This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json) Hash identifier: pUs8Lh/zTi5JAhr/l3NlEDgNvLNyOS30x1tr705XJlg= Subject key identifier: 29:1D:29:E2:F7:15:A2:61:B4:2D:5D:4D:58:35:3F:16:01:8A:A4:55 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 56BC6EBC6D6B685371D3EE3FEE26F86E62E81AF1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa Signing time: Wed 10 Dec 2025 05:40:46 +0000 ROA not before: Wed 10 Dec 2025 05:40:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d078:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:bc:6e:bc:6d:6b:68:53:71:d3:ee:3f:ee:26:f8:6e:62:e8:1a:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e478b49835eebb7a022342cbe10d8179a3fc42628172ffa718759405712e8bed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e5:bf:33:f9:1f:6a:93:c0:9f:64:bf:54:b4: 01:b2:e1:55:5a:ab:91:1f:3d:f1:90:ce:5c:61:04: ee:a6:3f:12:55:54:9c:a2:87:0a:92:89:b6:a7:43: 64:50:1b:59:9d:50:63:0a:6a:09:3f:a9:ae:09:25: 63:89:78:eb:9e:3f:98:1d:a5:1b:a3:fc:09:e7:70: 6a:bd:ac:68:d5:cc:07:2e:03:60:6e:1f:b5:7b:05: 3d:8b:06:8e:70:a1:69:8a:b1:81:64:ad:46:53:65: 54:44:ba:68:55:23:fe:06:ac:df:33:fe:85:91:66: 6f:b7:93:57:2d:32:11:e9:66:f5:be:ef:e2:38:53: 83:bb:2e:be:a4:3e:61:6d:a8:4a:e4:73:30:1b:f9: 17:f1:e5:4b:c0:19:b2:04:ff:2e:df:6c:6a:70:11: 8a:2c:d0:ed:5a:63:88:ef:3c:49:ca:dd:e0:df:a2: 7e:b4:6b:34:54:2d:0f:40:d4:2a:c5:ee:b4:85:cd: 18:ae:dd:f4:f2:1f:47:9f:5c:69:fd:a7:af:7f:d4: 71:5b:a7:16:3d:ea:b8:7c:69:bb:df:12:00:39:bd: 5b:b3:af:83:54:2f:4a:6b:b2:f5:58:da:5d:78:c9: 94:f0:6d:49:83:30:0d:25:77:81:47:c9:28:c4:4c: 16:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:1D:29:E2:F7:15:A2:61:B4:2D:5D:4D:58:35:3F:16:01:8A:A4:55 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d078:a000::/40 Signature Algorithm: sha256WithRSAEncryption b6:36:4c:9d:83:cb:b1:38:5d:5d:c6:e0:99:5d:d1:81:9a:3f: 15:cd:ca:2c:36:52:af:17:37:92:1b:89:ad:4d:dc:10:ef:e2: 1a:d1:f3:6e:7c:ba:be:65:f3:fb:d1:16:8e:c7:c3:a7:60:a2: 2e:25:f2:b1:49:3a:70:fa:be:b5:72:50:1a:32:4c:63:a2:25: 65:e4:b7:46:58:51:18:39:05:bc:2c:73:90:5c:91:c5:02:f1: 03:0a:f3:e2:18:ff:d7:cb:4f:f9:7c:27:66:6a:b1:21:81:66: 10:d5:fc:d7:1a:fb:72:fc:c0:c0:d0:b6:fc:81:75:c2:5d:5a: de:be:0c:95:d7:6a:2f:73:b4:2f:68:89:53:a2:45:18:03:55: a0:52:3d:76:6a:99:a8:80:f2:7a:39:6f:ca:f3:84:fe:55:d8: 5b:90:d2:36:32:ab:84:80:c8:93:1c:ab:d0:8a:af:17:38:3e: 70:8a:77:77:bf:3c:19:d5:ed:2c:93:a8:70:d7:a4:81:c0:96: 98:32:04:8d:1d:b0:59:77:ed:e4:00:38:d4:73:2d:56:ab:71: 96:b4:a0:e7:bf:62:2f:69:fb:f2:f9:58:90:fc:a4:aa:d0:a3: 08:78:66:85:70:0d:f5:26:1f:51:5f:c2:d8:19:e9:6f:2b:24: 46:93:2f:e4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVrxuvG1raFNx0+4/7ib4bmLoGvEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU0NzhiNDk4MzVlZWJiN2EwMjIzNDJjYmUxMGQ4MTc5YTNmYzQyNjI4MTcy ZmZhNzE4NzU5NDA1NzEyZThiZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPlvzP5H2qTwJ9kv1S0AbLhVVqrkR898ZDOXGEE7qY/ElVUnKKHCpKJtqdD ZFAbWZ1QYwpqCT+prgklY4l4654/mB2lG6P8Cedwar2saNXMBy4DYG4ftXsFPYsG jnChaYqxgWStRlNlVES6aFUj/gas3zP+hZFmb7eTVy0yEelm9b7v4jhTg7suvqQ+ YW2oSuRzMBv5F/HlS8AZsgT/Lt9sanARiizQ7VpjiO88Scrd4N+ifrRrNFQtD0DU KsXutIXNGK7d9PIfR59caf2nr3/UcVunFj3quHxpu98SADm9W7Ovg1QvSmuy9Vja XXjJlPBtSYMwDSV3gUfJKMRMFs0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpHSni 9xWiYbQtXU1YNT8WAYqkVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig MA0GCSqGSIb3DQEBCwUAA4IBAQC2Nkydg8uxOF1dxuCZXdGBmj8VzcosNlKvFzeS G4mtTdwQ7+Ia0fNufLq+ZfP70RaOx8OnYKIuJfKxSTpw+r61clAaMkxjoiVl5LdG WFEYOQW8LHOQXJHFAvEDCvPiGP/Xy0/5fCdmarEhgWYQ1fzXGvty/MDA0Lb8gXXC XVrevgyV12ovc7QvaIlTokUYA1WgUj12apmogPJ6OW/K84T+VdhbkNI2MquEgMiT HKvQiq8XOD5wind3vzwZ1e0sk6hw16SBwJaYMgSNHbBZd+3kADjUcy1Wq3GWtKDn v2Ivafvy+ViQ/KSq0KMIeGaFcA31Jh9RX8LYGelvKyRGky/k -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:09 2025 by rpki-client