This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa File: decd4459-2e9b-442e-a3bd-6633fdd0250b.roa (raw, json) Hash identifier: cz1nwDiNQ59nNQyWaf1L8zJOOyLJ+dQdOMn5aGnESmw= Subject key identifier: A1:6B:0C:0F:91:E0:F5:02:70:0D:20:41:74:21:3A:02:49:E3:42:0A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 30B3743297630BB6AB48BB598B3033606D324C61 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa Signing time: Sat 15 Nov 2025 05:50:50 +0000 ROA not before: Sat 15 Nov 2025 05:50:50 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:b3:74:32:97:63:0b:b6:ab:48:bb:59:8b:30:33:60:6d:32:4c:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:50 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=33b18f6107339fef3a70865f990d8d93f196e55a50ac0587927b8d0c586c5e7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:cd:e6:77:d4:af:a5:53:ea:1d:f7:29:08:6b: 77:c9:78:a2:38:b3:e9:80:eb:cc:8b:42:c2:aa:34: a0:37:99:ae:1e:a7:8b:02:41:c0:7f:ed:b2:be:cf: c6:5c:46:32:d8:4b:de:e9:cd:7e:49:b8:58:dd:77: 76:94:5f:03:3f:b6:7f:99:7e:6d:8c:6e:9d:c8:c3: 04:61:93:96:9d:18:fb:50:fe:48:6d:d1:3e:81:15: 30:29:c4:db:2f:fa:2d:18:6a:d5:fb:2e:d8:14:ed: 15:a5:8e:af:49:32:20:78:d0:79:a8:1f:87:84:db: 69:a4:86:ad:cf:41:8d:15:20:3c:6b:e0:53:bf:05: bd:8c:90:7c:13:6f:ed:56:9e:ae:e9:c8:37:8c:e1: 3d:d6:a7:84:2e:48:89:55:85:6b:87:7e:9c:57:fc: 92:5e:4c:2f:fd:18:b5:69:f5:4f:59:de:96:0c:b2: 6e:c6:03:0a:51:39:06:3b:f6:5a:de:29:d5:80:77: b1:0e:49:72:c3:3c:e4:70:72:ca:d2:40:d6:2c:a0: e2:1f:ea:62:b1:fa:e7:c8:57:5a:f0:2c:03:09:61: e6:44:54:21:8c:0d:bd:67:e1:77:57:02:8c:41:d6: ad:01:22:4e:8e:9c:5b:5e:af:86:bd:ca:cb:53:9c: bf:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:6B:0C:0F:91:E0:F5:02:70:0D:20:41:74:21:3A:02:49:E3:42:0A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:a000::/40 Signature Algorithm: sha256WithRSAEncryption bf:07:19:32:d4:31:55:dd:2d:f9:a5:22:07:f4:5c:f1:eb:a2: 9f:16:cb:d9:67:8c:2f:da:41:9a:32:a3:7b:6f:55:5d:87:5a: 63:31:1a:fb:99:a6:7f:89:74:58:8e:55:c1:fd:9c:4c:8c:fc: da:9a:e1:4a:87:e8:3c:75:ce:46:b2:40:65:8b:05:cc:5c:5e: a0:54:48:39:bd:a0:11:6e:1a:c5:14:03:75:fa:67:76:ae:c0: 9e:71:73:ed:31:e0:c4:00:44:00:fa:11:d5:68:7d:60:3d:76: 98:96:9a:39:55:71:75:88:16:9a:af:d0:17:69:57:0d:33:07: 29:d4:e8:d0:f0:c3:6c:ce:f3:db:d3:80:e4:7f:b1:29:22:f2: 69:f8:38:43:40:9b:5c:0a:9c:65:a8:2b:e3:77:f5:b4:74:5f: ce:a5:ee:07:04:b9:00:bc:65:52:67:79:c7:63:ed:07:e7:3c: cd:3b:4e:7d:9c:ae:0b:de:83:95:fc:54:44:75:4a:b9:23:0d: 8a:d6:65:e3:52:7b:b5:03:6b:18:5b:73:44:42:43:0c:3d:fa: 85:0c:27:c8:12:d3:a6:8b:46:d5:ea:ff:2e:37:32:3e:a2:b4: 7f:66:ba:64:e3:ff:7d:68:76:e8:9b:18:0f:12:b6:b0:93:b3: f0:11:b3:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMLN0MpdjC7arSLtZizAzYG0yTGEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwNTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDMzYjE4ZjYxMDczMzlmZWYzYTcwODY1Zjk5MGQ4ZDkzZjE5NmU1NWE1MGFj MDU4NzkyN2I4ZDBjNTg2YzVlN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKPN5nfUr6VT6h33KQhrd8l4ojiz6YDrzItCwqo0oDeZrh6niwJBwH/tsr7P xlxGMthL3unNfkm4WN13dpRfAz+2f5l+bYxuncjDBGGTlp0Y+1D+SG3RPoEVMCnE 2y/6LRhq1fsu2BTtFaWOr0kyIHjQeagfh4TbaaSGrc9BjRUgPGvgU78FvYyQfBNv 7VaerunIN4zhPdanhC5IiVWFa4d+nFf8kl5ML/0YtWn1T1nelgyybsYDClE5Bjv2 Wt4p1YB3sQ5JcsM85HByytJA1iyg4h/qYrH658hXWvAsAwlh5kRUIYwNvWfhd1cC jEHWrQEiTo6cW16vhr3Ky1Ocv+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShawwP keD1AnANIEF0IToCSeNCCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGVjZDQ0NTktMmU5Yi00NDJlLWEzYmQtNjYzM2ZkZDAyNTBiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKg MA0GCSqGSIb3DQEBCwUAA4IBAQC/Bxky1DFV3S35pSIH9Fzx66KfFsvZZ4wv2kGa MqN7b1Vdh1pjMRr7maZ/iXRYjlXB/ZxMjPzamuFKh+g8dc5GskBliwXMXF6gVEg5 vaARbhrFFAN1+md2rsCecXPtMeDEAEQA+hHVaH1gPXaYlpo5VXF1iBaar9AXaVcN Mwcp1OjQ8MNszvPb04Dkf7EpIvJp+DhDQJtcCpxlqCvjd/W0dF/Ope4HBLkAvGVS Z3nHY+0H5zzNO059nK4L3oOV/FREdUq5Iw2K1mXjUnu1A2sYW3NEQkMMPfqFDCfI EtOmi0bV6v8uNzI+orR/Zrpk4/99aHbomxgPErawk7PwEbPU -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:56 2025 by rpki-client