This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json) Hash identifier: Ie+Q/a2f06AuIvJ/ujmyTP00Q6zdV3JHrpH+WUFlBPc= Subject key identifier: 1B:4C:F4:5A:9D:28:A7:16:81:FE:DB:89:0D:AA:52:99:7B:39:D1:AA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3AD3815F0EF8913859A42AD97D4B8BB93CC96FC6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa Signing time: Sat 15 Nov 2025 05:50:51 +0000 ROA not before: Sat 15 Nov 2025 05:50:51 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:d3:81:5f:0e:f8:91:38:59:a4:2a:d9:7d:4b:8b:b9:3c:c9:6f:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:51 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=d5d86a1de5ae6c8f4287770c0410ec1c94625a83d2bc25253533027e2601987d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:56:02:5d:bd:a4:a8:81:33:ab:e2:77:4f:2f: cc:ff:e0:37:b2:53:29:b0:75:a0:4c:f5:f4:e8:e6: dc:af:02:b2:0b:eb:b6:6b:72:7a:a3:f4:37:07:ad: fd:1c:4d:27:08:77:bc:bc:fc:b3:5b:9f:67:79:d8: ea:3b:15:9b:6c:61:68:d5:b8:84:7f:6c:e5:87:54: cf:41:65:0b:35:b5:49:36:e3:01:40:0d:5e:4e:f9: 3b:91:51:87:f2:15:0f:23:ea:09:b1:3d:3a:6d:b6: 5c:af:a7:f9:d5:49:b6:c4:c8:72:ad:d5:ef:90:9a: 58:60:4a:62:38:9a:5d:35:fd:1d:2d:0f:ea:e5:0b: 41:17:2e:e6:99:27:b6:ce:16:61:37:f8:09:59:bd: 62:8f:fb:ae:84:30:25:d3:6d:8c:f0:bf:3f:44:4b: 94:a7:19:c1:fc:7d:f1:ca:08:10:42:42:15:23:78: 7e:a0:b4:d7:17:6d:a5:20:9c:cb:9b:18:20:38:cd: 38:c0:a1:6f:6a:aa:3b:c8:9e:db:c7:a9:c8:69:68: ae:f7:e1:b8:41:2d:36:3f:aa:a0:65:bc:82:e9:88: 41:91:48:f9:59:86:05:4a:e8:5a:62:7d:15:df:03: 61:b2:61:af:82:97:86:80:3b:49:cc:55:2a:0f:d6: 9d:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:4C:F4:5A:9D:28:A7:16:81:FE:DB:89:0D:AA:52:99:7B:39:D1:AA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:2000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:bf:20:c9:b3:49:d8:5e:cf:24:84:98:a5:59:9e:41:21:38: b1:27:da:27:99:5a:54:cb:51:42:7e:de:c8:69:45:6d:36:12: b9:18:bf:06:c0:b3:7c:41:fd:2c:d1:51:94:4f:a8:2b:89:80: ca:92:73:fd:8f:0e:8f:df:bc:82:a7:66:04:ae:2d:f0:ed:a8: 1f:dd:d0:0d:3c:21:68:29:87:15:06:b6:cb:47:bb:33:17:38: be:2b:e8:37:6e:75:63:67:00:2d:ee:ef:96:ea:6f:a1:1c:37: c9:a8:ad:2c:02:95:63:d9:93:9d:7b:3c:bf:c6:ac:17:70:76: b9:dd:bb:3c:74:ea:e1:2b:f5:87:17:e7:69:dd:0e:f4:49:53: f1:79:95:00:0d:d3:fb:a9:af:f9:2a:95:24:29:65:5a:d9:de: 9d:67:4c:64:11:d8:e2:36:9a:37:c9:df:b4:54:74:07:52:9f: b3:72:50:65:80:b6:d4:0a:65:e7:71:8b:0b:eb:0d:96:86:6f: 1a:b4:6b:48:3a:b9:59:34:be:f5:96:f2:5d:d8:dd:66:e7:5f: ff:0c:cf:7b:d4:16:09:9c:6d:ef:c0:fd:00:20:4f:60:23:09: fd:bf:20:ea:e6:99:c8:ce:33:a6:86:cd:f4:f9:d6:76:de:1e: 2f:66:fe:6d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOtOBXw74kThZpCrZfUuLuTzJb8YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwNTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ1ZDg2YTFkZTVhZTZjOGY0Mjg3NzcwYzA0MTBlYzFjOTQ2MjVhODNkMmJj MjUyNTM1MzMwMjdlMjYwMTk4N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMRWAl29pKiBM6vid08vzP/gN7JTKbB1oEz19Ojm3K8CsgvrtmtyeqP0Nwet /RxNJwh3vLz8s1ufZ3nY6jsVm2xhaNW4hH9s5YdUz0FlCzW1STbjAUANXk75O5FR h/IVDyPqCbE9Om22XK+n+dVJtsTIcq3V75CaWGBKYjiaXTX9HS0P6uULQRcu5pkn ts4WYTf4CVm9Yo/7roQwJdNtjPC/P0RLlKcZwfx98coIEEJCFSN4fqC01xdtpSCc y5sYIDjNOMChb2qqO8ie28epyGlorvfhuEEtNj+qoGW8gumIQZFI+VmGBUroWmJ9 Fd8DYbJhr4KXhoA7ScxVKg/Wnb0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbTPRa nSinFoH+24kNqlKZeznRqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g MA0GCSqGSIb3DQEBCwUAA4IBAQB9vyDJs0nYXs8khJilWZ5BITixJ9onmVpUy1FC ft7IaUVtNhK5GL8GwLN8Qf0s0VGUT6griYDKknP9jw6P37yCp2YEri3w7agf3dAN PCFoKYcVBrbLR7szFzi+K+g3bnVjZwAt7u+W6m+hHDfJqK0sApVj2ZOdezy/xqwX cHa53bs8dOrhK/WHF+dp3Q70SVPxeZUADdP7qa/5KpUkKWVa2d6dZ0xkEdjiNpo3 yd+0VHQHUp+zclBlgLbUCmXncYsL6w2Whm8atGtIOrlZNL71lvJd2N1m51//DM97 1BYJnG3vwP0AIE9gIwn9vyDq5pnIzjOmhs30+dZ23h4vZv5t -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:39 2025 by rpki-client