This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa File: d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa (raw, json) Hash identifier: 4h8nbdoraSQOFmfipss2b+QzzQ6bq9QAKuYFs9lNoBo= Subject key identifier: 34:FF:49:B0:25:1F:FE:06:51:51:9A:8A:04:96:DC:90:C8:0B:E3:CF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6F13E687D2CB426A1CE4DB24A0F5B277C6FF36A8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa Signing time: Tue 18 Nov 2025 00:40:10 +0000 ROA not before: Tue 18 Nov 2025 00:40:10 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02f::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:13:e6:87:d2:cb:42:6a:1c:e4:db:24:a0:f5:b2:77:c6:ff:36:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:40:10 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=ae0881c9a71bac0ee3068ee9002affaddc2e58cae8ddd1082b724e4aaf1ff3cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:0c:0c:25:c5:4e:37:d0:4c:e9:dd:6a:ad:23: 47:66:70:da:80:21:31:03:3f:6c:b4:81:67:3d:46: 7d:f4:f9:30:c7:1b:e7:2a:03:80:0c:4d:7b:73:dc: 5a:b6:00:ee:47:ce:72:47:2a:8c:1e:0a:49:6d:d7: e0:e1:84:14:75:87:54:7e:09:23:fc:98:ee:97:d8: d1:a5:ab:42:6e:7b:24:76:20:03:60:79:32:ea:8c: 28:47:5d:d9:03:04:45:f4:ed:49:44:8e:f6:78:0c: e5:24:c0:5b:96:87:0a:c5:14:27:40:f9:eb:ec:00: d2:84:17:9a:92:2a:e6:a4:89:93:70:eb:5a:ab:72: f3:13:6c:22:06:30:ba:4b:ac:ec:1e:db:fb:42:89: 07:92:ba:ce:39:1a:68:a8:24:ba:f9:c0:50:11:be: 37:ad:d4:a6:ff:99:16:ce:bc:91:16:be:57:8c:9d: 0a:9b:b9:f6:ec:8f:80:87:d5:ef:c4:fd:0d:3b:2c: ca:c0:9b:a6:84:a8:d9:40:1a:da:4e:2f:da:a8:67: d3:52:37:58:33:39:a8:9c:af:0b:df:64:5d:93:04: e0:04:22:0e:cb:aa:34:b7:ad:dc:9c:ca:c8:6c:09: d4:f4:bd:50:97:78:b8:06:3f:fc:a1:dd:1b:e3:b1: c4:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:FF:49:B0:25:1F:FE:06:51:51:9A:8A:04:96:DC:90:C8:0B:E3:CF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02f::/37 Signature Algorithm: sha256WithRSAEncryption 46:1f:e2:7d:f5:01:19:7f:14:b9:6c:f8:27:12:d2:06:d7:ee: 97:e3:af:f5:db:4e:f8:29:7c:35:e8:c6:9e:0f:68:74:ca:c9: c9:33:8f:89:df:cf:80:40:0c:d7:45:5d:4f:51:5f:0e:32:fd: 36:d3:ea:b9:91:7c:27:fc:56:0f:9a:ad:aa:45:46:3e:fb:08: 56:9e:03:34:37:56:64:44:a4:6c:d3:59:b6:11:28:bf:cd:d9: e4:71:ca:53:23:6e:76:d1:c6:02:ca:fc:22:31:b4:cd:89:d4: 46:9e:9d:3e:96:a1:a7:9f:4a:10:2c:76:9c:95:fb:8b:1d:4b: 29:91:09:19:ed:31:9b:09:fd:55:15:9c:e3:3c:01:fe:00:e7: d1:0c:25:8e:c0:3a:80:93:cf:e0:32:a9:ae:cc:c7:80:1f:40: 39:ba:58:b1:47:33:40:b0:97:60:b3:5d:31:ed:1e:ad:8b:c6: d0:97:53:81:ac:74:c9:32:9e:cf:58:b1:7b:3f:b1:af:9f:00: 31:69:b1:90:d2:a5:ae:65:74:56:56:29:40:f0:83:16:1e:3e: c6:1b:6f:c8:65:5c:7e:07:b5:80:1a:81:cc:0c:8d:31:87:aa: 4e:17:f7:78:fb:a8:8c:38:2e:16:3e:a3:d9:5b:09:01:53:b9: 0d:7f:ba:45 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUbxPmh9LLQmoc5NskoPWyd8b/NqgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDQwMTBaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGFlMDg4MWM5YTcxYmFjMGVlMzA2OGVlOTAwMmFmZmFkZGMyZTU4Y2FlOGRk ZDEwODJiNzI0ZTRhYWYxZmYzY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMUMDCXFTjfQTOndaq0jR2Zw2oAhMQM/bLSBZz1GffT5MMcb5yoDgAxNe3Pc WrYA7kfOckcqjB4KSW3X4OGEFHWHVH4JI/yY7pfY0aWrQm57JHYgA2B5MuqMKEdd 2QMERfTtSUSO9ngM5STAW5aHCsUUJ0D56+wA0oQXmpIq5qSJk3DrWqty8xNsIgYw ukus7B7b+0KJB5K6zjkaaKgkuvnAUBG+N63Upv+ZFs68kRa+V4ydCpu59uyPgIfV 78T9DTssysCbpoSo2UAa2k4v2qhn01I3WDM5qJyvC99kXZME4AQiDsuqNLet3JzK yGwJ1PS9UJd4uAY//KHdG+OxxI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0/0mw JR/+BlFRmooEltyQyAvjzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDJjZjQ3NmMtOWYzOS00ZWE4LWE2ZDUtNzlhODJjNGE0ZGZhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8A MA0GCSqGSIb3DQEBCwUAA4IBAQBGH+J99QEZfxS5bPgnEtIG1+6X46/12074KXw1 6MaeD2h0ysnJM4+J38+AQAzXRV1PUV8OMv020+q5kXwn/FYPmq2qRUY++whWngM0 N1ZkRKRs01m2ESi/zdnkccpTI2520cYCyvwiMbTNidRGnp0+lqGnn0oQLHaclfuL HUspkQkZ7TGbCf1VFZzjPAH+AOfRDCWOwDqAk8/gMqmuzMeAH0A5ulixRzNAsJdg s10x7R6ti8bQl1OBrHTJMp7PWLF7P7GvnwAxabGQ0qWuZXRWVilA8IMWHj7GG2/I ZVx+B7WAGoHMDI0xh6pOF/d4+6iMOC4WPqPZWwkBU7kNf7pF -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:06 2025 by rpki-client