This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json) Hash identifier: 4oOGIl9MOaGEBQLD4BaN3R/VxSPSfwZlFCnsuvoNxAc= Subject key identifier: EE:F2:59:EA:50:4B:D0:D7:7F:B6:02:7D:8A:58:41:F6:3E:CB:39:83 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4E8626292F41B634B7EA25BB4D545E01357A8B83 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa Signing time: Wed 10 Dec 2025 05:40:45 +0000 ROA not before: Wed 10 Dec 2025 05:40:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:86:26:29:2f:41:b6:34:b7:ea:25:bb:4d:54:5e:01:35:7a:8b:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e618bd36bd686185eb51a22681b79e711baf8fc5c54516141662c59441bf4dee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:dc:02:3d:30:fa:2c:0d:d0:42:68:e0:a0:eb: 1b:83:14:0f:d9:ba:ec:81:e4:23:aa:8a:d4:91:8a: 2a:86:b0:d3:0d:5e:33:d1:f5:94:ea:d1:39:2f:0c: f9:68:47:a7:e1:20:06:42:e0:52:03:c1:cd:13:f0: 5b:ea:3d:41:4d:49:a4:54:d4:2e:64:35:3c:bf:c9: d8:90:cd:53:86:ad:ab:d9:d0:1b:9c:de:2c:cb:bf: 1e:bf:93:65:0a:df:8c:94:a3:92:f7:b5:05:54:29: 2c:ac:e9:cc:75:35:10:36:7c:b7:0d:f6:86:eb:ab: 47:72:10:4a:11:7a:3e:07:78:f2:d9:b6:e5:9c:2c: 76:79:fd:10:8c:7e:7c:57:18:6f:ad:60:ea:f8:8f: ce:26:47:c1:a8:97:3e:a0:b7:92:4a:a1:7d:be:06: ca:91:c5:2e:0a:79:ed:42:df:72:0d:03:ae:c9:f7: d7:10:0e:69:59:23:a3:c4:1f:fc:c3:d5:91:83:49: 28:e3:8f:72:1f:0c:25:bd:8c:b0:ab:79:c6:3d:08: 20:66:e7:95:b3:6d:f8:6c:41:c4:35:66:d5:08:fc: 5e:66:72:b5:ee:57:0c:cd:59:04:21:c4:bb:79:b8: 47:40:f6:ca:73:4c:c8:9b:69:fa:e2:30:b1:5a:0d: 9d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:F2:59:EA:50:4B:D0:D7:7F:B6:02:7D:8A:58:41:F6:3E:CB:39:83 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:e000::/40 Signature Algorithm: sha256WithRSAEncryption 29:18:aa:a8:74:1b:11:49:e4:7d:eb:f7:87:92:d7:ef:b4:10: fd:71:d7:e8:cc:4c:5b:72:8e:63:60:53:54:fe:aa:64:99:b6: 1a:92:1d:d6:c8:bd:fc:7c:64:d1:2a:53:0e:eb:01:7d:d4:7c: e3:76:f2:33:0a:d9:03:93:df:63:3b:02:4d:45:d9:18:3e:c0: 2f:15:57:0c:29:b9:4f:2f:2d:b9:31:32:61:72:3c:e1:4b:3c: 9a:db:59:1f:1e:3e:4d:b0:c9:40:f8:b3:0f:32:b6:fa:a9:ff: ce:28:aa:a9:a8:54:af:b3:e9:6d:28:96:a4:9d:25:99:a4:83: da:a8:a3:a5:9e:1b:8d:5e:0f:2f:a1:df:9a:25:65:34:03:88: 38:3b:fd:1d:48:35:ad:a3:c7:0e:05:ed:0a:20:90:cc:12:cf: 18:6d:8b:f3:e1:64:e1:4d:b7:5f:fd:7d:5a:16:6e:0a:3c:48: ba:e9:6c:76:69:7a:59:05:80:97:88:5d:db:01:d1:8b:08:76: 0a:52:0a:7e:34:fe:08:1a:f2:43:50:1c:5a:ce:7b:c5:f1:46: c2:0f:25:3e:1e:6a:2b:76:e9:fe:5d:0b:ad:ea:61:a0:06:64: 3c:47:fe:81:1d:91:8c:3f:fe:cb:c3:ff:b8:79:fa:84:0e:ef: c0:1e:3c:a1 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUToYmKS9BtjS36iW7TVReATV6i4MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU2MThiZDM2YmQ2ODYxODVlYjUxYTIyNjgxYjc5ZTcxMWJhZjhmYzVjNTQ1 MTYxNDE2NjJjNTk0NDFiZjRkZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3cAj0w+iwN0EJo4KDrG4MUD9m67IHkI6qK1JGKKoaw0w1eM9H1lOrROS8M +WhHp+EgBkLgUgPBzRPwW+o9QU1JpFTULmQ1PL/J2JDNU4atq9nQG5zeLMu/Hr+T ZQrfjJSjkve1BVQpLKzpzHU1EDZ8tw32huurR3IQShF6Pgd48tm25Zwsdnn9EIx+ fFcYb61g6viPziZHwaiXPqC3kkqhfb4GypHFLgp57ULfcg0Drsn31xAOaVkjo8Qf /MPVkYNJKOOPch8MJb2MsKt5xj0IIGbnlbNt+GxBxDVm1Qj8XmZyte5XDM1ZBCHE u3m4R0D2ynNMyJtp+uIwsVoNnbUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTu8lnq UEvQ13+2An2KWEH2Pss5gzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g MA0GCSqGSIb3DQEBCwUAA4IBAQApGKqodBsRSeR96/eHktfvtBD9cdfozExbco5j YFNU/qpkmbYakh3WyL38fGTRKlMO6wF91HzjdvIzCtkDk99jOwJNRdkYPsAvFVcM KblPLy25MTJhcjzhSzya21kfHj5NsMlA+LMPMrb6qf/OKKqpqFSvs+ltKJaknSWZ pIPaqKOlnhuNXg8vod+aJWU0A4g4O/0dSDWto8cOBe0KIJDMEs8YbYvz4WThTbdf /X1aFm4KPEi66Wx2aXpZBYCXiF3bAdGLCHYKUgp+NP4IGvJDUBxaznvF8UbCDyU+ Hmordun+XQut6mGgBmQ8R/6BHZGMP/7Lw/+4efqEDu/AHjyh -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:39 2026 by rpki-client