This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa File: cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa (raw, json) Hash identifier: F78E020l/NNuxQqLdTnel3hMKY6qYH7zk8AV7cGGHCM= Subject key identifier: 56:D6:88:11:20:B4:EA:05:CC:D3:65:40:A7:91:6D:4B:57:EF:33:6F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 157A31ED14B7E0A474F87137C13C4B22CEBEB82F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa Signing time: Tue 25 Nov 2025 20:01:04 +0000 ROA not before: Tue 25 Nov 2025 20:01:04 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:8040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:7a:31:ed:14:b7:e0:a4:74:f8:71:37:c1:3c:4b:22:ce:be:b8:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:01:04 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=3506be0c970cbb9acddc1605be022b39e4eeead64dbf1dc6a02c04c021c4a64c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:79:23:a1:09:9e:b2:2b:ea:aa:51:d8:b9:a1: 59:da:13:81:0f:2c:4f:7a:d7:71:5b:fb:6e:ac:39: 37:be:8a:d3:52:01:91:59:17:e2:92:af:ff:56:de: 22:85:57:3a:26:da:30:98:8c:b6:3f:ca:22:c5:1e: 39:68:56:d4:93:90:5e:ba:45:b5:ff:50:f3:73:96: 4e:f6:39:64:f4:7c:da:3f:6a:33:f3:dc:db:36:50: 21:26:6d:36:05:ab:3b:fd:ba:5a:5a:32:58:1f:53: 93:ba:03:ea:75:38:6b:5b:fc:33:4f:09:e3:40:2b: 89:93:f0:f4:57:e2:17:ad:ec:1b:20:e0:3f:5d:de: ad:3b:1c:09:2e:72:e7:cd:d4:c8:5e:83:58:85:a2: aa:8b:95:0a:a6:d7:9d:44:e0:9b:19:af:2d:5c:8a: f5:71:e9:86:59:b9:d8:46:76:97:bd:03:72:cd:d1: b8:1f:b6:59:9c:4d:2f:36:05:6c:2b:14:8b:db:25: b7:32:0d:17:7d:3c:a7:89:df:b7:d3:d2:d2:90:c6: 88:9f:1b:2f:79:9a:b0:c4:07:6d:2c:ec:5d:ef:81: 1d:7a:a5:52:37:75:07:84:af:e9:9c:b9:b4:ef:ac: d0:a8:6c:bb:91:b7:ca:c4:5f:ca:68:ff:7c:d0:6c: f4:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:D6:88:11:20:B4:EA:05:CC:D3:65:40:A7:91:6D:4B:57:EF:33:6F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:8040::/46 Signature Algorithm: sha256WithRSAEncryption a2:24:c2:dd:75:e5:b1:29:c0:58:53:9f:7a:8e:2d:1f:0d:b7: 89:77:dc:e6:f7:c7:f2:1c:45:82:61:87:1a:1e:69:1c:5e:52: 40:4e:de:e5:03:c0:24:4b:99:92:cc:fa:d8:1f:fa:f7:1c:3f: 30:71:79:5e:23:d3:28:a7:d7:a6:51:06:0b:0b:55:ae:2c:d7: 68:b5:86:82:05:ba:82:9b:21:45:69:7e:47:da:92:78:53:17: 50:21:18:54:f7:65:07:dd:c4:eb:18:f5:b5:fa:cc:ce:65:f0: 37:a2:77:60:56:2a:10:82:27:29:2a:27:cf:5a:b0:c4:4a:c6: 8d:ca:4d:4a:3c:78:08:67:7e:c6:22:2e:df:d4:24:ae:7f:66: 19:3f:c9:12:81:fb:8a:4a:a4:25:9b:84:b7:30:17:de:52:75: 8a:70:6f:85:0a:ff:fa:53:86:f4:8e:08:b4:8b:85:d1:5f:03: c8:43:7d:77:2f:b9:52:2b:05:c8:8c:87:74:e5:23:37:de:85: 8d:57:2a:0f:81:a4:21:3b:99:d0:58:b9:c8:6b:8b:28:4e:e8: 0d:c6:98:16:ff:c0:fd:bb:4f:7d:8d:59:96:b7:b0:50:ae:f2: ce:44:46:0f:49:8e:53:be:4b:21:9b:e4:df:49:3a:7c:08:79: 1d:c8:31:6a -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFXox7RS34KR0+HE3wTxLIs6+uC8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAxMDRaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDM1MDZiZTBjOTcwY2JiOWFjZGRjMTYwNWJlMDIyYjM5ZTRlZWVhZDY0ZGJm MWRjNmEwMmMwNGMwMjFjNGE2NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKV5I6EJnrIr6qpR2LmhWdoTgQ8sT3rXcVv7bqw5N76K01IBkVkX4pKv/1be IoVXOibaMJiMtj/KIsUeOWhW1JOQXrpFtf9Q83OWTvY5ZPR82j9qM/Pc2zZQISZt NgWrO/26WloyWB9Tk7oD6nU4a1v8M08J40AriZPw9FfiF63sGyDgP13erTscCS5y 583UyF6DWIWiqouVCqbXnUTgmxmvLVyK9XHphlm52EZ2l70Dcs3RuB+2WZxNLzYF bCsUi9sltzINF308p4nft9PS0pDGiJ8bL3masMQHbSzsXe+BHXqlUjd1B4Sv6Zy5 tO+s0Khsu5G3ysRfymj/fNBs9GkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRW1ogR ILTqBczTZUCnkW1LV+8zbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2NlYWZkZjQtYzk3YS00NWM2LWE0ZDItYjMxOWFmYzZmNDllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA QDANBgkqhkiG9w0BAQsFAAOCAQEAoiTC3XXlsSnAWFOfeo4tHw23iXfc5vfH8hxF gmGHGh5pHF5SQE7e5QPAJEuZksz62B/69xw/MHF5XiPTKKfXplEGCwtVrizXaLWG ggW6gpshRWl+R9qSeFMXUCEYVPdlB93E6xj1tfrMzmXwN6J3YFYqEIInKSonz1qw xErGjcpNSjx4CGd+xiIu39Qkrn9mGT/JEoH7ikqkJZuEtzAX3lJ1inBvhQr/+lOG 9I4ItIuF0V8DyEN9dy+5UisFyIyHdOUjN96FjVcqD4GkITuZ0Fi5yGuLKE7oDcaY Fv/A/btPfY1ZlrewUK7yzkRGD0mOU75LIZvk30k6fAh5Hcgxag== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:46 2025 by rpki-client