This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json) Hash identifier: xO/AR6pkx//WKQuTUG60DpWehP6szpksH0T8hhw3KJ4= Subject key identifier: 09:19:76:91:53:90:B0:EC:30:4E:13:E9:9F:85:DC:69:27:D6:82:77 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1C62E8814F0DD0EBC92708553C778533C22A3935 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa Signing time: Sat 15 Nov 2025 05:30:34 +0000 ROA not before: Sat 15 Nov 2025 05:30:34 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:62:e8:81:4f:0d:d0:eb:c9:27:08:55:3c:77:85:33:c2:2a:39:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:34 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f98045b3807296877bbfab65b587a1deefe09a3b0a3109db3dadfedc19222b86, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c1:6a:80:23:29:be:91:63:c3:b6:a4:18:3d: 45:27:44:72:1b:70:ea:47:38:18:90:8c:60:1b:91: c9:cf:9a:53:ba:fa:c2:03:ce:0c:ad:e8:6f:11:16: ff:fd:61:45:e2:a4:c5:e7:1a:db:af:d5:3c:2e:9f: 56:b6:2d:f7:a7:39:85:06:b5:12:9e:1a:ba:88:c5: 6c:32:74:8e:49:5e:f5:36:db:72:89:42:d0:bb:fa: 1b:89:18:93:dc:35:fc:06:65:b2:7c:d9:56:58:eb: d6:df:dd:d5:77:7a:2c:2c:62:b5:86:67:48:2f:ae: 32:f8:f4:92:44:82:72:4a:be:ba:e8:28:54:95:21: cd:d6:c6:e8:4e:66:64:a1:0c:2a:25:af:e4:2b:75: 70:4b:36:cf:35:68:2d:4c:b4:61:b3:c8:d6:e9:92: 09:8e:fa:88:65:c0:cf:1f:3f:3d:f3:24:9c:5b:21: 70:3f:01:a5:c5:63:fc:b6:b3:28:55:a9:6e:4d:71: b1:d5:ee:96:73:d8:fa:ee:72:d4:c8:34:0d:25:a4: 75:08:cc:f5:7a:d9:48:cf:79:10:d6:04:f9:a7:f2: 1c:ff:b3:03:2b:c9:48:25:58:c6:a1:9f:93:f8:be: 69:be:9d:55:aa:60:76:c1:28:63:7d:a7:66:66:7e: 17:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:19:76:91:53:90:B0:EC:30:4E:13:E9:9F:85:DC:69:27:D6:82:77 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:2000::/40 Signature Algorithm: sha256WithRSAEncryption 7c:32:bd:39:6b:16:d1:8a:64:cc:6e:7f:db:b2:e9:fd:d3:ca: 57:0a:af:af:9a:c5:9f:17:f1:ae:6d:2b:21:58:19:c4:13:e4: bb:fd:59:9e:df:15:9c:b4:e4:ef:f2:c7:62:cb:8e:74:56:df: 25:f2:3f:6e:df:60:04:72:24:de:4b:e4:92:a4:6b:cc:01:8b: 8f:bd:c3:7a:33:ac:6c:82:cf:a5:60:dc:44:11:4f:2a:51:5f: c6:88:3e:30:0e:cd:37:8d:99:df:cf:73:db:b6:4c:3e:d6:a8: 09:89:66:d2:90:32:5e:23:ff:2f:57:b7:76:19:28:c3:fb:02: cc:98:f9:fe:54:8d:2b:9e:26:b5:2e:b0:88:a2:5b:2f:d2:2d: 7d:62:c5:ab:de:50:e6:b7:04:5c:c4:10:a6:50:3a:45:de:46: 15:bd:f9:97:c4:9a:9e:06:43:23:d6:a6:fc:31:b2:6a:7f:00: e4:14:b7:ae:c7:d8:f1:4d:2b:c3:16:36:83:74:8b:60:95:18: 86:73:95:51:b1:af:99:ef:86:7d:5f:ae:b3:86:ff:5f:77:22: 2b:bf:a0:b7:db:08:80:6c:38:04:f2:ef:70:66:7b:96:02:20: 10:29:ae:f5:b3:5c:7c:9a:d7:9f:be:87:f7:f4:16:ba:cb:81: d5:38:40:e3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHGLogU8N0OvJJwhVPHeFM8IqOTUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY5ODA0NWIzODA3Mjk2ODc3YmJmYWI2NWI1ODdhMWRlZWZlMDlhM2IwYTMx MDlkYjNkYWRmZWRjMTkyMjJiODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfBaoAjKb6RY8O2pBg9RSdEchtw6kc4GJCMYBuRyc+aU7r6wgPODK3obxEW //1hReKkxeca26/VPC6fVrYt96c5hQa1Ep4auojFbDJ0jkle9TbbcolC0Lv6G4kY k9w1/AZlsnzZVljr1t/d1Xd6LCxitYZnSC+uMvj0kkSCckq+uugoVJUhzdbG6E5m ZKEMKiWv5Ct1cEs2zzVoLUy0YbPI1umSCY76iGXAzx8/PfMknFshcD8BpcVj/Laz KFWpbk1xsdXulnPY+u5y1Mg0DSWkdQjM9XrZSM95ENYE+afyHP+zAyvJSCVYxqGf k/i+ab6dVapgdsEoY32nZmZ+F7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJGXaR U5Cw7DBOE+mfhdxpJ9aCdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g MA0GCSqGSIb3DQEBCwUAA4IBAQB8Mr05axbRimTMbn/bsun908pXCq+vmsWfF/Gu bSshWBnEE+S7/Vme3xWctOTv8sdiy450Vt8l8j9u32AEciTeS+SSpGvMAYuPvcN6 M6xsgs+lYNxEEU8qUV/GiD4wDs03jZnfz3Pbtkw+1qgJiWbSkDJeI/8vV7d2GSjD +wLMmPn+VI0rnia1LrCIolsv0i19YsWr3lDmtwRcxBCmUDpF3kYVvfmXxJqeBkMj 1qb8MbJqfwDkFLeux9jxTSvDFjaDdItglRiGc5VRsa+Z74Z9X66zhv9fdyIrv6C3 2wiAbDgE8u9wZnuWAiAQKa71s1x8mtefvof39Ba6y4HVOEDj -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:01 2025 by rpki-client