This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json) Hash identifier: urvoe3WlRE1xeebReDpm9ya9WnKrycgcpoYKD07NqUE= Subject key identifier: 44:8D:B3:6C:6C:89:6F:5B:C0:05:B2:8E:D0:68:34:CD:91:BF:81:3B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 434D82E6DDB8A775B7D118AFF26209298FC19AAF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa Signing time: Wed 10 Dec 2025 05:31:21 +0000 ROA not before: Wed 10 Dec 2025 05:31:21 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01e:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:4d:82:e6:dd:b8:a7:75:b7:d1:18:af:f2:62:09:29:8f:c1:9a:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:21 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=7fc70d094d2a8c5d5c5af36feb4ec1b545af752ad5e1c6d6d1c8ac350b0474ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1a:30:d8:2d:25:60:e9:02:d2:e1:4b:7f:f1: 78:f2:ab:0f:36:e5:4b:5d:b6:79:b9:63:c2:4f:b9: ce:79:ce:37:00:36:f6:9e:49:36:df:5f:d9:37:80: e1:50:d0:73:29:86:54:b1:d8:0a:7a:cd:66:09:52: dc:2f:f4:f3:a6:f6:f0:4d:d2:f5:17:ca:89:85:c9: 9a:bc:d4:24:92:64:37:b6:a9:16:98:50:12:61:5b: e9:64:ca:7a:b2:78:1d:57:ae:9d:87:b9:be:0d:7e: 7d:65:87:6f:43:aa:89:d2:bf:16:27:1a:4f:f5:4c: 54:b2:69:55:ae:73:9c:f8:7a:71:a3:25:15:8e:ae: 04:ef:e3:30:dc:8b:29:47:92:85:9e:06:21:00:43: 49:b3:e8:b8:20:ab:84:79:46:ae:5f:cf:d2:44:13: ed:5b:ee:58:b6:b8:59:bc:f4:4c:8e:da:51:6b:42: 8a:e3:89:13:45:6c:8f:f8:e9:95:a3:c5:0a:c3:d4: d8:ce:8b:3c:4f:7c:37:b3:0d:cd:f5:9a:da:5b:d2: 5e:15:ce:ee:e4:3d:b3:6f:74:be:51:38:1d:c6:7f: f9:c2:2b:fc:cd:f7:b6:21:a6:59:b0:41:82:c3:eb: be:94:85:e8:bb:ed:ea:ce:de:4c:5f:c5:c5:9a:a7: de:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:8D:B3:6C:6C:89:6F:5B:C0:05:B2:8E:D0:68:34:CD:91:BF:81:3B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01e:800::/38 Signature Algorithm: sha256WithRSAEncryption 65:bb:ae:89:03:e1:b7:c9:ba:f2:e2:20:f9:e5:81:7a:9e:54: 2c:2c:a7:8d:a0:a3:df:9f:55:f4:5e:20:d4:33:71:3f:27:19: 9f:35:85:17:ac:53:46:0e:74:45:8c:0b:62:2c:b5:94:26:d9: 9a:a3:90:22:eb:97:96:cf:19:bf:6c:b8:86:94:b6:3b:13:c4: 8d:91:86:87:45:c2:e6:ee:da:82:e3:8b:76:50:0c:28:00:e6: 97:ce:d3:b6:b4:d4:8a:b2:a5:fc:df:00:f7:02:39:0b:0e:f2: 52:08:95:13:c2:7e:99:9c:a1:dc:78:7d:4e:8c:e1:ca:42:be: 8e:c4:76:52:f7:47:fc:6f:06:0a:09:a6:6c:8e:8c:08:7b:b4: 14:cd:4c:bb:07:b2:27:7d:90:ca:de:86:53:8c:e3:7a:24:6e: b5:4f:81:4c:4e:fd:bf:86:ac:0b:be:2f:b1:3f:23:b0:cc:ed: 39:aa:a1:a6:86:81:a4:09:f9:15:92:b3:5b:4c:6b:58:00:1d: 01:c3:9f:ba:b0:b8:a2:89:30:64:99:66:2a:69:de:ac:15:5d: a6:37:1d:6d:e5:e3:d7:35:ea:f5:f8:d5:19:4a:c2:2a:90:62: f1:c3:dd:31:ef:78:2c:4c:0c:04:ea:90:1a:c7:d1:cc:4d:3b: 16:ee:66:c4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUQ02C5t24p3W30Riv8mIJKY/Bmq8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMjFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDdmYzcwZDA5NGQyYThjNWQ1YzVhZjM2ZmViNGVjMWI1NDVhZjc1MmFkNWUx YzZkNmQxYzhhYzM1MGIwNDc0ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQaMNgtJWDpAtLhS3/xePKrDzblS122ebljwk+5znnONwA29p5JNt9f2TeA 4VDQcymGVLHYCnrNZglS3C/086b28E3S9RfKiYXJmrzUJJJkN7apFphQEmFb6WTK erJ4HVeunYe5vg1+fWWHb0OqidK/FicaT/VMVLJpVa5znPh6caMlFY6uBO/jMNyL KUeShZ4GIQBDSbPouCCrhHlGrl/P0kQT7VvuWLa4Wbz0TI7aUWtCiuOJE0Vsj/jp laPFCsPU2M6LPE98N7MNzfWa2lvSXhXO7uQ9s290vlE4HcZ/+cIr/M33tiGmWbBB gsPrvpSF6Lvt6s7eTF/FxZqn3hcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREjbNs bIlvW8AFso7QaDTNkb+BOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I MA0GCSqGSIb3DQEBCwUAA4IBAQBlu66JA+G3ybry4iD55YF6nlQsLKeNoKPfn1X0 XiDUM3E/JxmfNYUXrFNGDnRFjAtiLLWUJtmao5Ai65eWzxm/bLiGlLY7E8SNkYaH RcLm7tqC44t2UAwoAOaXztO2tNSKsqX83wD3AjkLDvJSCJUTwn6ZnKHceH1OjOHK Qr6OxHZS90f8bwYKCaZsjowIe7QUzUy7B7InfZDK3oZTjON6JG61T4FMTv2/hqwL vi+xPyOwzO05qqGmhoGkCfkVkrNbTGtYAB0Bw5+6sLiiiTBkmWYqad6sFV2mNx1t 5ePXNer1+NUZSsIqkGLxw90x73gsTAwE6pAax9HMTTsW7mbE -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:54 2025 by rpki-client