This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json) Hash identifier: gCaXs+iR9g70+uiCNsi4IOZRd4r8vNfDY2dwqoskdjU= Subject key identifier: 51:7D:D1:0C:61:FD:6F:14:B2:ED:65:15:12:2B:09:FA:C1:6D:1F:DE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 080D18757DE12F268EED5E27AB8C0B81D90C1808 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa Signing time: Wed 10 Dec 2025 06:11:28 +0000 ROA not before: Wed 10 Dec 2025 06:11:28 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:0d:18:75:7d:e1:2f:26:8e:ed:5e:27:ab:8c:0b:81:d9:0c:18:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:28 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c88ddb3130d5b2ddbc3c76f48a868a26494c44e3211b8d41cbc8553143d42439, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:ff:0c:83:01:fb:4b:5a:e7:7d:34:9d:a7:cd: 14:6e:43:90:cf:5b:a2:94:ba:44:b5:58:b8:1b:cd: c1:09:29:25:b4:6f:63:ed:70:32:bd:d3:56:b9:ab: 2d:09:d1:6b:6b:93:8d:7d:75:37:f2:b6:5f:62:18: 9b:45:d5:54:36:4a:50:c2:82:52:68:1b:50:27:15: 9b:ac:cf:ee:90:49:16:13:98:34:7a:ca:8f:cc:40: 84:23:22:c6:26:e4:04:62:25:d0:9a:4c:bf:70:da: da:b7:8c:1f:39:0d:82:cd:b1:b1:f0:01:47:5c:d3: df:fe:cd:32:71:90:2e:e9:59:6b:20:38:29:73:42: 22:59:83:c7:46:76:8c:30:a4:34:0a:a9:1a:9a:23: 70:29:2d:20:16:59:b6:4a:0b:66:fa:11:dc:4c:8a: 65:4e:94:49:36:26:3e:b2:3d:5f:4c:b1:fb:54:c0: c1:8f:3a:ae:20:f1:da:fb:49:bd:97:29:ba:94:53: 86:94:cc:60:be:ec:c7:85:9e:b3:8b:c3:92:b1:a5: 34:90:d0:2c:07:ff:68:6a:48:ee:08:10:0e:7d:f1: 10:49:e8:0f:7a:a1:d0:5a:1a:4f:85:49:2f:65:c9: 72:bc:cf:c9:14:fc:34:3f:12:b4:99:9a:38:68:71: 7c:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:7D:D1:0C:61:FD:6F:14:B2:ED:65:15:12:2B:09:FA:C1:6D:1F:DE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:1000::/40 Signature Algorithm: sha256WithRSAEncryption 4d:f7:5c:e4:55:f2:7f:18:83:55:4c:ee:6d:8c:87:d8:6e:a3: 99:f9:d0:89:21:78:38:a0:c9:00:1f:61:f1:89:a6:04:80:7d: 33:37:b5:bf:f9:0f:2e:44:3c:9f:c2:ae:f1:38:4d:21:c6:67: 36:a8:44:49:4a:6a:67:a6:22:bc:47:29:f9:76:84:bc:ef:2a: 47:58:66:f4:dd:d0:30:71:76:30:10:0b:e2:fc:96:30:30:4f: 08:55:4e:97:28:94:b7:9a:70:7c:69:ee:63:9f:70:41:50:e8: 38:0f:bc:a2:20:00:1e:17:ba:ac:3f:fd:40:7c:d4:c4:c7:28: 85:c8:7a:6f:70:e1:ec:fa:c0:87:d1:7a:e7:21:3c:9a:95:14: 00:a3:dc:9f:06:29:14:f2:57:30:e3:e5:6d:29:d5:a0:3f:eb: 63:c5:16:9f:97:2c:92:42:42:bf:27:0c:70:5a:32:7c:cb:e6: 14:83:0f:63:1c:55:1c:26:56:8d:7b:df:07:4b:c8:94:c8:2d: ed:3e:a6:32:12:07:8a:c1:ba:da:61:6c:87:a0:d9:c7:33:47: 2f:31:d4:43:7b:3b:bb:4e:71:c1:c4:72:2c:90:c5:e6:c8:83: 7b:36:f1:fc:d3:5c:f1:60:3d:d2:d7:d5:14:e7:7d:b0:20:87: 12:5d:a5:0d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCA0YdX3hLyaO7V4nq4wLgdkMGAgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMjhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM4OGRkYjMxMzBkNWIyZGRiYzNjNzZmNDhhODY4YTI2NDk0YzQ0ZTMyMTFi OGQ0MWNiYzg1NTMxNDNkNDI0MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANz/DIMB+0ta5300nafNFG5DkM9bopS6RLVYuBvNwQkpJbRvY+1wMr3TVrmr LQnRa2uTjX11N/K2X2IYm0XVVDZKUMKCUmgbUCcVm6zP7pBJFhOYNHrKj8xAhCMi xibkBGIl0JpMv3Da2reMHzkNgs2xsfABR1zT3/7NMnGQLulZayA4KXNCIlmDx0Z2 jDCkNAqpGpojcCktIBZZtkoLZvoR3EyKZU6USTYmPrI9X0yx+1TAwY86riDx2vtJ vZcpupRThpTMYL7sx4Wes4vDkrGlNJDQLAf/aGpI7ggQDn3xEEnoD3qh0FoaT4VJ L2XJcrzPyRT8ND8StJmaOGhxfG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRfdEM Yf1vFLLtZRUSKwn6wW0f3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ MA0GCSqGSIb3DQEBCwUAA4IBAQBN91zkVfJ/GINVTO5tjIfYbqOZ+dCJIXg4oMkA H2HxiaYEgH0zN7W/+Q8uRDyfwq7xOE0hxmc2qERJSmpnpiK8Ryn5doS87ypHWGb0 3dAwcXYwEAvi/JYwME8IVU6XKJS3mnB8ae5jn3BBUOg4D7yiIAAeF7qsP/1AfNTE xyiFyHpvcOHs+sCH0XrnITyalRQAo9yfBikU8lcw4+VtKdWgP+tjxRaflyySQkK/ JwxwWjJ8y+YUgw9jHFUcJlaNe98HS8iUyC3tPqYyEgeKwbraYWyHoNnHM0cvMdRD ezu7TnHBxHIskMXmyIN7NvH801zxYD3S19UU532wIIcSXaUN -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:57 2025 by rpki-client