This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json) Hash identifier: fx3E1hDOfBkuGjBbz+Qt8tqf4Lh5hc5BUer0pfcJ90c= Subject key identifier: E8:B7:51:15:51:B0:C0:2E:39:65:12:22:8E:0F:E8:A5:99:2F:1A:86 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5CBDFA89E7B45E5844B7D4214D1B120FDF4AAD2E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa Signing time: Sat 15 Nov 2025 05:51:03 +0000 ROA not before: Sat 15 Nov 2025 05:51:03 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:bd:fa:89:e7:b4:5e:58:44:b7:d4:21:4d:1b:12:0f:df:4a:ad:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:51:03 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=301497090fbe1c7d1b69a6cbfb2c6b2376e09bddfe2c2876aec8434fda63ec76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:71:56:96:29:c3:81:ae:61:c2:0b:f5:60:9d: bb:9b:a4:e0:73:28:82:33:b7:52:23:e7:68:28:9a: ac:6f:6f:e1:9a:f5:e1:3f:b4:db:95:37:31:01:d8: d6:b0:2f:a0:cf:01:e6:0f:b1:34:3e:8e:fc:83:03: 7a:f6:e3:55:7a:d6:7d:72:e2:8b:a5:12:2c:e7:52: a0:d9:9c:6c:66:f6:db:b0:ce:79:74:71:c9:93:86: 4a:75:df:20:9a:eb:93:1c:55:1f:d1:93:d8:cc:ae: 62:6d:8d:25:d2:3b:e7:cc:3f:7e:c4:9d:66:58:f9: 8f:79:73:01:0c:70:16:39:c5:07:b2:12:4f:b2:3a: 31:97:30:87:12:f5:8d:29:e8:6e:82:42:be:5d:a6: 4d:6d:ed:d2:aa:8a:33:da:1e:c7:d6:43:b9:5c:b0: 69:61:01:90:9d:1f:23:d8:23:0a:26:45:74:21:3c: 1c:a4:ce:60:45:e9:1a:14:d7:fe:2d:c9:b0:79:f4: b6:9a:0f:ef:a2:66:0b:3a:ea:2b:07:e2:d7:54:d1: a1:1e:98:49:f1:6e:12:54:84:cc:79:bd:bf:a6:e7: 11:65:44:de:e5:78:8e:b0:65:f8:13:be:4f:be:ac: 55:57:29:9f:ac:12:bb:89:c7:bd:49:50:59:6c:d1: 01:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:B7:51:15:51:B0:C0:2E:39:65:12:22:8E:0F:E8:A5:99:2F:1A:86 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:2000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:63:1b:32:6c:cf:db:08:5b:a5:34:d0:26:5b:e5:0f:d4:cc: a6:b4:62:49:67:e4:fa:2b:28:49:3a:0b:7f:e7:f3:4b:fd:80: 6e:aa:90:cc:a1:d9:50:b4:fd:5f:13:da:61:f1:65:02:9a:cd: 04:61:8a:3f:f0:c5:0f:56:c1:8b:51:5c:d1:5d:74:1a:ff:2d: 19:3d:af:5a:fa:08:fe:ce:c3:7f:78:fa:31:7d:d3:80:95:34: 51:9d:e2:08:28:dc:67:06:f4:07:b3:0a:64:cd:08:ea:bf:75: 80:64:1b:24:4d:47:4f:52:bb:6b:a3:18:66:ac:e2:49:d3:d9: ab:a5:da:e1:4b:59:da:f4:d5:06:a2:e1:f6:7e:46:a6:52:e7: 2e:f9:7d:fe:2e:b6:ec:a7:da:87:e5:e8:a6:cc:85:9d:82:c0: dd:70:b6:ce:5b:0c:81:eb:80:11:7c:a1:f2:d9:3d:0e:70:82: 4e:5d:9d:78:e9:b9:7b:cc:dd:74:03:54:99:fe:5b:71:2c:49: 88:49:4f:bb:e9:7a:3b:49:89:1f:51:eb:a7:47:d3:9e:2a:94: 10:15:d6:84:88:e1:1c:bb:6c:51:ee:d8:56:76:69:72:20:fa: 56:42:85:7e:7b:f2:9c:01:06:6a:96:2a:0d:51:a2:e0:8d:22: f7:4c:e5:bb -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXL36iee0XlhEt9QhTRsSD99KrS4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUxMDNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDMwMTQ5NzA5MGZiZTFjN2QxYjY5YTZjYmZiMmM2YjIzNzZlMDliZGRmZTJj Mjg3NmFlYzg0MzRmZGE2M2VjNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPRxVpYpw4GuYcIL9WCdu5uk4HMogjO3UiPnaCiarG9v4Zr14T+025U3MQHY 1rAvoM8B5g+xND6O/IMDevbjVXrWfXLii6USLOdSoNmcbGb227DOeXRxyZOGSnXf IJrrkxxVH9GT2MyuYm2NJdI758w/fsSdZlj5j3lzAQxwFjnFB7IST7I6MZcwhxL1 jSnoboJCvl2mTW3t0qqKM9oex9ZDuVywaWEBkJ0fI9gjCiZFdCE8HKTOYEXpGhTX /i3JsHn0tpoP76JmCzrqKwfi11TRoR6YSfFuElSEzHm9v6bnEWVE3uV4jrBl+BO+ T76sVVcpn6wSu4nHvUlQWWzRAWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTot1EV UbDALjllEiKOD+ilmS8ahjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg MA0GCSqGSIb3DQEBCwUAA4IBAQAeYxsybM/bCFulNNAmW+UP1MymtGJJZ+T6KyhJ Ogt/5/NL/YBuqpDModlQtP1fE9ph8WUCms0EYYo/8MUPVsGLUVzRXXQa/y0ZPa9a +gj+zsN/ePoxfdOAlTRRneIIKNxnBvQHswpkzQjqv3WAZBskTUdPUrtroxhmrOJJ 09mrpdrhS1na9NUGouH2fkamUucu+X3+Lrbsp9qH5eimzIWdgsDdcLbOWwyB64AR fKHy2T0OcIJOXZ146bl7zN10A1SZ/ltxLEmISU+76Xo7SYkfUeunR9OeKpQQFdaE iOEcu2xR7thWdmlyIPpWQoV+e/KcAQZqlioNUaLgjSL3TOW7 -----END CERTIFICATE-----Generated at Sat Dec 6 21:33:51 2025 by rpki-client