This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json) Hash identifier: hRQGGIxFP28E7pkvo5TXverMWyUW/tOH8Xsm1WCbi6I= Subject key identifier: CC:DC:1F:3B:8F:0F:99:45:8E:5D:5E:BB:87:7B:11:9E:83:75:E6:D5 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 155A157E2DEBC6BD9B532F10EE9C6C04A803FC14 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa Signing time: Sat 29 Nov 2025 03:00:46 +0000 ROA not before: Sat 29 Nov 2025 03:00:46 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d074:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:5a:15:7e:2d:eb:c6:bd:9b:53:2f:10:ee:9c:6c:04:a8:03:fc:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:46 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=9141588685ae86e64aab11f1caddd2b09253ba682e96f6cf7f94c726ac00e362, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:4e:24:9c:ef:26:bb:bb:27:d4:c1:ea:1c:88: 49:0c:7c:16:bd:c5:8f:22:2a:74:f9:e6:3d:7d:13: 93:28:de:d1:e4:36:b0:73:fd:3e:07:81:c6:4b:2f: 57:5b:d2:da:a4:4b:a9:dd:a2:cb:d3:23:5a:c0:3a: 84:6f:80:ac:23:de:b6:2b:02:b1:3c:24:4b:ea:91: 1d:c1:9e:db:bb:f1:ae:73:1b:b3:f4:69:24:e1:74: 2e:c0:d0:6b:57:9b:45:39:64:92:c6:0f:e3:ff:d5: a4:f8:18:5c:cd:4c:18:61:f0:07:bc:72:e1:af:aa: 52:30:48:4b:6e:8c:b8:01:de:2f:de:87:5f:01:96: 68:e4:fc:54:b5:2e:b6:b0:8e:f5:7b:27:ed:d4:1f: 02:29:dc:d4:1f:84:1d:a4:f1:0b:09:a6:d9:bf:16: 56:2f:e0:6a:94:d2:f9:f9:f5:55:d6:9d:de:b0:c6: 10:ea:a6:8c:4f:ab:40:0e:c4:47:42:9a:72:ec:4e: 3b:01:06:b5:2b:c9:7e:c3:c3:0c:32:a6:23:24:1e: f6:47:f6:d9:ca:77:15:28:08:c7:e2:6e:a4:ed:fc: 0b:39:a3:f9:ce:88:e0:1e:0b:f9:99:a7:b5:59:bc: c4:b9:89:65:7b:4f:64:2c:70:95:90:7b:e6:93:63: 47:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:DC:1F:3B:8F:0F:99:45:8E:5D:5E:BB:87:7B:11:9E:83:75:E6:D5 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:c000::/40 Signature Algorithm: sha256WithRSAEncryption 34:c2:1e:6a:c2:45:be:fe:92:e2:71:fb:95:3f:f6:88:9b:a7: 4e:3a:b3:9a:ad:9d:89:9c:af:69:68:dd:e5:09:9b:d7:4e:0d: bd:41:c5:8b:bb:84:e5:12:d9:34:94:fa:50:16:27:03:b2:fc: 27:16:be:65:89:af:cf:06:a1:de:18:c1:e4:6a:c6:6b:1d:71: 46:88:e6:59:86:f2:3b:95:9d:76:dc:3b:6a:43:8f:b7:00:86: 5a:49:60:70:b7:8d:55:98:92:d0:9c:1c:1e:b4:da:f1:bb:2d: 26:4f:3e:b9:e8:b7:38:92:fd:91:18:60:c7:36:48:0c:97:95: 8c:22:72:8b:a0:f0:6f:34:e7:24:4e:e5:55:97:c5:3c:55:a8: bc:e5:68:d1:a9:ef:8f:05:13:22:14:68:ff:1e:58:75:2c:24: da:4f:bc:b0:0f:28:9b:cd:e3:e7:da:7e:8b:54:1e:fe:ca:15: d8:77:13:19:c6:f8:3b:a0:6f:47:78:bd:19:a9:e9:de:34:cf: 24:0d:22:1d:f8:b0:2a:b9:d4:85:14:6c:0a:3f:57:75:97:47: ef:e0:5a:cd:fc:32:15:1c:12:a9:df:39:57:4b:82:ec:3f:e2: 11:ac:70:f5:6b:5e:54:74:dd:cd:4c:9b:03:4a:5c:4e:43:64: 2e:be:9a:5b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFVoVfi3rxr2bUy8Q7pxsBKgD/BQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwNDZaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDkxNDE1ODg2ODVhZTg2ZTY0YWFiMTFmMWNhZGRkMmIwOTI1M2JhNjgyZTk2 ZjZjZjdmOTRjNzI2YWMwMGUzNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtOJJzvJru7J9TB6hyISQx8Fr3FjyIqdPnmPX0Tkyje0eQ2sHP9PgeBxksv V1vS2qRLqd2iy9MjWsA6hG+ArCPetisCsTwkS+qRHcGe27vxrnMbs/RpJOF0LsDQ a1ebRTlkksYP4//VpPgYXM1MGGHwB7xy4a+qUjBIS26MuAHeL96HXwGWaOT8VLUu trCO9Xsn7dQfAinc1B+EHaTxCwmm2b8WVi/gapTS+fn1Vdad3rDGEOqmjE+rQA7E R0KacuxOOwEGtSvJfsPDDDKmIyQe9kf22cp3FSgIx+JupO38Czmj+c6I4B4L+Zmn tVm8xLmJZXtPZCxwlZB75pNjR40CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTM3B87 jw+ZRY5dXruHexGeg3Xm1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA MA0GCSqGSIb3DQEBCwUAA4IBAQA0wh5qwkW+/pLicfuVP/aIm6dOOrOarZ2JnK9p aN3lCZvXTg29QcWLu4TlEtk0lPpQFicDsvwnFr5lia/PBqHeGMHkasZrHXFGiOZZ hvI7lZ123DtqQ4+3AIZaSWBwt41VmJLQnBwetNrxuy0mTz656Lc4kv2RGGDHNkgM l5WMInKLoPBvNOckTuVVl8U8Vai85WjRqe+PBRMiFGj/Hlh1LCTaT7ywDyibzePn 2n6LVB7+yhXYdxMZxvg7oG9HeL0ZqeneNM8kDSId+LAqudSFFGwKP1d1l0fv4FrN /DIVHBKp3zlXS4LsP+IRrHD1a15UdN3NTJsDSlxOQ2Quvppb -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:42 2025 by rpki-client