This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbba23f6-dc95-4602-8972-c409631731f1.roa File: bbba23f6-dc95-4602-8972-c409631731f1.roa (raw, json) Hash identifier: P0fh3tyHL4JV1IQwsDBNEcYQCdVJoDMHU3KOJXCFPXI= Subject key identifier: 28:68:ED:8C:02:5A:04:23:01:0A:3A:F3:5D:E4:95:56:5B:D2:C8:15 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 62D6339B73FA28D9CA5BDFC8F527F91CF1633D10 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbba23f6-dc95-4602-8972-c409631731f1.roa Signing time: Sat 29 Nov 2025 03:00:10 +0000 ROA not before: Sat 29 Nov 2025 03:00:10 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d074:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:d6:33:9b:73:fa:28:d9:ca:5b:df:c8:f5:27:f9:1c:f1:63:3d:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:10 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=2fc4d3bfd79602cc0436bce9798c4fff723ce472d52bf99b8fc51635e96002a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0f:70:1b:79:b9:23:8a:17:d1:b8:34:28:d7: 91:a5:ef:c4:e1:3b:6c:07:e0:b6:ce:05:43:d6:53: 15:36:ee:08:4c:69:e5:dc:d3:90:4e:ec:0b:e5:f0: 01:97:4a:33:c1:8b:7f:66:17:08:75:d1:d5:0c:2c: f8:16:58:13:1c:24:57:71:74:13:29:60:cf:af:b2: 75:be:34:c6:31:1e:3a:05:47:ce:f2:af:d7:31:b8: 99:8c:24:d6:3d:77:c3:e1:81:0f:9e:71:12:52:81: 99:3c:65:7f:c0:72:f5:68:e6:80:8e:d0:ea:74:a7: 60:93:6c:a9:41:ac:31:01:ee:34:be:c2:54:b4:cb: 87:65:dc:5d:3a:17:80:03:70:d3:4c:da:ce:5a:41: 82:4c:64:3f:dc:07:bd:fd:b9:e5:9b:a9:27:fb:98: 3d:7a:ce:eb:11:95:12:50:8d:e6:ed:48:e2:89:1e: 5b:71:81:a6:66:c6:79:b5:89:5e:cd:73:52:0a:3f: 69:1d:6c:06:ca:e6:5e:8e:97:77:83:6f:2f:aa:cc: a9:4b:b3:08:2d:d5:b8:ec:00:75:1d:6f:18:6b:f0: f9:1b:e1:01:8b:c3:9b:d3:fa:7b:96:71:41:f5:bf: b0:f3:e6:1b:bd:a8:4d:a4:31:8e:5c:d1:96:4b:92: 39:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:68:ED:8C:02:5A:04:23:01:0A:3A:F3:5D:E4:95:56:5B:D2:C8:15 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbba23f6-dc95-4602-8972-c409631731f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:800::/40 Signature Algorithm: sha256WithRSAEncryption 03:d4:bb:2c:2d:5d:10:80:23:f3:e3:83:73:a5:a3:f5:5f:49: 40:38:aa:92:0a:1b:ab:53:3a:2c:39:0f:fa:c8:1b:24:fa:20: 11:9b:7f:f0:6a:66:40:94:7b:28:9f:43:9e:23:aa:2d:77:76: 5b:75:19:48:2a:1a:9e:55:9c:3c:a1:69:2a:2b:08:1c:74:87: 14:a4:c2:f7:7a:85:f0:d0:c2:99:c0:01:a8:36:d4:11:8c:dc: 76:75:a2:df:df:5f:4f:80:31:cb:f0:cc:84:11:e9:54:97:88: 22:c7:df:1a:f9:13:19:77:9b:61:9b:8b:e6:59:d7:61:05:7b: 4f:03:aa:96:dc:1d:6c:67:2b:45:71:91:74:b1:4a:0c:2e:94: 21:9b:d5:ec:8f:08:da:6d:eb:62:cf:bf:28:1a:30:e0:b1:f2: 51:0d:a4:c5:d0:65:69:30:3f:1e:2d:4b:9a:f7:7e:89:ec:cf: ce:19:1f:21:d0:3c:6f:90:4a:da:46:f5:32:70:12:87:d8:97: d8:f4:de:c2:24:7f:e1:5c:10:43:b0:cc:e7:32:72:9d:45:ee: 6a:a5:73:28:ba:a6:8b:83:2b:e4:2f:7a:83:44:81:24:f0:b3: 5b:4c:73:ff:7f:47:1c:44:8b:85:a8:c1:bc:f6:ab:b2:e5:45: 0d:b0:f2:d0 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYtYzm3P6KNnKW9/I9Sf5HPFjPRAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMTBaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDJmYzRkM2JmZDc5NjAyY2MwNDM2YmNlOTc5OGM0ZmZmNzIzY2U0NzJkNTJi Zjk5YjhmYzUxNjM1ZTk2MDAyYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMkPcBt5uSOKF9G4NCjXkaXvxOE7bAfgts4FQ9ZTFTbuCExp5dzTkE7sC+Xw AZdKM8GLf2YXCHXR1Qws+BZYExwkV3F0Eylgz6+ydb40xjEeOgVHzvKv1zG4mYwk 1j13w+GBD55xElKBmTxlf8By9WjmgI7Q6nSnYJNsqUGsMQHuNL7CVLTLh2XcXToX gANw00zazlpBgkxkP9wHvf255ZupJ/uYPXrO6xGVElCN5u1I4okeW3GBpmbGebWJ Xs1zUgo/aR1sBsrmXo6Xd4NvL6rMqUuzCC3VuOwAdR1vGGvw+RvhAYvDm9P6e5Zx QfW/sPPmG72oTaQxjlzRlkuSOZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoaO2M AloEIwEKOvNd5JVWW9LIFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmJiYTIzZjYtZGM5NS00NjAyLTg5NzItYzQwOTYzMTczMWYxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI MA0GCSqGSIb3DQEBCwUAA4IBAQAD1LssLV0QgCPz44NzpaP1X0lAOKqSChurUzos OQ/6yBsk+iARm3/wamZAlHson0OeI6otd3ZbdRlIKhqeVZw8oWkqKwgcdIcUpML3 eoXw0MKZwAGoNtQRjNx2daLf319PgDHL8MyEEelUl4gix98a+RMZd5thm4vmWddh BXtPA6qW3B1sZytFcZF0sUoMLpQhm9Xsjwjabetiz78oGjDgsfJRDaTF0GVpMD8e LUua936J7M/OGR8h0DxvkEraRvUycBKH2JfY9N7CJH/hXBBDsMznMnKdRe5qpXMo uqaLgyvkL3qDRIEk8LNbTHP/f0ccRIuFqMG89quy5UUNsPLQ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:00 2025 by rpki-client