This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json) Hash identifier: PUIuAkqqAtp084QZDfCSYxp5z74kU4f7/QmTqZ1rUJ4= Subject key identifier: 68:24:84:CE:96:AC:C6:D6:0F:EF:B4:91:93:11:2F:F2:17:9F:13:1B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 68220D716AFC627388CC93A6CD43699FFA4FF8DF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa Signing time: Wed 10 Dec 2025 06:21:00 +0000 ROA not before: Wed 10 Dec 2025 06:21:00 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01e::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:22:0d:71:6a:fc:62:73:88:cc:93:a6:cd:43:69:9f:fa:4f:f8:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:00 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f6ea9afcb52f652f33a1d263852c3600fb1a01a083051b844a14e5b19c4863e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:65:af:bb:d0:da:75:cf:ee:a5:7a:76:ac:2b: 72:a3:01:9b:08:4d:05:11:d3:d9:c1:e4:6e:d3:2f: 24:da:f2:80:d6:ec:9f:40:1b:df:05:a7:e9:09:fb: 5f:eb:48:9e:d4:81:58:82:5d:ee:79:4d:0a:51:7c: 89:80:49:27:eb:5e:b2:d8:98:97:f4:92:47:a9:a4: 26:55:4f:e3:c9:07:51:cb:c9:0d:20:57:9f:4b:02: e6:4e:9e:3a:80:f8:5c:f1:a2:8d:b8:f4:02:ec:24: d0:27:16:7d:66:f0:f2:5f:de:32:7c:02:37:e9:0c: 22:89:be:bc:ec:56:72:b9:ef:a0:5b:60:03:e3:e1: 57:13:7f:94:e2:df:e6:b3:2f:e9:74:8b:e9:d6:6b: 52:67:54:6b:03:fd:10:99:61:cd:de:8a:f5:6c:f4: a0:0f:3b:a0:eb:78:cd:48:a4:f3:1a:7a:b5:30:e8: df:69:97:83:a0:dc:ac:f9:a5:62:d5:2d:1e:eb:b9: ff:7b:97:be:2a:4d:44:e1:a6:e2:ba:08:e4:3e:7a: 1d:e1:83:27:bb:3f:ff:9a:2a:b3:20:74:a5:8b:e3: 44:f4:da:4a:5f:f9:40:51:37:70:38:7e:1a:2a:ec: 54:36:18:99:9b:33:99:19:ea:17:57:05:ed:9d:78: c3:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:24:84:CE:96:AC:C6:D6:0F:EF:B4:91:93:11:2F:F2:17:9F:13:1B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01e::/36 Signature Algorithm: sha256WithRSAEncryption 36:91:0c:d2:21:99:b6:32:b9:f8:5e:64:42:64:fc:46:62:5c: a0:21:c5:e3:fa:8b:7e:28:55:cc:d8:d1:e2:1d:c5:a9:2e:07: a8:9d:a4:2b:27:ed:ba:c3:f0:df:59:a1:f5:dd:de:b7:ec:bf: d1:ee:d6:e5:40:db:ca:82:f0:f4:4f:e3:6d:7e:af:ae:eb:01: b2:a5:f5:5e:b5:c1:61:26:bb:d5:9e:28:fc:5c:59:2b:6e:24: 0a:a2:28:a0:b5:61:32:e9:b8:f2:ab:c1:6d:a3:16:1c:53:f5: 66:4c:c7:88:11:e6:5b:30:50:89:77:1f:f6:8d:a8:f7:96:f8: 35:a0:51:bb:00:ed:d8:39:0f:87:b4:db:28:cf:ff:b3:74:50: 75:4c:ae:77:39:51:ef:4f:cd:db:14:14:a2:e5:20:0b:8a:77: b7:9e:3b:86:d1:05:14:c9:28:e6:97:ee:0f:f7:54:66:72:93: 99:2b:b1:78:cb:91:f9:d6:8d:1f:f2:2b:ca:c2:ff:91:12:2c: a8:d4:b3:20:37:8e:b2:9b:58:83:77:c5:13:10:dd:57:6e:46: d8:ca:17:75:24:08:56:7b:18:17:8c:06:32:bb:45:a6:99:24: 23:42:15:d8:51:10:88:f3:75:9f:88:4e:52:3a:e1:73:9e:77: 34:36:c7:0a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUaCINcWr8YnOIzJOmzUNpn/pP+N8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY2ZWE5YWZjYjUyZjY1MmYzM2ExZDI2Mzg1MmMzNjAwZmIxYTAxYTA4MzA1 MWI4NDRhMTRlNWIxOWM0ODYzZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZlr7vQ2nXP7qV6dqwrcqMBmwhNBRHT2cHkbtMvJNrygNbsn0Ab3wWn6Qn7 X+tIntSBWIJd7nlNClF8iYBJJ+testiYl/SSR6mkJlVP48kHUcvJDSBXn0sC5k6e OoD4XPGijbj0Auwk0CcWfWbw8l/eMnwCN+kMIom+vOxWcrnvoFtgA+PhVxN/lOLf 5rMv6XSL6dZrUmdUawP9EJlhzd6K9Wz0oA87oOt4zUik8xp6tTDo32mXg6DcrPml YtUtHuu5/3uXvipNROGm4roI5D56HeGDJ7s//5oqsyB0pYvjRPTaSl/5QFE3cDh+ GirsVDYYmZszmRnqF1cF7Z14w98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoJITO lqzG1g/vtJGTES/yF58TGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A MA0GCSqGSIb3DQEBCwUAA4IBAQA2kQzSIZm2Mrn4XmRCZPxGYlygIcXj+ot+KFXM 2NHiHcWpLgeonaQrJ+26w/DfWaH13d637L/R7tblQNvKgvD0T+Ntfq+u6wGypfVe tcFhJrvVnij8XFkrbiQKoiigtWEy6bjyq8FtoxYcU/VmTMeIEeZbMFCJdx/2jaj3 lvg1oFG7AO3YOQ+HtNsoz/+zdFB1TK53OVHvT83bFBSi5SALine3njuG0QUUySjm l+4P91RmcpOZK7F4y5H51o0f8ivKwv+REiyo1LMgN46ym1iDd8UTEN1XbkbYyhd1 JAhWexgXjAYyu0WmmSQjQhXYURCI83WfiE5SOuFznnc0NscK -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:15 2025 by rpki-client