This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json) Hash identifier: CayZzV1DlzIZD7BEhAtgFerXVh/CnLxdcMdA77CVBH8= Subject key identifier: 65:36:FD:93:44:33:9D:56:D8:3A:5E:DD:48:7F:A0:F2:35:FD:2E:71 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1F6CCF4FA9FB8F0117AC939F7938FAD13730E643 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa Signing time: Wed 10 Dec 2025 06:01:21 +0000 ROA not before: Wed 10 Dec 2025 06:01:21 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:6c:cf:4f:a9:fb:8f:01:17:ac:93:9f:79:38:fa:d1:37:30:e6:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:21 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=35427efa8a83c82ec89d07decf73d281b7b61f8662aed7cabb5b728f714ba3c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:da:b6:01:06:a6:ce:42:52:82:f2:96:9a:96: 1e:b3:6a:54:03:96:3c:07:fe:d1:aa:5d:23:ac:f9: ce:27:16:a4:c5:39:68:42:cf:b9:3d:de:f1:3e:23: cf:21:21:48:db:73:6c:0e:b2:1c:8a:5b:50:91:47: fb:46:16:88:32:1e:6a:f8:fc:43:56:05:9c:c9:7a: 05:ca:d1:45:81:7d:ab:82:25:eb:42:4c:4b:33:35: 3c:ac:74:50:55:65:f8:f9:7f:ba:a5:63:ee:bc:8f: 70:e1:3e:04:e1:36:5f:e1:b7:3a:90:81:67:f4:51: ee:67:1e:b7:c7:e1:9a:e6:d4:69:bf:1d:49:b3:0c: 4a:06:e7:3c:7e:dc:9e:ca:ee:ef:e4:ab:e7:e6:64: 20:3c:a3:b6:57:d1:4c:12:b9:65:12:d5:f4:b9:ec: aa:12:2f:26:4f:b0:84:91:eb:c3:8c:1e:ec:d3:8b: fe:e8:db:09:63:67:c0:c5:b0:23:14:ce:53:a0:03: 1b:3c:07:c6:c3:9d:c1:a0:fb:12:f5:c5:d6:b5:93: 69:63:41:bb:b6:9f:97:39:20:90:8d:91:bc:79:78: 16:57:34:97:ef:8c:c0:f0:a5:77:dc:cd:d7:96:b9: 2b:e0:9c:4c:e6:af:7e:40:d6:d4:cf:e9:a3:6a:e9: 2f:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:36:FD:93:44:33:9D:56:D8:3A:5E:DD:48:7F:A0:F2:35:FD:2E:71 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:a000::/40 Signature Algorithm: sha256WithRSAEncryption 06:ca:aa:82:94:e3:15:ac:c1:66:fd:bf:d1:54:69:24:d9:c9: 2c:5d:97:a5:8d:24:0e:c2:84:36:4a:47:98:47:00:17:2d:b8: 26:3c:be:2d:f1:62:9a:67:35:e4:e6:de:21:ab:b8:6c:da:74: f1:bc:f1:21:63:77:9a:56:5e:f9:43:a5:a8:e6:ae:69:ff:3f: 73:c6:d7:88:e7:0d:b4:be:7d:1c:7c:62:e4:e5:cd:ab:9c:2b: c8:0d:88:b0:0f:12:0c:97:ea:44:95:cc:d4:2a:d9:72:ad:82: f5:38:53:82:b5:4e:c6:b9:92:11:76:0c:3e:a7:cf:a6:c8:8c: 7b:e1:4f:0b:88:7b:78:79:48:7a:6b:3d:63:da:d0:e7:ed:6f: 2b:c4:e1:89:78:17:0e:3d:39:55:8e:f2:6e:ca:4a:13:43:ee: 55:c0:6a:77:83:1c:36:a6:29:f0:4c:1f:12:7f:95:cf:58:07: ec:88:0e:aa:16:ee:52:9b:d1:0f:50:fd:91:23:dc:16:99:b0: 11:94:05:a6:2b:4d:d3:10:7e:13:70:0d:99:71:a8:5b:00:26: 1c:96:85:1d:5f:45:05:29:6c:56:fa:2b:55:c3:4d:c4:de:38: c6:06:be:5a:1a:aa:64:55:d6:3c:e6:65:51:7b:05:96:cd:90: 8a:49:37:ef -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUH2zPT6n7jwEXrJOfeTj60Tcw5kMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMjFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDM1NDI3ZWZhOGE4M2M4MmVjODlkMDdkZWNmNzNkMjgxYjdiNjFmODY2MmFl ZDdjYWJiNWI3MjhmNzE0YmEzYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN7atgEGps5CUoLylpqWHrNqVAOWPAf+0apdI6z5zicWpMU5aELPuT3e8T4j zyEhSNtzbA6yHIpbUJFH+0YWiDIeavj8Q1YFnMl6BcrRRYF9q4Il60JMSzM1PKx0 UFVl+Pl/uqVj7ryPcOE+BOE2X+G3OpCBZ/RR7mcet8fhmubUab8dSbMMSgbnPH7c nsru7+Sr5+ZkIDyjtlfRTBK5ZRLV9LnsqhIvJk+whJHrw4we7NOL/ujbCWNnwMWw IxTOU6ADGzwHxsOdwaD7EvXF1rWTaWNBu7aflzkgkI2RvHl4Flc0l++MwPCld9zN 15a5K+CcTOavfkDW1M/po2rpL6UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlNv2T RDOdVtg6Xt1If6DyNf0ucTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g MA0GCSqGSIb3DQEBCwUAA4IBAQAGyqqClOMVrMFm/b/RVGkk2cksXZeljSQOwoQ2 SkeYRwAXLbgmPL4t8WKaZzXk5t4hq7hs2nTxvPEhY3eaVl75Q6Wo5q5p/z9zxteI 5w20vn0cfGLk5c2rnCvIDYiwDxIMl+pElczUKtlyrYL1OFOCtU7GuZIRdgw+p8+m yIx74U8LiHt4eUh6az1j2tDn7W8rxOGJeBcOPTlVjvJuykoTQ+5VwGp3gxw2pinw TB8Sf5XPWAfsiA6qFu5Sm9EPUP2RI9wWmbARlAWmK03TEH4TcA2ZcahbACYcloUd X0UFKWxW+itVw03E3jjGBr5aGqpkVdY85mVRewWWzZCKSTfv -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:37 2025 by rpki-client