This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa File: ddbb8798-3423-4d98-a384-58621b010556.roa (raw, json) Hash identifier: a0S5V6iHaa7gWESo0ZlDwwOuW29QaxGQyH9ZwmAzqvM= Subject key identifier: 9E:CA:9D:C7:0C:08:0C:D2:05:AB:82:1E:4D:93:D6:5E:9B:E2:EA:A1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2CB96298416F296E265130F0F7A6DAE50B1C9816 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa Signing time: Sat 15 Nov 2025 06:20:38 +0000 ROA not before: Sat 15 Nov 2025 06:20:38 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d019:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:b9:62:98:41:6f:29:6e:26:51:30:f0:f7:a6:da:e5:0b:1c:98:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:38 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=063aa04be01ed7c7c501dde2e1ef133c89b35a6cf12f8a980e4c313da94af842, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:8d:22:c9:76:d9:d2:e1:92:ce:9f:15:e5:6c: 73:11:0d:1a:c3:0c:f6:a0:0a:9f:bf:ad:1d:88:9f: e0:64:79:42:6d:f7:03:30:77:af:7c:54:9b:c9:cc: e8:e9:33:40:59:de:5f:19:43:ba:71:d3:45:21:28: b7:77:85:8e:a0:79:83:19:9a:14:af:06:49:cc:db: 6a:77:8e:c1:5f:cc:11:09:78:35:94:ab:2e:03:3b: 8f:17:75:b6:54:00:96:ed:0f:03:a9:7b:48:a7:19: 29:68:87:0d:0e:8f:41:d4:56:8d:fd:52:d7:47:77: 04:11:d4:04:fe:d5:a7:d9:f8:fa:a9:d6:36:48:e2: 3a:00:a9:8c:93:fb:f5:2b:d6:85:15:41:63:51:5f: 68:47:d5:01:b5:e9:a8:90:d5:36:74:98:48:0e:70: 8a:fa:7a:86:bd:86:09:9e:aa:dc:98:59:0f:6a:c2: 3a:ce:26:4e:4e:b6:07:2c:61:2a:ca:bb:c4:09:d4: 29:a1:c8:15:5d:ff:41:11:5d:6c:d8:d9:23:6a:9e: de:65:7d:5f:f4:c9:f6:29:cc:93:1c:a5:09:a0:7d: c8:32:77:6a:67:b4:49:54:cb:51:aa:f4:f8:d6:ce: 08:ab:a7:61:b7:98:13:5e:01:95:4c:32:bf:7c:39: e3:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:CA:9D:C7:0C:08:0C:D2:05:AB:82:1E:4D:93:D6:5E:9B:E2:EA:A1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d019:c00::/38 Signature Algorithm: sha256WithRSAEncryption 21:f0:76:a3:19:ad:2e:82:1f:e7:74:38:62:18:6b:65:94:5d: 2f:7d:53:01:d6:c9:07:1d:93:22:d8:c7:bd:88:eb:de:27:0b: 72:e9:e9:26:81:34:71:6d:09:b5:73:7f:d5:4b:a0:57:0d:40: 0f:f5:31:97:ed:cb:58:22:22:c5:68:52:02:cb:98:66:cd:8a: 73:60:10:0c:0a:18:30:5d:e7:54:a2:be:25:c1:cb:84:3d:56: 00:f6:ec:c0:82:d3:fa:ca:96:e0:bd:64:60:fc:26:1e:c0:e5: b9:ac:50:2a:29:b1:ff:ec:a6:b8:1e:7e:4f:25:50:65:25:53: 40:14:44:f7:30:c9:54:a3:b6:83:0b:72:c4:99:28:78:51:61: 31:ad:37:dd:f7:14:3c:9d:69:22:a1:7d:ad:dd:ca:fb:9f:bc: 87:5c:e7:77:ad:43:eb:f8:9d:0c:98:5b:0b:9e:d9:a5:cd:de: 8a:d2:f1:47:32:9d:50:eb:17:29:dd:7c:b7:19:24:13:4c:6d: fb:a8:61:b6:c3:7e:31:c0:bb:7e:b4:f0:73:06:29:56:10:43: bd:d8:0c:9b:fb:27:58:1f:2c:05:64:ce:b0:47:79:31:80:55: bb:59:e8:31:c3:12:0b:ea:fc:23:40:54:f1:ff:54:51:22:b5: 6c:7e:4a:72 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULLlimEFvKW4mUTDw96ba5QscmBYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMzhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA2M2FhMDRiZTAxZWQ3YzdjNTAxZGRlMmUxZWYxMzNjODliMzVhNmNmMTJm OGE5ODBlNGMzMTNkYTk0YWY4NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6NIsl22dLhks6fFeVscxENGsMM9qAKn7+tHYif4GR5Qm33AzB3r3xUm8nM 6OkzQFneXxlDunHTRSEot3eFjqB5gxmaFK8GSczbaneOwV/MEQl4NZSrLgM7jxd1 tlQAlu0PA6l7SKcZKWiHDQ6PQdRWjf1S10d3BBHUBP7Vp9n4+qnWNkjiOgCpjJP7 9SvWhRVBY1FfaEfVAbXpqJDVNnSYSA5wivp6hr2GCZ6q3JhZD2rCOs4mTk62Byxh Ksq7xAnUKaHIFV3/QRFdbNjZI2qe3mV9X/TJ9inMkxylCaB9yDJ3ame0SVTLUar0 +NbOCKunYbeYE14BlUwyv3w540ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeyp3H DAgM0gWrgh5Nk9Zem+LqoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGRiYjg3OTgtMzQyMy00ZDk4LWEzODQtNTg2MjFiMDEwNTU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkM MA0GCSqGSIb3DQEBCwUAA4IBAQAh8HajGa0ugh/ndDhiGGtllF0vfVMB1skHHZMi 2Me9iOveJwty6ekmgTRxbQm1c3/VS6BXDUAP9TGX7ctYIiLFaFICy5hmzYpzYBAM ChgwXedUor4lwcuEPVYA9uzAgtP6ypbgvWRg/CYewOW5rFAqKbH/7Ka4Hn5PJVBl JVNAFET3MMlUo7aDC3LEmSh4UWExrTfd9xQ8nWkioX2t3cr7n7yHXOd3rUPr+J0M mFsLntmlzd6K0vFHMp1Q6xcp3Xy3GSQTTG37qGG2w34xwLt+tPBzBilWEEO92Ayb +ydYHywFZM6wR3kxgFW7WegxwxIL6vwjQFTx/1RRIrVsfkpy -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:32 2025 by rpki-client