This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa File: d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa (raw, json) Hash identifier: eH0BPVT/TpvkOdrI4OV0TMDVlUPGpAA3JSqwR9o8syA= Subject key identifier: E8:55:CA:E1:05:2D:87:55:4B:26:8A:AD:E2:D8:86:83:15:E4:94:E0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2E4461D33F97B6EAB52B578F54C412F7DB71ED65 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa Signing time: Sun 23 Nov 2025 01:30:35 +0000 ROA not before: Sun 23 Nov 2025 01:30:35 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:44:61:d3:3f:97:b6:ea:b5:2b:57:8f:54:c4:12:f7:db:71:ed:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:35 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=df549f39084356b13dfc53bebd0cec7221810f83c36eb69a007799a7ef12cb8c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:e0:01:1f:24:fd:12:68:ed:ca:3a:19:e5:ab: be:4c:c1:1f:99:ec:bd:c1:88:e5:b2:79:fc:de:f1: 75:5a:57:4b:f9:9a:90:9b:47:8b:c9:16:fa:9b:2f: e9:05:ae:75:dc:8c:5c:3a:71:19:50:aa:ef:63:1f: d6:53:7c:2b:ce:61:c5:78:48:04:a6:50:34:40:cb: ad:ad:8c:f1:83:4c:4a:ca:81:04:70:8e:b5:d8:9b: 2f:45:e0:cd:65:76:c1:0d:c9:2c:84:d7:a1:92:c0: 13:58:95:27:28:92:02:98:e3:9b:da:70:15:3d:f8: 13:1e:91:9e:2b:f8:b8:57:9f:42:d2:f7:20:20:01: b9:b3:6b:1f:d1:16:ef:17:50:d2:ae:50:64:88:e8: 8f:be:5c:33:12:2f:41:ce:06:dd:e2:54:5a:0f:8d: 8f:29:54:b6:f6:99:41:88:0d:56:2b:eb:61:58:43: 5d:f6:88:d6:f7:2c:59:5a:68:cd:41:88:c6:44:b7: da:a9:68:6d:7d:48:e5:ea:72:1a:96:80:47:c4:5b: 45:c8:96:2d:78:ed:66:76:cd:e1:e1:e8:98:62:fa: 57:75:b8:fd:48:68:80:39:d7:79:43:50:0c:4c:03: b3:80:93:5c:d2:8f:4d:52:c7:e4:2c:af:da:3c:82: 31:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:55:CA:E1:05:2D:87:55:4B:26:8A:AD:E2:D8:86:83:15:E4:94:E0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:2040::/48 Signature Algorithm: sha256WithRSAEncryption 96:bc:3a:0c:87:a2:77:46:68:11:e2:b3:dc:84:95:7f:d1:74: cf:98:3d:99:f2:61:17:59:e0:dc:1a:a6:1b:9e:70:f9:18:62: 1b:af:f0:54:f0:3e:11:52:0a:b3:69:d0:8b:02:0d:7c:5f:a9: 8b:69:d6:16:a5:0d:99:a2:57:05:28:6d:02:f5:cf:cd:b9:a2: 11:6c:aa:74:ee:76:2f:7d:a9:4e:56:72:9e:77:78:a6:75:23: 8a:2c:42:95:d3:87:f2:68:af:b2:02:76:17:9d:b6:f5:75:64: d4:83:e3:80:4a:9e:37:da:9b:31:01:9e:08:ca:b6:d1:f4:05: 25:05:24:a3:e8:82:19:1e:dc:ba:06:56:5f:9f:66:7b:16:92: da:55:8b:7f:15:7d:fd:1d:6b:e0:bb:b8:4f:d3:63:0a:7c:87: 96:cd:58:c2:74:87:fa:32:57:c9:42:6a:d8:c9:aa:cd:aa:cf: ba:1f:99:18:2b:fb:90:52:1f:ce:07:ab:a9:39:93:6f:27:3c: dc:61:bc:10:09:4c:f3:df:c9:e8:2c:33:a9:52:ed:8a:b8:52: 70:bf:6f:4e:16:9d:6b:9f:91:b9:01:20:63:84:00:e0:cb:aa: db:3d:a8:5f:ed:b8:44:06:40:e4:85:2a:2c:1e:ec:69:63:f5: cf:1a:c5:a1 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIULkRh0z+Xtuq1K1ePVMQS99tx7WUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMzVaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGRmNTQ5ZjM5MDg0MzU2YjEzZGZjNTNiZWJkMGNlYzcyMjE4MTBmODNjMzZl YjY5YTAwNzc5OWE3ZWYxMmNiOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN7gAR8k/RJo7co6GeWrvkzBH5nsvcGI5bJ5/N7xdVpXS/makJtHi8kW+psv 6QWuddyMXDpxGVCq72Mf1lN8K85hxXhIBKZQNEDLra2M8YNMSsqBBHCOtdibL0Xg zWV2wQ3JLITXoZLAE1iVJyiSApjjm9pwFT34Ex6Rniv4uFefQtL3ICABubNrH9EW 7xdQ0q5QZIjoj75cMxIvQc4G3eJUWg+NjylUtvaZQYgNVivrYVhDXfaI1vcsWVpo zUGIxkS32qlobX1I5epyGpaAR8RbRciWLXjtZnbN4eHomGL6V3W4/UhogDnXeUNQ DEwDs4CTXNKPTVLH5Cyv2jyCMf0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToVcrh BS2HVUsmiq3i2IaDFeSU4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDJlMzk5NWItNGNlYi00YmFmLWE3NGQtOTU0ZTlmM2M1ZDRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gog QDANBgkqhkiG9w0BAQsFAAOCAQEAlrw6DIeid0ZoEeKz3ISVf9F0z5g9mfJhF1ng 3BqmG55w+RhiG6/wVPA+EVIKs2nQiwINfF+pi2nWFqUNmaJXBShtAvXPzbmiEWyq dO52L32pTlZynnd4pnUjiixCldOH8mivsgJ2F5229XVk1IPjgEqeN9qbMQGeCMq2 0fQFJQUko+iCGR7cugZWX59mexaS2lWLfxV9/R1r4Lu4T9NjCnyHls1YwnSH+jJX yUJq2MmqzarPuh+ZGCv7kFIfzgerqTmTbyc83GG8EAlM89/J6CwzqVLtirhScL9v Thada5+RuQEgY4QA4Muq2z2oX+24RAZA5IUqLB7saWP1zxrFoQ== -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:15 2025 by rpki-client