This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json) Hash identifier: mey5CHHXRbyZ3xtfYCu25virhqZNAqgf7rlLEzYS7Nw= Subject key identifier: 06:DA:89:D3:25:3B:1C:0F:5D:32:F8:D4:15:DB:0F:9D:33:BA:89:0C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0FB0625F3889DC29C494E7A34A2EFD7E029A7D1A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa Signing time: Wed 10 Dec 2025 06:01:02 +0000 ROA not before: Wed 10 Dec 2025 06:01:02 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:b0:62:5f:38:89:dc:29:c4:94:e7:a3:4a:2e:fd:7e:02:9a:7d:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:02 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0b5542541ddc80324dcd7c18543ea8c0be09f167c17f3347011cd2b4f59f4298, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f3:a2:b0:4b:b8:5a:c2:e3:7f:77:00:42:73: 13:f3:47:49:78:31:46:ea:3f:80:70:c4:2a:2c:ae: 1d:d1:44:f6:8f:58:4b:f4:2a:90:eb:75:8f:08:9b: b9:1a:81:20:74:ec:b6:fe:6f:a2:11:52:ba:60:87: fb:d2:67:3a:0a:ad:fa:a6:14:d4:ce:b2:e2:87:c6: 6e:1f:dd:00:66:7d:c4:17:42:23:3b:5e:f4:60:a0: 80:05:16:37:c3:8c:ed:70:8d:a2:2b:df:47:2e:35: c9:38:ff:e4:b4:8b:c0:14:44:29:89:7c:fa:45:3b: 57:5d:ad:b9:5e:92:f6:ed:b5:d7:38:6c:de:64:57: fa:6a:db:9d:3b:96:5f:07:8c:88:ba:4f:55:2c:48: 8e:05:0b:9c:7d:58:36:f5:8b:f6:c5:c7:dc:04:4e: 58:58:ba:17:ef:60:91:ed:14:b6:e4:26:11:a9:c8: f3:e6:72:ed:dc:c4:d9:8b:4b:6d:c0:c4:ae:af:46: bb:5e:83:a6:a0:6b:c2:33:88:85:c4:c7:98:7d:dc: 79:f7:87:2c:7a:9a:39:e5:e7:53:17:e2:c2:ca:e5: 31:00:df:b4:97:e6:de:e2:2e:44:b2:e2:41:b1:0a: 50:cb:90:63:53:10:e5:34:26:7e:09:22:b5:00:ee: 23:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:DA:89:D3:25:3B:1C:0F:5D:32:F8:D4:15:DB:0F:9D:33:BA:89:0C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:a000::/40 Signature Algorithm: sha256WithRSAEncryption 23:c5:ca:96:b9:0e:97:38:22:80:61:b2:0d:5c:bf:a9:25:c4: d4:0e:86:74:68:d3:0f:9c:75:7d:e7:23:50:38:df:8e:3a:8e: 00:a5:c9:f4:2d:fa:05:72:7d:fe:4f:38:38:c6:f7:6b:9a:52: ce:6a:9c:6c:df:aa:17:ff:29:9b:fc:0f:e9:b6:5b:c0:4c:9b: 04:7e:8d:f7:08:ad:35:c9:ed:a9:fc:5f:8c:1d:0a:4e:cd:53: ef:cb:0f:b3:5d:b5:9a:22:a7:d0:15:8a:04:83:8a:ab:24:40: 64:d0:c0:33:6d:b1:2e:76:c5:4c:39:7d:1c:2a:e6:9d:eb:2b: 50:5b:82:54:9d:63:91:ce:e1:08:3c:1f:4f:40:df:f5:4f:37: b0:db:05:51:34:51:f6:5a:bd:30:77:3e:73:86:d4:4e:fb:57: 82:f0:aa:a2:93:ce:92:c9:d0:f5:59:c9:e4:9d:49:d7:09:de: 97:66:45:01:76:65:61:bc:14:c3:95:29:35:1d:8c:0b:1a:96: 3e:2b:eb:e9:81:ec:b9:db:99:4d:5e:c2:be:7b:fe:45:22:91: d0:7d:f2:cd:05:e8:29:11:b2:41:e9:b0:2c:30:97:ad:a7:68: 91:2c:ae:27:b0:3f:16:cd:b6:eb:9f:44:e9:62:0b:67:26:09: 44:9b:9b:fa -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUD7BiXziJ3CnElOejSi79fgKafRowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDBiNTU0MjU0MWRkYzgwMzI0ZGNkN2MxODU0M2VhOGMwYmUwOWYxNjdjMTdm MzM0NzAxMWNkMmI0ZjU5ZjQyOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANzzorBLuFrC4393AEJzE/NHSXgxRuo/gHDEKiyuHdFE9o9YS/QqkOt1jwib uRqBIHTstv5vohFSumCH+9JnOgqt+qYU1M6y4ofGbh/dAGZ9xBdCIzte9GCggAUW N8OM7XCNoivfRy41yTj/5LSLwBREKYl8+kU7V12tuV6S9u211zhs3mRX+mrbnTuW XweMiLpPVSxIjgULnH1YNvWL9sXH3AROWFi6F+9gke0UtuQmEanI8+Zy7dzE2YtL bcDErq9Gu16DpqBrwjOIhcTHmH3cefeHLHqaOeXnUxfiwsrlMQDftJfm3uIuRLLi QbEKUMuQY1MQ5TQmfgkitQDuI7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQG2onT JTscD10y+NQV2w+dM7qJDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig MA0GCSqGSIb3DQEBCwUAA4IBAQAjxcqWuQ6XOCKAYbINXL+pJcTUDoZ0aNMPnHV9 5yNQON+OOo4Apcn0LfoFcn3+Tzg4xvdrmlLOapxs36oX/ymb/A/ptlvATJsEfo33 CK01ye2p/F+MHQpOzVPvyw+zXbWaIqfQFYoEg4qrJEBk0MAzbbEudsVMOX0cKuad 6ytQW4JUnWORzuEIPB9PQN/1Tzew2wVRNFH2Wr0wdz5zhtRO+1eC8Kqik86SydD1 WcnknUnXCd6XZkUBdmVhvBTDlSk1HYwLGpY+K+vpgey525lNXsK+e/5FIpHQffLN BegpEbJB6bAsMJetp2iRLK4nsD8Wzbbrn0TpYgtnJglEm5v6 -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:01 2025 by rpki-client