This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json) Hash identifier: 571peOT6yrHQZ5W5aq2JPInjpljwjBD1WTpkJiab7M8= Subject key identifier: 33:26:E2:FF:A8:EA:58:86:FF:BF:65:FB:E5:76:E2:CD:E5:B9:FA:21 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 799C3D12256BFDF77FA31B35A920F5AEF9B3DCFF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa Signing time: Sat 15 Nov 2025 06:00:49 +0000 ROA not before: Sat 15 Nov 2025 06:00:49 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:9c:3d:12:25:6b:fd:f7:7f:a3:1b:35:a9:20:f5:ae:f9:b3:dc:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:49 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=911246bd3d04925c159eef2f793b1be1ddc0c28a085bbb75cd47e5ec209a6168, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6b:73:54:cd:e4:4f:65:a6:1f:0f:65:2b:1c: 94:1d:94:7f:b0:18:ae:e3:c6:8d:7e:28:40:14:51: 61:28:cf:a6:03:74:15:a3:0b:44:d7:83:05:e3:ec: fe:9b:17:c4:f1:ec:92:16:b7:7f:53:69:70:68:d4: cc:79:2a:20:6f:de:f3:93:b0:32:15:71:e5:ed:9b: 4e:f6:d3:48:70:dc:96:06:e1:00:0e:ba:1c:0b:24: 72:f8:f9:5f:3c:08:13:5f:eb:d7:b5:38:3f:9a:eb: a7:28:e2:8a:d3:5c:c9:b9:57:c2:f0:6d:19:f5:9f: 64:51:91:f1:cf:38:99:c8:f6:be:3f:d0:27:63:52: c7:a1:5f:88:2c:14:38:c6:14:25:5b:e3:3e:bd:bc: 4a:07:98:a7:8d:0a:21:dd:77:58:da:d8:16:60:cd: c7:2b:33:8b:28:fd:e4:03:eb:98:48:32:da:a1:25: 52:29:11:bf:de:88:42:f2:0c:fd:30:41:57:3b:a7: b4:2f:92:24:9d:6c:ea:d2:b4:7f:e0:40:e5:98:e0: fc:f6:39:d5:52:0b:6f:7d:e8:2d:c7:78:0c:01:f5: e7:bd:26:d4:da:d6:e2:55:a1:4d:14:2b:c1:44:aa: 72:cf:af:e6:d3:71:e3:2e:cb:5f:71:5e:f5:bd:51: 58:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:26:E2:FF:A8:EA:58:86:FF:BF:65:FB:E5:76:E2:CD:E5:B9:FA:21 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:a000::/40 Signature Algorithm: sha256WithRSAEncryption a6:ef:c8:ce:3b:79:15:70:2f:44:ee:88:3a:90:57:4c:f3:39: 1f:b4:35:e6:0f:90:ae:70:10:b7:a2:78:f0:e2:28:d3:aa:3a: 2e:d6:1a:21:80:a8:1d:62:0d:49:92:51:fb:f9:a3:a0:9e:2b: d4:9c:48:8a:da:41:fc:77:a9:91:56:62:7f:80:20:a0:3e:7a: 3c:77:b0:53:55:fe:7f:08:c6:dc:de:4c:0b:c7:47:3d:3c:13: ec:05:eb:01:6f:22:fd:55:cd:39:5c:71:7a:b8:fb:c1:e4:db: 92:17:54:df:a9:17:e1:46:4f:f5:5b:a7:08:fb:60:6e:c4:2b: 79:25:78:3f:77:41:a5:ec:cc:85:60:0e:23:eb:49:be:18:70: 16:1b:a4:ae:85:1c:81:e4:90:7d:b4:1d:b9:76:0a:88:e3:2c: aa:28:56:ef:ce:96:c7:47:b2:44:74:90:46:c8:b7:03:f1:ca: 6c:90:86:22:61:5d:e5:e6:2a:63:c0:23:17:7b:c4:80:03:92: 0d:f6:0c:14:5f:3d:6e:ee:2e:59:ab:17:07:05:42:4e:02:90: df:8e:22:73:11:b2:fe:2f:99:8a:59:1b:14:95:f1:cc:b6:88: f5:0d:cf:61:86:a1:54:5e:fc:eb:31:ec:ed:71:b1:4e:59:a8: 8e:70:50:49 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUeZw9EiVr/fd/oxs1qSD1rvmz3P8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwNDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDkxMTI0NmJkM2QwNDkyNWMxNTllZWYyZjc5M2IxYmUxZGRjMGMyOGEwODVi YmI3NWNkNDdlNWVjMjA5YTYxNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNrc1TN5E9lph8PZSsclB2Uf7AYruPGjX4oQBRRYSjPpgN0FaMLRNeDBePs /psXxPHskha3f1NpcGjUzHkqIG/e85OwMhVx5e2bTvbTSHDclgbhAA66HAskcvj5 XzwIE1/r17U4P5rrpyjiitNcyblXwvBtGfWfZFGR8c84mcj2vj/QJ2NSx6FfiCwU OMYUJVvjPr28SgeYp40KId13WNrYFmDNxysziyj95APrmEgy2qElUikRv96IQvIM /TBBVzuntC+SJJ1s6tK0f+BA5Zjg/PY51VILb33oLcd4DAH1570m1NrW4lWhTRQr wUSqcs+v5tNx4y7LX3Fe9b1RWHUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzJuL/ qOpYhv+/ZfvlduLN5bn6ITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig MA0GCSqGSIb3DQEBCwUAA4IBAQCm78jOO3kVcC9E7og6kFdM8zkftDXmD5CucBC3 onjw4ijTqjou1hohgKgdYg1JklH7+aOgnivUnEiK2kH8d6mRVmJ/gCCgPno8d7BT Vf5/CMbc3kwLx0c9PBPsBesBbyL9Vc05XHF6uPvB5NuSF1TfqRfhRk/1W6cI+2Bu xCt5JXg/d0Gl7MyFYA4j60m+GHAWG6SuhRyB5JB9tB25dgqI4yyqKFbvzpbHR7JE dJBGyLcD8cpskIYiYV3l5ipjwCMXe8SAA5IN9gwUXz1u7i5ZqxcHBUJOApDfjiJz EbL+L5mKWRsUlfHMtoj1Dc9hhqFUXvzrMeztcbFOWaiOcFBJ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:51 2025 by rpki-client