This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json) Hash identifier: yxKNznx1tukHYHWxQOYqDiDT4AM5xA6KZKXazFL5nkU= Subject key identifier: EB:4A:80:F3:77:3F:DC:6A:56:57:60:DF:52:14:19:B1:0B:DE:07:DA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1684D9F6E828B4713FA89AA52C4B4C7FC5C66BB2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa Signing time: Tue 02 Dec 2025 01:50:51 +0000 ROA not before: Tue 02 Dec 2025 01:50:51 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d030:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:84:d9:f6:e8:28:b4:71:3f:a8:9a:a5:2c:4b:4c:7f:c5:c6:6b:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:51 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=02a04630d1c531fe8dfa6e08e25ea4575c1f14256d362a9a5cd4518636991c62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:1b:8b:3e:a4:11:f8:9b:1a:2e:30:b9:b5:51: e6:ac:17:2d:21:04:cc:bb:9c:2a:28:87:9b:9c:64: a7:3f:6f:e8:07:40:84:6c:06:a1:c7:c3:49:e7:c5: c1:85:ae:09:46:1e:81:ef:39:93:4e:c8:09:81:28: e4:8a:5d:c4:00:d0:b4:d1:c9:ff:ef:9e:20:01:ab: 58:d6:bb:22:00:ec:ea:a4:83:a0:5a:30:95:34:da: 2d:f7:00:e6:9e:e6:6f:fe:be:d8:41:f7:26:74:91: 4a:fb:50:90:d1:04:99:43:4d:c2:92:8b:10:30:80: c2:c7:ec:e4:51:3a:b3:3f:76:ad:7c:fd:8b:a5:af: 29:ae:4e:d2:59:54:b2:be:3c:01:c4:fe:21:32:c2: 8e:b3:d5:39:4d:d2:87:2d:6a:29:59:02:23:4d:3b: c7:85:62:0c:07:72:7e:52:35:2b:3a:90:99:44:b3: 7c:83:5e:84:31:ef:a6:38:99:18:dc:be:69:30:c2: 50:7b:6f:bd:ea:98:bd:76:02:df:6b:8f:0b:4a:33: d3:bd:b1:76:24:5f:50:c2:09:5d:29:ff:cf:83:61: b1:2b:98:4d:32:eb:fd:af:88:4b:d9:9f:fa:2f:cb: 7c:c8:b5:d9:84:30:da:fb:f0:18:ed:91:0a:43:2d: f0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:4A:80:F3:77:3F:DC:6A:56:57:60:DF:52:14:19:B1:0B:DE:07:DA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:2000::/40 Signature Algorithm: sha256WithRSAEncryption 99:80:dd:0c:08:cc:3e:ee:f8:a5:d6:31:5c:20:3f:d8:be:83: d6:f2:55:d5:29:b7:7f:d2:da:69:75:02:ce:c8:89:a5:68:18: 11:31:5d:12:8a:4d:b7:31:24:3b:42:b9:dc:a1:c6:f2:76:d4: 66:77:00:61:bb:44:fc:f5:ed:9a:b8:e4:02:5a:5b:15:13:f5: 79:5f:4e:22:47:14:cb:b8:09:64:45:1b:fd:a3:1d:08:6b:9b: ab:34:cf:d3:af:5e:08:cc:1f:30:c4:5d:f1:f9:84:5a:21:8f: 94:b0:4d:2e:1d:78:69:8d:7f:54:aa:17:72:24:ba:0c:f9:68: 6c:20:76:96:ea:22:cc:84:50:af:48:64:37:05:b3:2d:0e:cb: 5b:7d:dd:04:72:6c:bc:4d:e2:cb:79:6f:33:d4:8b:7c:7a:5b: f2:30:12:af:b9:e4:e2:a8:42:37:c6:3d:af:a8:79:5b:aa:84: 4d:fc:9e:52:42:dc:81:0b:d7:52:76:e3:fe:3c:8b:60:95:8b: 37:34:f6:60:df:2f:94:48:01:f7:0f:d7:05:cc:d6:bf:5b:4e: a1:7f:39:ae:3f:bc:39:0c:bd:5f:d6:f5:52:7c:f9:ce:44:7f: 92:f6:92:b7:b3:f8:45:86:ba:f5:4b:36:14:17:86:fe:ce:f0: c2:62:4c:c9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFoTZ9ugotHE/qJqlLEtMf8XGa7IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwNTFaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDAyYTA0NjMwZDFjNTMxZmU4ZGZhNmUwOGUyNWVhNDU3NWMxZjE0MjU2ZDM2 MmE5YTVjZDQ1MTg2MzY5OTFjNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN4biz6kEfibGi4wubVR5qwXLSEEzLucKiiHm5xkpz9v6AdAhGwGocfDSefF wYWuCUYege85k07ICYEo5IpdxADQtNHJ/++eIAGrWNa7IgDs6qSDoFowlTTaLfcA 5p7mb/6+2EH3JnSRSvtQkNEEmUNNwpKLEDCAwsfs5FE6sz92rXz9i6WvKa5O0llU sr48AcT+ITLCjrPVOU3Shy1qKVkCI007x4ViDAdyflI1KzqQmUSzfINehDHvpjiZ GNy+aTDCUHtvveqYvXYC32uPC0oz072xdiRfUMIJXSn/z4NhsSuYTTLr/a+IS9mf +i/LfMi12YQw2vvwGO2RCkMt8D8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrSoDz dz/calZXYN9SFBmxC94H2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg MA0GCSqGSIb3DQEBCwUAA4IBAQCZgN0MCMw+7vil1jFcID/YvoPW8lXVKbd/0tpp dQLOyImlaBgRMV0Sik23MSQ7QrncocbydtRmdwBhu0T89e2auOQCWlsVE/V5X04i RxTLuAlkRRv9ox0Ia5urNM/Tr14IzB8wxF3x+YRaIY+UsE0uHXhpjX9UqhdyJLoM +WhsIHaW6iLMhFCvSGQ3BbMtDstbfd0Ecmy8TeLLeW8z1It8elvyMBKvueTiqEI3 xj2vqHlbqoRN/J5SQtyBC9dSduP+PItglYs3NPZg3y+USAH3D9cFzNa/W06hfzmu P7w5DL1f1vVSfPnORH+S9pK3s/hFhrr1SzYUF4b+zvDCYkzJ -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:51 2025 by rpki-client