This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa File: de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa (raw, json) Hash identifier: k4kJhzGsfDqjllgkNv2xS5EwnDU0cbhmutx/PmKNJ7c= Subject key identifier: D6:66:68:BC:4D:A7:84:35:F0:6A:50:50:C8:D3:E0:24:56:2D:73:02 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 121C650B09B1DC11FE830F6A97664F411B8A9F2A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa Signing time: Tue 25 Nov 2025 20:01:02 +0000 ROA not before: Tue 25 Nov 2025 20:01:02 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:e080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:1c:65:0b:09:b1:dc:11:fe:83:0f:6a:97:66:4f:41:1b:8a:9f:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:01:02 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=452820e7a5c72eedac6e5712febbfb9647a1e7271e5f330e2c4b824b16307f4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:8a:6b:f6:22:ef:dc:3a:db:e0:0e:ec:c0:4f: 10:19:bb:bb:32:fb:70:6d:3b:af:6c:5f:03:a5:77: f7:a8:42:30:66:41:25:e4:3d:02:6d:84:fc:0e:be: 2a:e2:7e:50:fb:fd:8c:b5:59:25:50:08:09:ee:5b: 3b:d8:99:82:73:e9:07:3b:da:d9:56:33:26:3e:42: 6a:29:f9:c3:4d:01:fe:85:7f:74:33:23:ee:32:33: 6b:87:45:ab:7a:38:5e:97:14:b2:eb:8f:c6:2e:d8: ce:0a:fa:ca:9c:d0:90:60:48:ef:0d:52:e2:d9:c5: c4:7b:82:35:4e:36:37:45:28:1a:57:81:72:ed:c1: 22:85:13:ca:ab:2d:cf:2f:79:77:dd:43:25:12:de: b9:b3:1f:ff:e2:8b:1b:0b:ca:3d:3e:1a:61:bf:62: f4:c4:aa:15:16:0c:78:90:fa:6a:e8:57:de:01:ba: 19:31:13:da:ae:2e:6f:cb:66:f0:4d:03:37:c6:b8: 0b:5d:05:57:a9:e4:2d:52:90:c4:f7:57:ed:c8:48: af:af:0c:1e:25:be:33:98:51:42:67:3d:f6:fc:53: a8:88:77:18:2b:d9:40:5c:4b:ee:c1:5c:64:58:34: 62:c6:47:ff:6a:3f:46:30:ac:92:ca:c6:73:82:4c: 6f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:66:68:BC:4D:A7:84:35:F0:6A:50:50:C8:D3:E0:24:56:2D:73:02 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:e080::/46 Signature Algorithm: sha256WithRSAEncryption 55:37:42:9d:78:45:03:cc:ee:5e:65:fc:11:79:3a:11:5c:1d: ed:d5:ca:26:e7:8e:23:58:80:30:12:9b:ff:3e:f1:77:72:67: 89:a5:f1:77:37:85:8e:c5:6a:b2:51:38:a3:5b:8d:c6:26:5a: 6b:b0:87:bc:40:55:35:f1:a7:ec:d0:d0:2f:54:41:49:7c:83: 1e:25:1a:84:27:99:3f:05:79:b3:43:4a:a4:ec:65:e4:17:1c: af:03:c6:62:9f:3b:4a:0a:49:a4:7d:69:cf:d5:4a:a4:d1:7f: fa:6c:ee:03:77:b1:33:e0:09:d4:97:cf:d0:1c:4f:a8:c6:2a: 59:9a:1b:bb:e8:bc:4d:c8:a7:20:9e:fc:d3:44:a1:96:86:e1: d5:6f:fb:c1:e0:7c:9a:10:76:16:bd:7b:7c:4f:7a:09:b8:93: d3:c0:27:55:06:d8:71:2f:92:86:98:bd:0a:21:f7:22:32:2e: 45:3a:02:fc:6a:3e:2a:34:59:b9:f9:77:60:6c:e9:78:4a:8c: 5f:2d:c7:d7:07:30:a6:84:aa:d5:48:73:1f:3e:96:22:3f:0d: 89:40:19:a6:13:29:7b:aa:89:f9:58:25:2f:d3:7f:4a:8f:68: 90:50:43:ee:44:b2:ca:a9:e2:09:55:88:e3:ff:7e:58:62:ad: 68:e6:e5:27 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUEhxlCwmx3BH+gw9ql2ZPQRuKnyowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAxMDJaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDQ1MjgyMGU3YTVjNzJlZWRhYzZlNTcxMmZlYmJmYjk2NDdhMWU3MjcxZTVm MzMwZTJjNGI4MjRiMTYzMDdmNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIyKa/Yi79w62+AO7MBPEBm7uzL7cG07r2xfA6V396hCMGZBJeQ9Am2E/A6+ KuJ+UPv9jLVZJVAICe5bO9iZgnPpBzva2VYzJj5Cain5w00B/oV/dDMj7jIza4dF q3o4XpcUsuuPxi7Yzgr6ypzQkGBI7w1S4tnFxHuCNU42N0UoGleBcu3BIoUTyqst zy95d91DJRLeubMf/+KLGwvKPT4aYb9i9MSqFRYMeJD6auhX3gG6GTET2q4ub8tm 8E0DN8a4C10FV6nkLVKQxPdX7chIr68MHiW+M5hRQmc99vxTqIh3GCvZQFxL7sFc ZFg0YsZH/2o/RjCsksrGc4JMb4MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWZmi8 TaeENfBqUFDI0+AkVi1zAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGU4YjFhOWYtMGEwNi00ZTllLWE0OWUtYTVhYmViN2E0NzA3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg gDANBgkqhkiG9w0BAQsFAAOCAQEAVTdCnXhFA8zuXmX8EXk6EVwd7dXKJueOI1iA MBKb/z7xd3JniaXxdzeFjsVqslE4o1uNxiZaa7CHvEBVNfGn7NDQL1RBSXyDHiUa hCeZPwV5s0NKpOxl5BccrwPGYp87SgpJpH1pz9VKpNF/+mzuA3exM+AJ1JfP0BxP qMYqWZobu+i8TcinIJ7800Shlobh1W/7weB8mhB2Fr17fE96CbiT08AnVQbYcS+S hpi9CiH3IjIuRToC/Go+KjRZufl3YGzpeEqMXy3H1wcwpoSq1UhzHz6WIj8NiUAZ phMpe6qJ+VglL9N/So9okFBD7kSyyqniCVWI4/9+WGKtaOblJw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:50 2025 by rpki-client