ce20c218cb07d1b2183fff21509167be3ce49c39cc5cd35, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2e:0d:8d:10:37:bd:93:88:c5:a2:fc:23:4e: 85:27:c8:24:01:58:8b:6c:8a:d1:81:d9:5e:48:a5: a8:16:97:cc:0a:91:0d:4b:00:3f:bd:f1:fe:23:ac: b2:12:84:4d:1d:50:3b:b1:38:79:fa:2b:52:4a:43: 35:f8:bf:95:32:c7:98:5f:0c:2b:b4:b5:30:36:53: 8b:18:e9:5f:9b:ff:03:48:c0:34:64:78:c2:c3:ce: 43:89:c0:ef:7b:79:bc:8b:65:67:5e:74:0d:fd:4f: 29:75:1f:ce:33:60:46:be:08:bc:74:17:9d:ec:74: 68:46:c0:b7:7a:63:f1:fe:d4:00:3a:45:09:da:36: e4:e5:15:52:41:d7:85:e0:6e:9b:09:4f:35:a2:c9: 84:09:fa:6c:bb:6f:b9:9a:6b:c1:13:2a:29:91:c2: 6f:0d:72:22:88:a4:ff:bc:a8:3a:fc:b4:a7:aa:c6: b1:62:b4:60:29:28:1f:a8:16:cf:eb:9a:76:02:ec: cc:8d:d0:53:81:b7:d5:8a:f9:c1:2f:4e:52:32:89: 9d:ff:96:ba:a9:ed:46:34:1c:c0:c1:10:e8:a8:6e: d1:ea:81:12:e0:11:cc:52:30:db:7b:16:c8:9c:20: c1:a9:5e:39:2a:08:7c:f6:69:1f:9e:2c:28:63:37: fe:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:E1:BB:0E:5D:C1:1B:23:35:DA:0E:80:02:C4:DC:F6:0A:16:02:29 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:9080::/48 Signature Algorithm: sha256WithRSAEncryption 7f:c8:5e:f6:8f:7c:28:ec:24:81:e4:9b:f1:b8:8a:80:e7:da: 4e:5e:e5:91:1c:c0:eb:76:ae:80:10:e8:cd:b8:d7:0b:cc:41: 87:74:ad:1d:41:2b:83:e9:8d:54:d4:77:73:f8:08:76:ea:8d: ce:e5:87:72:02:f3:30:9a:bb:c5:e5:48:55:79:a8:51:79:48: 7f:3b:80:3b:72:4f:8f:d3:6c:8a:9f:c3:71:72:5f:67:2f:15: 29:10:c5:a7:6e:1d:da:15:1d:f1:f5:67:d4:9a:28:a5:9b:da: 47:22:8a:31:a6:7e:50:b1:54:74:4a:66:20:f4:7e:06:3a:ff: 34:09:92:ff:59:d8:c2:69:54:65:c2:8e:ac:1b:63:74:22:89: 9e:d9:58:25:9e:2a:db:b9:d8:3d:cf:44:07:a3:9c:19:c1:33: 01:6c:9c:bc:83:82:76:70:16:2f:1c:43:95:0c:90:05:dd:56: e5:64:8b:00:85:ea:8b:02:e5:a1:85:e5:d1:29:50:e6:c1:a5: 45:1f:97:f7:cb:01:c8:09:a8:84:d4:c8:62:f4:37:e7:70:45: fa:79:39:0e:73:88:4a:74:3c:90:fc:95:2e:35:cd:9c:5e:d0: 3c:a7:52:dc:e5:32:aa:04:a4:c6:38:05:7d:34:4f:4a:5b:11: 4d:a5:45:49 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUfyUTx2qwp4x2NEjW/BXKZN+sK48wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMzFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDRmZjVmMjVjMDg1ZWJhZGUzY2UyMGMyMThjYjA3ZDFiMjE4M2ZmZjIxNTA5 MTY3YmUzY2U0OWMzOWNjNWNkMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAuDY0QN72TiMWi/CNOhSfIJAFYi2yK0YHZXkilqBaXzAqRDUsAP73x/iOs shKETR1QO7E4eforUkpDNfi/lTLHmF8MK7S1MDZTixjpX5v/A0jANGR4wsPOQ4nA 73t5vItlZ150Df1PKXUfzjNgRr4IvHQXnex0aEbAt3pj8f7UADpFCdo25OUVUkHX heBumwlPNaLJhAn6bLtvuZprwRMqKZHCbw1yIoik/7yoOvy0p6rGsWK0YCkoH6gW z+uadgLszI3QU4G31Yr5wS9OUjKJnf+WuqntRjQcwMEQ6Khu0eqBEuARzFIw23sW yJwgwaleOSoIfPZpH54sKGM3/o8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRR4bsO XcEbIzXaDoACxNz2ChYCKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ gDANBgkqhkiG9w0BAQsFAAOCAQEAf8he9o98KOwkgeSb8biKgOfaTl7lkRzA63au gBDozbjXC8xBh3StHUErg+mNVNR3c/gIduqNzuWHcgLzMJq7xeVIVXmoUXlIfzuA O3JPj9Nsip/DcXJfZy8VKRDFp24d2hUd8fVn1JoopZvaRyKKMaZ+ULFUdEpmIPR+ Bjr/NAmS/1nYwmlUZcKOrBtjdCKJntlYJZ4q27nYPc9EB6OcGcEzAWycvIOCdnAW LxxDlQyQBd1W5WSLAIXqiwLloYXl0SlQ5sGlRR+X98sByAmohNTIYvQ353BF+nk5 DnOISnQ8kPyVLjXNnF7QPKdS3OUyqgSkxjgFfTRPSlsRTaVFSQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:46 2025 by rpki-client