This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa File: ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa (raw, json) Hash identifier: ZDucF5YRgm53Q6cgR5/iDtmwq958LbqXKDPG29pVLLU= Subject key identifier: 17:A9:AC:FF:9F:2F:B5:52:DD:15:E2:1E:E7:71:74:5C:1C:24:15:A0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7CD37C5F5129AA07C172BA216358ED094DB8EEA3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa Signing time: Sat 15 Nov 2025 06:21:11 +0000 ROA not before: Sat 15 Nov 2025 06:21:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:d3:7c:5f:51:29:aa:07:c1:72:ba:21:63:58:ed:09:4d:b8:ee:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:21:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5bc1481bf4aa90d70fc0162ba75a333a1c60cc8facff116f3bcedea6ca679c14, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:00:03:67:2b:6c:0e:66:40:b0:7f:13:2c:41: b5:1c:be:89:f3:9b:24:66:ca:5f:75:d1:9b:c3:08: 9f:e3:f1:ed:be:eb:21:d3:ca:6b:54:4e:45:cc:9a: 16:a4:af:0e:b8:bb:58:0a:16:c3:d9:58:49:c5:1e: 9b:3f:e1:c7:29:e4:b8:25:6f:13:7e:d7:f6:14:b0: 8f:cc:36:da:fa:2e:5f:02:fe:27:ae:e1:38:e2:57: 6c:44:07:cd:8b:4f:2d:6d:9e:b6:28:0c:de:c3:db: 60:7d:6e:6b:2b:b8:c7:39:1e:cc:f8:c3:4f:a6:56: 85:bb:82:9f:01:08:2f:00:c0:42:6e:96:c7:7f:b9: 77:50:fc:77:44:f2:40:4c:ad:6d:26:d0:c1:a7:a4: d5:b1:56:38:a7:4e:ed:67:35:43:ff:35:69:01:b9: 9a:be:58:44:3b:86:5e:db:46:cc:d1:bf:34:ac:f7: cf:63:cd:43:8b:cf:f5:df:20:f2:93:ce:a0:dd:f5: 64:fc:20:c4:65:6f:9e:65:f3:85:55:25:cb:82:8a: 8a:f2:61:e3:e2:fd:1c:6d:76:a2:73:85:c3:9f:36: 92:61:68:97:eb:28:bf:92:5c:5e:2f:76:d6:17:bf: 9b:59:bd:6e:f8:be:b6:b0:b0:16:67:69:51:d1:27: 65:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:A9:AC:FF:9F:2F:B5:52:DD:15:E2:1E:E7:71:74:5C:1C:24:15:A0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:b000::/40 Signature Algorithm: sha256WithRSAEncryption 78:83:f5:39:1b:72:3c:73:a8:84:18:b2:8a:db:09:9d:4e:89: 50:78:33:8f:fd:d3:0b:8a:fa:f3:fd:3b:cb:70:f1:57:07:98: 7c:87:be:de:41:fe:a9:13:3b:00:36:41:b3:f4:9d:0b:27:56: a1:f6:f9:a6:2a:4c:76:f8:8d:33:32:17:5a:b1:56:49:0c:af: e1:ce:94:63:65:49:00:2c:49:68:4d:e3:5f:ca:5c:5f:bd:ad: 2f:71:8e:c2:3b:3b:4f:b3:ad:12:18:d2:3d:75:a3:f3:b8:d3: ed:cf:ba:c3:5b:86:68:75:46:6a:46:0b:fe:91:dd:0f:e5:89: 2a:dc:60:5e:ee:d1:9e:fb:a0:9a:cf:25:83:c0:c3:d3:0b:da: d3:96:d4:f7:ff:d7:a9:90:74:a9:4a:4e:a7:21:3a:01:1d:70: e6:43:48:f9:fe:7e:e9:2e:80:77:75:08:8e:14:46:fd:17:a4: 86:17:34:65:af:3a:0c:51:70:3d:e0:f9:5b:ca:f3:6b:89:e5: 34:e3:d9:d6:f9:7e:76:51:dc:11:32:db:7c:26:8b:db:30:ff: 3b:ca:6b:b0:33:d3:55:15:d5:db:83:fa:e1:56:55:3f:a5:24: e0:9f:80:09:6a:59:1d:da:b7:fd:a6:1f:4f:82:07:49:d6:f4: 3f:76:fd:6d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfNN8X1EpqgfBcrohY1jtCU247qMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIxMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDViYzE0ODFiZjRhYTkwZDcwZmMwMTYyYmE3NWEzMzNhMWM2MGNjOGZhY2Zm MTE2ZjNiY2VkZWE2Y2E2NzljMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgAA2crbA5mQLB/EyxBtRy+ifObJGbKX3XRm8MIn+Px7b7rIdPKa1RORcya FqSvDri7WAoWw9lYScUemz/hxynkuCVvE37X9hSwj8w22vouXwL+J67hOOJXbEQH zYtPLW2etigM3sPbYH1uayu4xzkezPjDT6ZWhbuCnwEILwDAQm6Wx3+5d1D8d0Ty QEytbSbQwaek1bFWOKdO7Wc1Q/81aQG5mr5YRDuGXttGzNG/NKz3z2PNQ4vP9d8g 8pPOoN31ZPwgxGVvnmXzhVUly4KKivJh4+L9HG12onOFw582kmFol+sov5JcXi92 1he/m1m9bvi+trCwFmdpUdEnZdUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXqaz/ ny+1Ut0V4h7ncXRcHCQVoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWJlMjMyZTktOGYwYS00MTI1LWI4M2MtNzk4OWUzOWZkZDk5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2w MA0GCSqGSIb3DQEBCwUAA4IBAQB4g/U5G3I8c6iEGLKK2wmdTolQeDOP/dMLivrz /TvLcPFXB5h8h77eQf6pEzsANkGz9J0LJ1ah9vmmKkx2+I0zMhdasVZJDK/hzpRj ZUkALEloTeNfylxfva0vcY7COztPs60SGNI9daPzuNPtz7rDW4ZodUZqRgv+kd0P 5Ykq3GBe7tGe+6CazyWDwMPTC9rTltT3/9epkHSpSk6nIToBHXDmQ0j5/n7pLoB3 dQiOFEb9F6SGFzRlrzoMUXA94PlbyvNrieU049nW+X52UdwRMtt8JovbMP87ymuw M9NVFdXbg/rhVlU/pSTgn4AJalkd2rf9ph9PggdJ1vQ/dv1t -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:53 2025 by rpki-client