This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa File: ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa (raw, json) Hash identifier: 9yiRYxdsDaw29jPEk4leU0CUPKZ26L9wP83lijcHJAw= Subject key identifier: 6C:C0:C4:B2:9B:93:15:D3:8C:5B:63:4E:07:2B:5F:A8:41:0B:06:01 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7E32C3F441BA5A9BF3BE9D5D750024BA8D21D266 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa Signing time: Sat 15 Nov 2025 05:31:12 +0000 ROA not before: Sat 15 Nov 2025 05:31:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:32:c3:f4:41:ba:5a:9b:f3:be:9d:5d:75:00:24:ba:8d:21:d2:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:31:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=14133832cda72a0400120229e54e371b9c7700a3c3ef0ecd3e89c92e279d550c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:23:f6:33:87:c7:83:9a:f6:e5:f8:bb:d2:54: 84:d4:fc:d6:5b:78:c0:c3:a3:ed:4e:86:f3:25:4a: fc:98:be:a7:b8:6d:c5:c9:d4:65:34:99:fa:fb:1e: 56:48:74:bb:0b:61:ad:5c:c7:37:73:ab:14:1a:97: 4c:59:e8:4b:ff:5c:70:8c:c4:a8:16:89:19:ab:c6: 8c:6d:07:c6:2e:7d:5e:76:54:18:30:2f:fb:42:e0: fc:41:83:9d:a5:1c:e4:4c:35:b5:9a:01:76:1b:9a: e6:bc:41:65:e3:07:1f:42:71:ce:9c:89:a2:50:8f: 0d:95:5c:92:a3:20:ea:a1:a7:c9:13:a4:0b:e1:7e: 16:7d:23:30:5e:bb:6d:72:81:10:d4:af:95:dd:64: 56:3b:67:a1:0e:ad:e4:e1:f0:c4:cb:db:61:fb:ac: 38:40:c9:40:7f:92:34:12:77:86:a7:bf:47:09:d6: d6:b8:49:d0:e9:c3:16:dc:88:70:cc:62:7e:dd:e3: b6:b5:2f:15:4c:4e:d4:cf:fd:f3:6b:42:a7:91:f2: 99:5e:57:1b:c6:79:18:d9:b2:1f:67:52:9a:41:bb: c1:b6:8e:74:d4:64:7b:2f:6e:4a:9e:a2:02:6d:96: 31:3a:69:b9:b4:5a:76:96:c3:bc:fb:d9:13:69:2e: 19:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:C0:C4:B2:9B:93:15:D3:8C:5B:63:4E:07:2B:5F:A8:41:0B:06:01 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:4000::/40 Signature Algorithm: sha256WithRSAEncryption 98:ef:ec:97:91:74:47:b8:a9:8f:96:0a:24:23:d7:5b:9c:76: c2:12:2c:2c:0a:8c:11:71:ec:54:12:40:bf:a4:56:0b:e4:a0: b2:e1:62:69:f3:7c:6e:5d:9d:36:06:f5:51:99:a6:29:d2:33: 26:1e:d7:00:87:7b:a7:76:96:26:e0:fe:e4:08:af:5a:1c:28: 1d:92:16:c9:c6:b8:67:fd:74:e1:a9:53:cb:1e:00:8a:43:fc: 9a:2e:48:3d:57:a1:29:8e:c2:42:af:4a:1c:78:d9:0c:f9:8c: 7d:eb:a5:82:f0:a1:8f:91:93:3f:67:c9:67:57:9b:d8:43:e8: e6:8f:a1:b7:7a:d8:56:dc:72:dc:54:7b:d0:7a:06:9f:15:ed: e1:bb:ee:ca:d0:08:e7:b9:bb:0d:62:aa:84:73:bb:fd:ec:54: 09:c9:f7:ca:31:04:9c:9c:7e:5d:ad:75:76:b2:18:fc:27:a7: ec:64:d2:c9:1b:91:8b:8c:aa:85:31:c5:33:7e:de:80:74:40: e9:5d:f1:0c:5f:70:12:d6:dc:89:1f:7f:dc:b1:e8:df:80:51: bb:12:e0:19:3f:12:63:b9:4d:bf:a0:52:59:76:7a:bd:41:de: 00:c2:f3:68:6e:13:b0:53:40:ff:aa:ea:be:e4:d7:1a:21:5b: b0:88:d1:d9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfjLD9EG6Wpvzvp1ddQAkuo0h0mYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMxMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDE0MTMzODMyY2RhNzJhMDQwMDEyMDIyOWU1NGUzNzFiOWM3NzAwYTNjM2Vm MGVjZDNlODljOTJlMjc5ZDU1MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkj9jOHx4Oa9uX4u9JUhNT81lt4wMOj7U6G8yVK/Ji+p7htxcnUZTSZ+vse Vkh0uwthrVzHN3OrFBqXTFnoS/9ccIzEqBaJGavGjG0Hxi59XnZUGDAv+0Lg/EGD naUc5Ew1tZoBdhua5rxBZeMHH0JxzpyJolCPDZVckqMg6qGnyROkC+F+Fn0jMF67 bXKBENSvld1kVjtnoQ6t5OHwxMvbYfusOEDJQH+SNBJ3hqe/RwnW1rhJ0OnDFtyI cMxift3jtrUvFUxO1M/982tCp5HymV5XG8Z5GNmyH2dSmkG7wbaOdNRkey9uSp6i Am2WMTppubRadpbDvPvZE2kuGTkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRswMSy m5MV04xbY04HK1+oQQsGATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmZkYzNkYTEtMmVjNy00MTFlLTk1NTAtYjdjOTU2ZmI0NmRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A MA0GCSqGSIb3DQEBCwUAA4IBAQCY7+yXkXRHuKmPlgokI9dbnHbCEiwsCowRcexU EkC/pFYL5KCy4WJp83xuXZ02BvVRmaYp0jMmHtcAh3undpYm4P7kCK9aHCgdkhbJ xrhn/XThqVPLHgCKQ/yaLkg9V6EpjsJCr0oceNkM+Yx966WC8KGPkZM/Z8lnV5vY Q+jmj6G3ethW3HLcVHvQegafFe3hu+7K0AjnubsNYqqEc7v97FQJyffKMQScnH5d rXV2shj8J6fsZNLJG5GLjKqFMcUzft6AdEDpXfEMX3AS1tyJH3/csejfgFG7EuAZ PxJjuU2/oFJZdnq9Qd4AwvNobhOwU0D/quq+5NcaIVuwiNHZ -----END CERTIFICATE-----Generated at Sat Dec 6 17:35:05 2025 by rpki-client