This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json) Hash identifier: GXjsvS+ZRO0M47tT3MtwYT3brzr7fiseP7QOIJ7X81Y= Subject key identifier: 46:95:14:73:E5:F8:00:16:D9:0E:17:F1:52:8D:D9:A1:EE:1B:BF:63 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 417E71F393F84FB40B8B052CAB7807A634B63EC8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa Signing time: Tue 25 Nov 2025 20:00:46 +0000 ROA not before: Tue 25 Nov 2025 20:00:46 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:7e:71:f3:93:f8:4f:b4:0b:8b:05:2c:ab:78:07:a6:34:b6:3e:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:46 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=65c0432fbd5680106d3d74705152f0f0038a63e22a02483bc516ab952f395b7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ff:31:26:66:da:30:cd:84:73:4a:1b:87:0d: a7:ff:0e:85:5d:33:98:4b:d1:82:8d:19:95:bc:16: b0:10:0e:e8:50:90:25:f4:f9:c9:19:1a:95:60:ac: cd:59:b6:b8:e3:71:7a:f2:27:6e:cf:d9:79:86:79: 05:ec:52:a4:f7:c9:1e:3a:69:63:bf:ca:ad:23:c2: e1:3d:54:c8:db:15:89:26:5c:c4:3f:c4:9f:be:ef: 0e:59:75:f4:49:86:19:02:85:8f:00:b4:89:28:65: 92:93:17:dd:93:da:40:12:83:4d:97:dd:84:74:3c: 9c:63:bc:db:a4:3a:ea:ec:2c:9f:31:80:1c:d7:b6: 38:a8:9f:5d:39:65:d5:a2:3f:59:7c:4a:79:81:a8: 93:8d:39:84:4d:05:e7:dd:28:dc:41:ed:24:2c:66: ec:af:75:55:17:0f:42:18:6e:7f:36:04:21:c2:52: b5:58:81:03:72:68:96:3b:17:cb:06:5b:32:5f:e5: b1:cc:a9:9d:ae:ee:0c:58:62:33:43:a1:c9:cd:f4: cf:04:34:3a:69:a5:86:f2:0b:4e:8a:38:a0:83:99: 21:c7:85:b6:8e:3e:0f:44:b6:08:d4:f1:d9:19:42: de:8b:96:04:4e:45:0f:46:00:ec:12:ff:d8:cb:53: bd:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:95:14:73:E5:F8:00:16:D9:0E:17:F1:52:8D:D9:A1:EE:1B:BF:63 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:4000::/40 Signature Algorithm: sha256WithRSAEncryption a2:87:ce:e6:e0:68:39:23:a1:f6:5b:8b:68:89:3e:f8:ff:61: 5e:94:6c:0a:37:2c:d0:3c:f7:af:a8:f7:1e:15:89:3b:42:30: 57:6c:09:22:fc:71:cc:8e:c9:b8:79:62:e9:4d:b9:26:00:72: 5e:55:ee:f1:5b:a5:18:1b:20:19:d4:9e:56:10:11:59:1c:10: 60:9c:c1:c8:e6:04:2d:da:bb:81:2c:5f:52:b0:26:c7:73:b7: fd:7f:fd:75:d7:18:46:29:08:82:f0:4b:76:36:3b:b5:e8:3a: 8a:2b:30:e6:2a:21:f4:49:2f:1e:f1:6e:57:b1:5e:62:17:0e: 82:98:48:70:b6:37:55:3c:c0:87:bb:10:f9:cb:d9:29:bc:43: 61:cb:7c:65:ab:77:87:30:95:41:e2:02:be:b3:f8:f7:79:69: b3:75:4f:c7:cc:d0:01:da:92:81:38:52:d6:e1:c1:e6:e1:b9: 63:f0:a5:b2:20:9c:2d:d7:5b:a2:54:47:fc:c1:cf:28:2b:fb: a6:f2:64:1c:48:3e:1f:21:d5:3c:ad:6a:c8:b9:4e:7e:f5:b5: f5:a7:12:20:4e:0a:ec:07:f3:5e:fe:81:db:32:f9:67:e3:fd: 9e:4d:e2:22:35:6f:c3:85:e3:56:48:77:dc:65:c1:de:20:88: 2d:a6:35:d6 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUQX5x85P4T7QLiwUsq3gHpjS2PsgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwNDZaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDY1YzA0MzJmYmQ1NjgwMTA2ZDNkNzQ3MDUxNTJmMGYwMDM4YTYzZTIyYTAy NDgzYmM1MTZhYjk1MmYzOTViN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMj/MSZm2jDNhHNKG4cNp/8OhV0zmEvRgo0ZlbwWsBAO6FCQJfT5yRkalWCs zVm2uONxevInbs/ZeYZ5BexSpPfJHjppY7/KrSPC4T1UyNsViSZcxD/En77vDll1 9EmGGQKFjwC0iShlkpMX3ZPaQBKDTZfdhHQ8nGO826Q66uwsnzGAHNe2OKifXTll 1aI/WXxKeYGok405hE0F590o3EHtJCxm7K91VRcPQhhufzYEIcJStViBA3JoljsX ywZbMl/lscypna7uDFhiM0Ohyc30zwQ0OmmlhvILToo4oIOZIceFto4+D0S2CNTx 2RlC3ouWBE5FD0YA7BL/2MtTvZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGlRRz 5fgAFtkOF/FSjdmh7hu/YzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA MA0GCSqGSIb3DQEBCwUAA4IBAQCih87m4Gg5I6H2W4toiT74/2FelGwKNyzQPPev qPceFYk7QjBXbAki/HHMjsm4eWLpTbkmAHJeVe7xW6UYGyAZ1J5WEBFZHBBgnMHI 5gQt2ruBLF9SsCbHc7f9f/111xhGKQiC8Et2Nju16DqKKzDmKiH0SS8e8W5XsV5i Fw6CmEhwtjdVPMCHuxD5y9kpvENhy3xlq3eHMJVB4gK+s/j3eWmzdU/HzNAB2pKB OFLW4cHm4blj8KWyIJwt11uiVEf8wc8oK/um8mQcSD4fIdU8rWrIuU5+9bX1pxIg TgrsB/Ne/oHbMvln4/2eTeIiNW/DheNWSHfcZcHeIIgtpjXW -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:48 2025 by rpki-client