This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa File: d7b89972-677a-470e-88ff-f95e3c9a9443.roa (raw, json) Hash identifier: CKEagpsPU7OxHfK2TY7zCOJV0dPEkLQjgLfsG0CBz28= Subject key identifier: A8:7D:F1:53:26:98:25:4B:D8:83:26:69:22:31:50:70:99:3B:F5:8D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4F98E8F890465B92F9439D272CD688E4745333E9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa Signing time: Sat 15 Nov 2025 06:01:15 +0000 ROA not before: Sat 15 Nov 2025 06:01:15 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:98:e8:f8:90:46:5b:92:f9:43:9d:27:2c:d6:88:e4:74:53:33:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:01:15 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=dd19800dcd1d29f7df70d51171bff37e00068c46ff41d1ea7995bb995e0a4506, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:92:77:bb:41:d0:ca:d7:93:25:a8:a3:b6:66: 78:d0:7c:85:1f:61:82:c4:c1:05:55:9c:e5:56:07: da:d5:19:43:09:3c:c4:bd:70:a4:40:33:c5:c5:1f: 02:a0:5c:7e:0f:61:30:26:93:b6:c8:5d:a7:36:04: c7:58:1f:8e:53:93:ab:35:8d:d5:ae:39:4b:5e:30: 57:4e:20:41:85:5f:01:8a:26:e0:e2:d0:97:b0:05: 79:0b:f8:e9:58:74:fe:dc:c0:a0:94:61:8f:a1:8f: 06:4e:0c:3b:f2:a9:8a:3d:a8:bf:1b:39:57:83:08: e0:61:be:35:44:36:0c:01:d8:d6:f8:3a:92:23:07: dc:7b:a9:74:d9:03:3e:83:b7:d4:26:61:e7:3e:99: f4:05:7a:62:d7:bf:bc:5c:3f:94:09:14:a2:c5:3f: 22:2a:06:45:8b:20:c4:64:fa:e8:6c:06:7b:ba:1a: f3:4f:ef:4f:1a:21:f0:02:a1:73:cf:04:7c:5d:83: e6:03:0c:c6:84:18:df:60:be:a5:96:a1:d6:dc:b8: 65:4f:b5:d7:ae:ed:f1:90:ad:4d:b3:df:79:fb:37: 4f:7d:2a:87:a5:a6:c3:0e:57:59:2d:45:9e:5b:01: 36:7c:5b:62:ed:2f:78:4e:a2:9b:e0:38:7e:c9:31: 61:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:7D:F1:53:26:98:25:4B:D8:83:26:69:22:31:50:70:99:3B:F5:8D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:800::/40 Signature Algorithm: sha256WithRSAEncryption 3d:c1:1d:c7:95:5f:5f:f9:a4:aa:cf:6b:04:bd:34:9f:42:a6: 00:f7:77:5f:a9:13:34:d6:9a:77:9c:50:68:6f:2b:ab:ae:d5: c2:45:83:19:c5:09:8f:33:12:e8:3d:8c:aa:d5:5f:0e:2d:c2: 17:4f:85:56:75:08:7f:af:17:e8:ac:f8:62:f6:f2:59:9f:83: 77:8f:65:b4:21:76:dd:91:a0:50:ec:e9:d1:4c:5b:e5:1a:ae: 6f:19:59:ea:4c:cb:6c:9e:96:3b:56:4b:fe:cb:18:3c:d0:2f: f5:d6:88:a6:4f:87:72:a4:f3:0a:16:5d:bb:8a:ea:7a:af:3c: 12:1d:a1:94:26:f7:23:1d:dd:f1:93:65:0d:5d:09:9c:f9:88: 53:99:f8:57:bc:b8:6c:c7:65:a9:04:52:00:ad:de:10:39:cc: ee:08:a9:84:47:4e:0f:5d:45:45:22:97:2a:cf:48:c8:c4:74: 46:60:c5:68:e8:43:cd:e4:3f:d6:50:1b:ab:2d:77:dc:16:80: 6b:1d:9a:e7:0c:c5:d3:7d:43:21:33:43:88:f5:78:ca:70:7f: 28:76:95:69:d4:f8:36:63:60:5b:9b:dd:03:60:e4:ec:73:2b: 9b:32:0b:fd:ae:b1:6c:ba:ff:17:70:e1:6b:8e:6a:de:64:0d: 86:cb:bd:9c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUT5jo+JBGW5L5Q50nLNaI5HRTM+kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAxMTVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGRkMTk4MDBkY2QxZDI5ZjdkZjcwZDUxMTcxYmZmMzdlMDAwNjhjNDZmZjQx ZDFlYTc5OTViYjk5NWUwYTQ1MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKmSd7tB0MrXkyWoo7ZmeNB8hR9hgsTBBVWc5VYH2tUZQwk8xL1wpEAzxcUf AqBcfg9hMCaTtshdpzYEx1gfjlOTqzWN1a45S14wV04gQYVfAYom4OLQl7AFeQv4 6Vh0/tzAoJRhj6GPBk4MO/Kpij2ovxs5V4MI4GG+NUQ2DAHY1vg6kiMH3HupdNkD PoO31CZh5z6Z9AV6Yte/vFw/lAkUosU/IioGRYsgxGT66GwGe7oa80/vTxoh8AKh c88EfF2D5gMMxoQY32C+pZah1ty4ZU+1167t8ZCtTbPfefs3T30qh6Wmww5XWS1F nlsBNnxbYu0veE6im+A4fskxYR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSoffFT JpglS9iDJmkiMVBwmTv1jTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDdiODk5NzItNjc3YS00NzBlLTg4ZmYtZjk1ZTNjOWE5NDQzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0I MA0GCSqGSIb3DQEBCwUAA4IBAQA9wR3HlV9f+aSqz2sEvTSfQqYA93dfqRM01pp3 nFBobyurrtXCRYMZxQmPMxLoPYyq1V8OLcIXT4VWdQh/rxforPhi9vJZn4N3j2W0 IXbdkaBQ7OnRTFvlGq5vGVnqTMtsnpY7Vkv+yxg80C/11oimT4dypPMKFl27iup6 rzwSHaGUJvcjHd3xk2UNXQmc+YhTmfhXvLhsx2WpBFIArd4QOczuCKmER04PXUVF Ipcqz0jIxHRGYMVo6EPN5D/WUBurLXfcFoBrHZrnDMXTfUMhM0OI9XjKcH8odpVp 1Pg2Y2Bbm90DYOTscyubMgv9rrFsuv8XcOFrjmreZA2Gy72c -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:41 2025 by rpki-client