This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json) Hash identifier: 7LmkMQJvHWainEwoLxGUYyE/q4jTRaaGF3nHhxw+ekc= Subject key identifier: 89:A4:7B:D7:22:62:57:4F:37:9D:F8:67:99:68:8F:E8:C0:2B:65:6A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0431FF032BA76B27EBE1B8030AE2053A90529B2C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa Signing time: Sun 07 Dec 2025 03:00:10 +0000 ROA not before: Sun 07 Dec 2025 03:00:10 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:31:ff:03:2b:a7:6b:27:eb:e1:b8:03:0a:e2:05:3a:90:52:9b:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 7 03:00:10 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=7a4d2bc72759fcb55d1ce8be8bf9fbbbf356f530c1e10afb3a6cb2410523bef7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:99:64:c6:ca:41:8e:80:ba:be:bc:40:a8:f3: eb:fd:61:b8:46:cd:8b:d0:b0:56:8c:11:b9:fc:fb: 47:3b:57:ef:89:3e:c4:00:82:38:0e:d5:68:cf:0c: 8b:a2:38:79:9e:1a:08:36:18:10:ae:25:9a:88:8b: f2:21:91:8b:45:8f:4a:5b:42:da:5e:ea:b8:36:20: 86:7e:98:74:5b:ca:07:12:10:40:67:d8:65:c5:f9: f7:84:3f:c4:d6:61:dc:bb:12:ea:14:b6:85:18:d6: 63:52:43:97:ee:04:b0:5e:d8:c0:4c:c2:5c:bc:7a: df:42:0a:0c:03:28:e1:58:31:ea:93:4d:b9:b7:d8: 99:0b:ce:bc:16:70:9c:d4:bc:6b:36:45:c1:ac:8a: 6a:4d:25:2d:f0:04:d2:97:2d:99:e1:f8:71:3d:11: 69:a4:d6:4e:0d:ac:f7:9c:cb:9c:85:c3:6d:cf:82: 80:80:ad:13:f9:a6:70:3b:e1:d5:9a:17:64:dd:a1: cd:b4:29:5f:91:c0:7e:3f:7f:95:64:0f:e0:aa:50: 14:53:7c:4a:ff:d4:cc:ab:39:9c:0a:c0:3f:ec:c3: 99:07:80:5b:ba:b7:5f:ce:3c:79:da:e7:ee:5f:b7: d3:34:17:8b:36:b3:b2:3f:ce:16:76:19:79:ab:4b: 3d:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A4:7B:D7:22:62:57:4F:37:9D:F8:67:99:68:8F:E8:C0:2B:65:6A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:e000::/40 Signature Algorithm: sha256WithRSAEncryption bc:6c:77:3a:50:51:dc:8c:9e:10:3e:42:49:ca:40:a3:e2:ac: ac:74:6b:86:0c:33:e8:b8:18:8d:93:6a:65:c2:47:7b:0e:46: a4:15:03:52:d0:c9:d2:3c:75:3e:e0:7f:80:95:a4:f1:d6:f4: 45:82:20:ce:ed:8b:29:a9:63:e6:69:70:0f:d0:d5:ac:85:f4: 77:58:ac:6b:fa:79:b7:3a:72:00:8d:31:f5:a1:b3:88:eb:ba: c5:8c:b2:0d:1e:45:d8:56:66:4f:e1:d1:6c:99:0b:61:d1:b4: 12:b7:c9:7b:8d:dc:72:1c:8b:22:70:5c:58:b2:6a:21:05:72: c6:b9:34:7a:02:02:67:59:35:19:76:34:68:2d:7f:5f:95:fa: b9:60:9b:42:bf:c1:38:57:76:55:6b:dd:b5:af:83:0e:86:50: 41:0d:a0:55:c1:3b:cc:06:86:d2:37:55:f6:1e:b8:3d:db:ec: b9:7e:a5:a4:5e:9d:ec:58:37:0b:1e:66:3e:36:25:a5:a9:12: 7e:c2:50:45:bc:2e:a0:36:8f:38:7d:bd:7c:47:86:f8:e0:7e: e4:46:ed:0a:89:ba:9a:79:e8:a7:3e:8d:69:fe:aa:02:22:5e: 23:37:50:24:19:23:9d:70:a4:3d:81:ec:e1:62:5f:83:50:01: 37:32:9d:d3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUBDH/Ayunayfr4bgDCuIFOpBSmywwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDcwMzAwMTBaFw0yNjAzMDcyMzU5NTlaMHoxSTBHBgNV BAUTQDdhNGQyYmM3Mjc1OWZjYjU1ZDFjZThiZThiZjlmYmJiZjM1NmY1MzBjMWUx MGFmYjNhNmNiMjQxMDUyM2JlZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGZZMbKQY6Aur68QKjz6/1huEbNi9CwVowRufz7RztX74k+xACCOA7VaM8M i6I4eZ4aCDYYEK4lmoiL8iGRi0WPSltC2l7quDYghn6YdFvKBxIQQGfYZcX594Q/ xNZh3LsS6hS2hRjWY1JDl+4EsF7YwEzCXLx630IKDAMo4Vgx6pNNubfYmQvOvBZw nNS8azZFwayKak0lLfAE0pctmeH4cT0RaaTWTg2s95zLnIXDbc+CgICtE/mmcDvh 1ZoXZN2hzbQpX5HAfj9/lWQP4KpQFFN8Sv/UzKs5nArAP+zDmQeAW7q3X848edrn 7l+30zQXizazsj/OFnYZeatLPRsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJpHvX ImJXTzed+GeZaI/owCtlajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg MA0GCSqGSIb3DQEBCwUAA4IBAQC8bHc6UFHcjJ4QPkJJykCj4qysdGuGDDPouBiN k2plwkd7DkakFQNS0MnSPHU+4H+AlaTx1vRFgiDO7YspqWPmaXAP0NWshfR3WKxr +nm3OnIAjTH1obOI67rFjLINHkXYVmZP4dFsmQth0bQSt8l7jdxyHIsicFxYsmoh BXLGuTR6AgJnWTUZdjRoLX9flfq5YJtCv8E4V3ZVa921r4MOhlBBDaBVwTvMBobS N1X2Hrg92+y5fqWkXp3sWDcLHmY+NiWlqRJ+wlBFvC6gNo84fb18R4b44H7kRu0K ibqaeeinPo1p/qoCIl4jN1AkGSOdcKQ9gezhYl+DUAE3Mp3T -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:24 2026 by rpki-client