This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa File: d2b7a4eb-e2de-4458-a759-5125161eb686.roa (raw, json) Hash identifier: YSkdBjEn3GFzLNhlAPIuaKknLvvVwyrBUXv1mqCrg6g= Subject key identifier: 3C:38:44:6D:42:49:F6:F2:4E:68:AD:97:D4:AF:0F:F1:17:40:5A:AF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 630FD0CFC3A1B02A8E6AE025BE6044E1E17E5F40 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa Signing time: Sat 29 Nov 2025 03:10:45 +0000 ROA not before: Sat 29 Nov 2025 03:10:45 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:0f:d0:cf:c3:a1:b0:2a:8e:6a:e0:25:be:60:44:e1:e1:7e:5f:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:45 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=c9dd12797c1d6bc02a2d5f77c9b8af079f044231b7f9812302b07984f67284df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d4:b3:d5:30:77:55:e8:db:8b:2f:71:8a:f3: e4:94:9f:98:84:a6:da:3b:6d:13:ac:74:20:9f:b7: 2b:95:3c:8c:1c:9c:d5:4e:3a:b4:63:43:ed:ee:f0: 38:7e:a2:df:3f:d6:5c:99:d7:26:3d:a2:1e:0c:54: 71:62:f3:eb:f2:9f:66:e7:a7:a1:63:78:46:36:a7: 81:3b:94:4b:6d:3d:13:4d:a3:2d:f4:9c:eb:fd:68: 43:79:f4:c7:55:72:16:51:de:7a:d4:c0:39:91:0a: bc:74:6f:84:a9:5a:26:da:bc:ba:88:ec:29:0e:34: 02:2f:30:f0:b8:cd:51:ca:ab:05:63:96:da:3c:89: 04:b2:56:72:f6:72:15:1d:a6:cd:35:f8:c5:52:1b: af:cf:f8:b5:a4:ca:1a:70:8e:1e:13:e0:70:c2:4b: 61:9c:ff:79:dd:7b:2c:4e:b6:fc:d1:46:39:ce:da: f5:88:60:27:b0:95:82:98:ad:67:e3:fc:82:77:b0: dd:21:82:8c:73:45:10:30:9b:ba:4e:4a:ab:fb:30: 91:38:63:b6:6c:dd:46:a5:a3:95:53:18:b5:d1:89: 7c:27:8a:a2:e6:3e:56:1e:24:28:67:2d:15:4f:4d: c4:0f:c6:a6:1d:b4:ed:0d:fb:cb:cf:43:84:77:96: 93:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:38:44:6D:42:49:F6:F2:4E:68:AD:97:D4:AF:0F:F1:17:40:5A:AF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:a000::/40 Signature Algorithm: sha256WithRSAEncryption 9e:11:c2:bb:43:f5:3f:27:d5:21:72:23:8a:b4:31:9b:cc:c9: 0f:9f:5b:32:8e:20:c2:53:5b:18:3a:2c:51:e0:87:e7:c0:65: 37:2c:05:5a:d0:b6:8c:d8:8b:ec:00:4e:58:d1:24:ff:58:11: 5e:43:5d:eb:74:41:42:5c:61:e0:9a:39:12:ce:70:f5:aa:72: 84:59:4c:8a:c3:03:93:78:31:83:5e:0a:ce:51:da:b8:4d:ac: 7f:50:1e:b5:c0:46:80:c4:d7:2e:17:f7:8e:74:4d:9b:50:7e: 63:a7:75:8b:24:74:0a:16:72:11:44:83:dc:5f:e5:e7:6e:8a: ae:0f:72:c7:e8:c4:2f:05:b7:f4:80:71:6c:27:05:56:7a:67: 43:70:eb:4a:de:f8:78:ae:f3:ad:c6:cd:77:fa:9e:37:7c:5d: 17:1c:48:b4:d4:a6:f5:2d:4e:cd:f2:4f:3e:53:06:dc:dc:09: 9f:dd:3c:3d:fb:8f:8b:7a:71:fe:51:5e:93:41:62:a7:02:0a: 7a:2a:7d:ba:e1:0c:55:1c:5e:3b:94:44:9f:2c:1b:53:d7:d6: 19:ac:db:e5:82:66:bc:07:73:b5:ce:a5:ac:f5:34:cf:f1:94: a4:e2:10:29:14:3e:03:be:1e:00:62:cb:66:10:ca:60:79:b6: ac:31:4b:f6 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYw/Qz8OhsCqOauAlvmBE4eF+X0AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwNDVaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGM5ZGQxMjc5N2MxZDZiYzAyYTJkNWY3N2M5YjhhZjA3OWYwNDQyMzFiN2Y5 ODEyMzAyYjA3OTg0ZjY3Mjg0ZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANHUs9Uwd1Xo24svcYrz5JSfmISm2jttE6x0IJ+3K5U8jByc1U46tGND7e7w OH6i3z/WXJnXJj2iHgxUcWLz6/KfZuenoWN4RjangTuUS209E02jLfSc6/1oQ3n0 x1VyFlHeetTAOZEKvHRvhKlaJtq8uojsKQ40Ai8w8LjNUcqrBWOW2jyJBLJWcvZy FR2mzTX4xVIbr8/4taTKGnCOHhPgcMJLYZz/ed17LE62/NFGOc7a9YhgJ7CVgpit Z+P8gnew3SGCjHNFEDCbuk5Kq/swkThjtmzdRqWjlVMYtdGJfCeKouY+Vh4kKGct FU9NxA/Gph207Q37y89DhHeWk1ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8OERt Qkn28k5orZfUrw/xF0BarzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDJiN2E0ZWItZTJkZS00NDU4LWE3NTktNTEyNTE2MWViNjg2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmg MA0GCSqGSIb3DQEBCwUAA4IBAQCeEcK7Q/U/J9UhciOKtDGbzMkPn1syjiDCU1sY OixR4IfnwGU3LAVa0LaM2IvsAE5Y0ST/WBFeQ13rdEFCXGHgmjkSznD1qnKEWUyK wwOTeDGDXgrOUdq4Tax/UB61wEaAxNcuF/eOdE2bUH5jp3WLJHQKFnIRRIPcX+Xn boquD3LH6MQvBbf0gHFsJwVWemdDcOtK3vh4rvOtxs13+p43fF0XHEi01Kb1LU7N 8k8+Uwbc3Amf3Tw9+4+LenH+UV6TQWKnAgp6Kn264QxVHF47lESfLBtT19YZrNvl gma8B3O1zqWs9TTP8ZSk4hApFD4Dvh4AYstmEMpgebasMUv2 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:28 2025 by rpki-client