This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa File: ecd857ec-bcff-41df-b23a-19087481169e.roa (raw, json) Hash identifier: j2Mk/SJsq5uV2c3KC/6WoawIVw66d/7aF3/70lw2d4M= Subject key identifier: E9:AF:13:EF:98:B9:68:0E:EA:1E:73:27:99:8E:39:D7:1E:5F:EE:2E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 01FDA03A447CA037D627E4FD459E8C742A529D3D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa Signing time: Sat 15 Nov 2025 05:50:35 +0000 ROA not before: Sat 15 Nov 2025 05:50:35 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:fd:a0:3a:44:7c:a0:37:d6:27:e4:fd:45:9e:8c:74:2a:52:9d:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:35 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a9d8ca1d87f8cb0373ec4088d263cadfde200567249d13aeb9d379677593d632, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c8:57:f4:9e:e9:b4:9b:50:b4:9c:66:a4:a3: aa:d6:6e:e0:59:34:ae:e7:ba:d0:3e:78:d2:32:41: d8:46:c6:78:d1:3e:0f:cb:9a:57:0e:c1:d8:81:94: d6:e3:6f:19:40:ce:95:75:72:5b:6e:1f:9e:db:a3: 24:03:52:22:37:25:e2:63:36:ce:2a:8f:a4:d7:98: 04:69:3c:26:23:9a:70:92:88:05:2c:d1:72:1b:80: 18:77:5e:7d:be:8e:7f:93:89:7c:8b:2b:72:12:e7: 97:4a:e5:af:2d:40:c7:2d:21:38:b2:4b:58:ed:48: cc:1e:b0:e8:a7:50:aa:4c:5f:55:03:a9:d5:13:24: 51:1d:5f:0c:5d:cb:d0:24:a0:c5:78:42:04:81:1c: d3:83:be:7c:dd:d7:cd:38:b3:ad:c0:9a:a7:ad:72: a4:87:ad:0d:66:35:f5:16:5c:84:a1:9d:ee:f0:db: ac:b8:14:61:48:30:05:c9:b0:0f:af:81:66:ce:19: 20:ea:df:62:07:df:39:74:60:92:33:0b:f9:35:a1: b7:f8:ff:d8:87:04:a5:93:e8:01:a2:f6:5a:f5:4f: 4b:ad:c1:07:31:3a:e8:d8:da:9a:88:01:fe:2a:74: 07:b2:13:d5:fe:6b:d9:b6:27:c0:57:eb:46:98:e9: da:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:AF:13:EF:98:B9:68:0E:EA:1E:73:27:99:8E:39:D7:1E:5F:EE:2E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:5000::/40 Signature Algorithm: sha256WithRSAEncryption a9:8b:77:17:cd:6c:0b:76:ab:c3:c6:26:b4:24:f5:3b:bc:28: d1:47:fc:ac:79:b4:1e:d6:14:77:39:02:9e:95:97:a8:69:f7: 55:d2:6c:5d:69:d1:48:7f:9b:26:31:67:54:5c:fa:ba:92:18: 0a:6a:97:4a:3a:f7:e4:eb:d0:cd:21:4d:9e:7c:0e:fe:50:3b: d3:f1:7b:02:a8:ba:6f:82:d9:45:55:9d:54:7a:26:79:8d:85: de:f8:9b:55:2b:76:ea:a7:0e:f2:45:5f:f7:28:23:e8:c4:aa: 20:56:f9:dc:18:b7:25:6c:e8:ae:c9:e2:78:cf:49:3d:22:97: 31:45:ca:55:50:a1:c7:2d:b5:24:f8:ff:33:8b:b9:f3:75:e7: 9b:38:b1:3d:18:a4:45:d8:3e:c7:20:a1:a5:ca:50:f1:3c:1d: 3d:e1:4c:10:47:7f:dd:97:3b:12:78:2e:3c:b2:90:2d:e3:96: 42:37:9b:41:06:08:af:3a:16:a9:01:2b:33:9d:b3:af:c0:53: c9:8e:b9:8e:70:1d:fb:5d:75:22:06:c2:d5:b2:5f:b0:e1:8f: 2e:11:98:be:2a:65:80:4d:6e:0a:e2:bc:84:3a:15:b1:5c:bf: 37:b9:43:c9:6e:4f:57:40:2e:a7:3d:e4:3c:17:af:ff:b3:5d: 43:fc:b1:f1 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAf2gOkR8oDfWJ+T9RZ6MdCpSnT0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGE5ZDhjYTFkODdmOGNiMDM3M2VjNDA4OGQyNjNjYWRmZGUyMDA1NjcyNDlk MTNhZWI5ZDM3OTY3NzU5M2Q2MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3IV/Se6bSbULScZqSjqtZu4Fk0rue60D540jJB2EbGeNE+D8uaVw7B2IGU 1uNvGUDOlXVyW24fntujJANSIjcl4mM2ziqPpNeYBGk8JiOacJKIBSzRchuAGHde fb6Of5OJfIsrchLnl0rlry1Axy0hOLJLWO1IzB6w6KdQqkxfVQOp1RMkUR1fDF3L 0CSgxXhCBIEc04O+fN3XzTizrcCap61ypIetDWY19RZchKGd7vDbrLgUYUgwBcmw D6+BZs4ZIOrfYgffOXRgkjML+TWht/j/2IcEpZPoAaL2WvVPS63BBzE66NjamogB /ip0B7IT1f5r2bYnwFfrRpjp2h0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTprxPv mLloDuoecyeZjjnXHl/uLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWNkODU3ZWMtYmNmZi00MWRmLWIyM2EtMTkwODc0ODExNjllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1Q MA0GCSqGSIb3DQEBCwUAA4IBAQCpi3cXzWwLdqvDxia0JPU7vCjRR/ysebQe1hR3 OQKelZeoafdV0mxdadFIf5smMWdUXPq6khgKapdKOvfk69DNIU2efA7+UDvT8XsC qLpvgtlFVZ1UeiZ5jYXe+JtVK3bqpw7yRV/3KCPoxKogVvncGLclbOiuyeJ4z0k9 IpcxRcpVUKHHLbUk+P8zi7nzdeebOLE9GKRF2D7HIKGlylDxPB094UwQR3/dlzsS eC48spAt45ZCN5tBBgivOhapASsznbOvwFPJjrmOcB37XXUiBsLVsl+w4Y8uEZi+ KmWATW4K4ryEOhWxXL83uUPJbk9XQC6nPeQ8F6//s11D/LHx -----END CERTIFICATE-----Generated at Sat Dec 6 18:36:48 2025 by rpki-client