This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa File: e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa (raw, json) Hash identifier: +Dq++CQvhy+bW5BNdZdZHEn0ZtEiUFb1+oa1nQN6NvE= Subject key identifier: 0F:A7:CE:DB:A9:3A:BC:44:13:AF:13:31:D0:2D:B2:BC:C6:6D:2F:4B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3931F4F0456D220D581FD4962E1F7A2170485A34 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa Signing time: Sun 23 Nov 2025 01:30:51 +0000 ROA not before: Sun 23 Nov 2025 01:30:51 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:31:f4:f0:45:6d:22:0d:58:1f:d4:96:2e:1f:7a:21:70:48:5a:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:51 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=5a57b0b145272bb55912bc28f027157ed0b1ef2d030c71e26005fe2d711cc50d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:48:c6:6c:56:f3:15:ce:ae:9c:b3:b1:db:f7: 2e:0a:bd:c5:cf:4d:a4:36:dd:b7:cb:b3:0d:76:58: 01:2c:5b:30:11:71:57:19:6d:69:68:ad:ec:e0:f0: c2:ef:68:b2:03:99:05:ee:8b:c3:fa:d6:66:0b:7a: 96:04:3b:46:df:f8:d5:01:97:a4:f2:6c:f3:e1:29: f0:b1:62:13:38:d1:85:52:6a:5c:a1:b1:8c:5c:2a: 8a:e9:c3:9d:bc:30:e8:9e:06:5a:65:1c:f1:71:c1: b2:a7:f1:bb:a1:7c:08:f0:4f:b5:b4:4b:f8:bf:20: 45:dc:ee:49:6a:21:8b:dc:23:ca:44:bf:e8:7b:53: 18:84:5a:ac:1b:31:85:59:ed:e8:b5:85:37:47:66: df:cf:a6:d4:6b:5b:68:33:bd:25:c7:f2:0c:41:9a: 53:76:17:19:cb:98:1f:ff:a4:68:90:61:d8:63:07: d2:ae:ee:85:11:92:6b:f1:bd:4d:95:68:ba:50:c6: 85:8e:cf:e2:ea:7a:4e:83:04:b7:c6:61:c0:1f:f2: ec:f0:76:0c:82:66:c2:5a:9e:0c:27:e1:24:d2:60: d1:b2:0f:3f:a1:1d:29:f2:01:bc:82:93:51:08:87: d0:52:ab:58:a9:5e:43:6d:26:df:40:fb:13:e2:8c: 82:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:A7:CE:DB:A9:3A:BC:44:13:AF:13:31:D0:2D:B2:BC:C6:6D:2F:4B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:880::/48 Signature Algorithm: sha256WithRSAEncryption 33:83:39:c0:05:3b:33:1b:30:27:40:8a:d3:15:22:c8:41:df: 69:de:2d:f5:d5:83:10:c0:af:40:65:39:28:38:ed:50:44:f9: 6a:e3:7c:53:24:46:2e:3e:a2:78:c6:73:51:73:7c:7a:00:9b: 2f:c5:83:9c:6d:d1:dc:ad:61:64:f4:83:4a:83:d8:fd:c9:0e: 6a:31:52:2c:68:d7:02:5e:ab:60:b1:c1:fb:99:d9:1e:f4:cf: 8c:9f:e5:6e:fe:1e:9d:64:1e:34:60:4a:28:56:c6:9c:63:79: 85:ad:c9:e6:58:98:dd:81:22:c6:9a:dc:08:c7:5e:29:cb:fb: 6d:d5:27:cd:97:d9:14:e7:ee:cc:2b:58:85:79:9d:fa:48:c6: 9a:04:3c:f8:d0:84:62:cf:c4:78:63:ad:90:97:f7:21:3d:84: b7:69:27:ae:2b:05:fe:cc:e6:c7:01:e4:d3:c1:69:e5:8e:d4: 00:84:77:fe:d8:9e:95:60:b5:57:96:60:f9:df:e8:21:30:3c: 9c:13:4e:63:82:3c:f3:42:f2:dc:be:cb:ab:ff:2c:65:79:26: 37:a1:6f:73:55:c6:31:cd:75:c4:89:68:77:0f:04:d4:47:2f: 83:1b:fb:ab:32:c3:b0:58:ce:a4:69:d1:9d:37:f7:c6:5b:bb: 4a:a9:4c:a8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUOTH08EVtIg1YH9SWLh96IXBIWjQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwNTFaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDVhNTdiMGIxNDUyNzJiYjU1OTEyYmMyOGYwMjcxNTdlZDBiMWVmMmQwMzBj NzFlMjYwMDVmZTJkNzExY2M1MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALNIxmxW8xXOrpyzsdv3Lgq9xc9NpDbdt8uzDXZYASxbMBFxVxltaWit7ODw wu9osgOZBe6Lw/rWZgt6lgQ7Rt/41QGXpPJs8+Ep8LFiEzjRhVJqXKGxjFwqiunD nbww6J4GWmUc8XHBsqfxu6F8CPBPtbRL+L8gRdzuSWohi9wjykS/6HtTGIRarBsx hVnt6LWFN0dm38+m1GtbaDO9JcfyDEGaU3YXGcuYH/+kaJBh2GMH0q7uhRGSa/G9 TZVoulDGhY7P4up6ToMEt8ZhwB/y7PB2DIJmwlqeDCfhJNJg0bIPP6EdKfIBvIKT UQiH0FKrWKleQ20m30D7E+KMgvECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQPp87b qTq8RBOvEzHQLbK8xm0vSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTRiNmVhZWUtMTJhNy00YTVmLThkYzEtN2ZmNzc1ZjVhOTY3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoI gDANBgkqhkiG9w0BAQsFAAOCAQEAM4M5wAU7MxswJ0CK0xUiyEHfad4t9dWDEMCv QGU5KDjtUET5auN8UyRGLj6ieMZzUXN8egCbL8WDnG3R3K1hZPSDSoPY/ckOajFS LGjXAl6rYLHB+5nZHvTPjJ/lbv4enWQeNGBKKFbGnGN5ha3J5liY3YEixprcCMde Kcv7bdUnzZfZFOfuzCtYhXmd+kjGmgQ8+NCEYs/EeGOtkJf3IT2Et2knrisF/szm xwHk08Fp5Y7UAIR3/tielWC1V5Zg+d/oITA8nBNOY4I880Ly3L7Lq/8sZXkmN6Fv c1XGMc11xIlodw8E1Ecvgxv7qzLDsFjOpGnRnTf3xlu7SqlMqA== -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:15 2025 by rpki-client