This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json) Hash identifier: A7JiiXjf05uKcSL16FinsroregIGyAICCW57WCWs9ys= Subject key identifier: F9:B5:BE:50:45:BD:FA:9A:CF:4A:E7:98:74:DF:2D:57:91:BC:0A:A8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 119E1BB63104A39B10C61CA8C84EC363F632A806 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa Signing time: Wed 10 Dec 2025 06:20:45 +0000 ROA not before: Wed 10 Dec 2025 06:20:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:9e:1b:b6:31:04:a3:9b:10:c6:1c:a8:c8:4e:c3:63:f6:32:a8:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=07f5b4c8469b0c5134b3104d793cf5e2a9580928ac9cef6120f491dc00eef067, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ca:02:ab:89:38:00:0d:79:1e:99:95:b7:69: 92:cb:bd:00:bc:e9:ec:77:0f:56:cc:71:50:7d:35: df:4a:82:99:fb:60:23:03:d3:7b:ec:72:62:15:72: 9c:5f:e0:81:c9:86:10:d7:f2:04:ef:45:61:73:e8: 95:f3:02:f9:3b:98:14:2b:58:46:f1:74:4e:26:b7: 59:8c:a6:d6:d0:f8:a7:4c:75:05:7f:99:66:f2:64: e2:01:61:b1:ea:5e:51:03:3f:d6:76:e8:35:e1:a9: e6:03:fa:f6:35:5f:4f:77:ec:89:e5:6f:9e:54:67: 5a:a3:d1:7b:9c:3f:39:b7:9c:b5:13:32:ad:ab:ac: 2f:2d:8d:34:be:de:ab:6e:7c:06:02:ec:08:89:05: bc:93:60:81:f0:73:bf:a7:01:c7:b4:e9:3a:b5:54: 9a:22:4d:52:50:30:49:a0:09:b6:d5:f9:48:1d:58: 94:7c:58:8d:e9:76:0f:8a:b6:11:a0:32:73:78:94: 4a:44:15:b4:eb:7e:af:6e:bd:cf:7b:a9:cd:77:3d: f0:da:89:0d:45:a6:3f:df:ca:ed:4b:b9:30:15:75: 37:f4:9d:a9:aa:9e:1d:ee:a0:2e:27:1b:78:11:69: 43:97:de:32:9c:dd:1b:cb:85:ab:8c:c8:98:70:db: d3:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:B5:BE:50:45:BD:FA:9A:CF:4A:E7:98:74:DF:2D:57:91:BC:0A:A8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:8080::/48 Signature Algorithm: sha256WithRSAEncryption 91:88:6b:a0:59:66:93:48:e4:c5:2e:d4:06:71:f0:67:aa:e1: 9f:1a:c5:4a:9f:07:ef:70:82:b6:8b:0a:d7:28:1b:1b:c3:eb: ba:92:cf:b1:20:31:b7:c9:ea:be:8a:ef:78:73:a5:5c:33:98: 5b:b8:88:5b:56:86:67:fc:f6:7f:32:10:e0:dc:ec:27:82:cb: 29:e6:5c:0a:b1:d3:67:57:21:14:0b:db:a4:4b:97:f6:06:c8: 79:ef:93:c3:5d:f4:06:8c:f8:b2:f9:ca:00:82:b8:0c:be:e3: 2c:96:e7:2d:19:78:4d:b6:55:06:fd:66:e2:8b:e1:52:af:fe: 5e:74:fa:1e:b3:40:ea:4e:6d:6c:48:b5:d9:1a:14:02:87:5a: 7c:bf:21:d9:6d:27:c0:73:ba:ca:3b:1a:2d:11:49:2a:81:4e: 8f:e2:df:bf:e1:ae:6a:99:68:92:c1:d2:45:df:be:3f:e8:0e: bc:71:44:6d:bb:6a:5a:f2:56:26:97:39:d1:eb:bd:8f:f8:96: 4b:47:33:27:2b:6b:d5:bb:8c:11:c4:a4:99:a1:15:58:21:9b: 29:56:73:17:e5:63:ef:9b:1b:19:49:81:94:eb:a1:ed:ae:f9: d5:6d:b5:e5:a7:4d:3f:c9:4b:d7:a3:42:8b:95:c7:0e:0f:9c: 34:5c:06:39 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUEZ4btjEEo5sQxhyoyE7DY/YyqAYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA3ZjViNGM4NDY5YjBjNTEzNGIzMTA0ZDc5M2NmNWUyYTk1ODA5MjhhYzlj ZWY2MTIwZjQ5MWRjMDBlZWYwNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHKAquJOAANeR6Zlbdpksu9ALzp7HcPVsxxUH0130qCmftgIwPTe+xyYhVy nF/ggcmGENfyBO9FYXPolfMC+TuYFCtYRvF0Tia3WYym1tD4p0x1BX+ZZvJk4gFh sepeUQM/1nboNeGp5gP69jVfT3fsieVvnlRnWqPRe5w/ObectRMyrausLy2NNL7e q258BgLsCIkFvJNggfBzv6cBx7TpOrVUmiJNUlAwSaAJttX5SB1YlHxYjel2D4q2 EaAyc3iUSkQVtOt+r269z3upzXc98NqJDUWmP9/K7Uu5MBV1N/SdqaqeHe6gLicb eBFpQ5feMpzdG8uFq4zImHDb060CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5tb5Q Rb36ms9K55h03y1XkbwKqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A gDANBgkqhkiG9w0BAQsFAAOCAQEAkYhroFlmk0jkxS7UBnHwZ6rhnxrFSp8H73CC tosK1ygbG8PrupLPsSAxt8nqvorveHOlXDOYW7iIW1aGZ/z2fzIQ4NzsJ4LLKeZc CrHTZ1chFAvbpEuX9gbIee+Tw130Boz4svnKAIK4DL7jLJbnLRl4TbZVBv1m4ovh Uq/+XnT6HrNA6k5tbEi12RoUAodafL8h2W0nwHO6yjsaLRFJKoFOj+Lfv+Guaplo ksHSRd++P+gOvHFEbbtqWvJWJpc50eu9j/iWS0czJytr1buMEcSkmaEVWCGbKVZz F+Vj75sbGUmBlOuh7a751W215adNP8lL16NCi5XHDg+cNFwGOQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:07 2025 by rpki-client