This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json) Hash identifier: VGQu70OVcF2C9OW9fZbsMfw5dyXxCYdhHk8UJZDz5IE= Subject key identifier: 36:54:3C:B5:5A:75:BA:A5:BC:87:BB:BA:75:35:B4:61:0F:73:40:0A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5E048C5F073BBCE88F03232C0C54F07D8577A9D9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa Signing time: Mon 08 Dec 2025 02:10:10 +0000 ROA not before: Mon 08 Dec 2025 02:10:10 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:04:8c:5f:07:3b:bc:e8:8f:03:23:2c:0c:54:f0:7d:85:77:a9:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:10 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=21ee5cd382aa39b67c239f7feac79e7bc2e573fa8c052869f35b50e6c1762f03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:74:eb:30:6e:23:00:62:3f:1d:39:7d:e7:b1: 3f:35:29:84:ed:41:cc:f8:84:24:35:56:68:c5:55: a7:82:de:a6:97:ea:e4:6e:af:27:b2:79:2f:1c:01: 9c:9e:f1:7b:fe:c8:bb:18:2a:46:af:9f:9d:2c:c2: c4:85:98:55:9c:5a:65:a2:9e:8d:d5:43:e8:86:0d: 6b:f9:87:e0:ab:ab:98:e0:8d:56:97:1f:2f:0b:4f: 1d:96:8d:7a:cf:7e:6f:7c:9a:50:5a:e9:56:0c:af: f9:3a:19:97:a6:7a:0b:5e:ef:c9:fe:8e:c6:dc:08: 1f:f0:38:2d:29:f4:93:69:23:d4:ae:f9:f8:17:82: 21:01:bb:51:30:f7:0b:da:c6:1a:e8:a0:2c:a4:2a: 17:f8:54:4a:bd:16:6e:21:b8:5b:85:d9:99:f3:26: 70:2a:23:db:90:ae:74:19:87:63:21:67:02:7c:17: 7f:19:b6:b4:49:6d:b1:26:3b:31:3c:53:0c:b2:0d: 61:e1:6f:47:76:33:83:a0:ef:be:a8:2f:13:03:1c: c7:f7:9a:eb:8f:31:4e:3e:86:98:fe:ca:e4:07:a9: af:03:cd:42:5d:9f:28:7e:96:23:10:2a:31:37:12: 91:4a:47:8f:ae:9e:56:4f:98:bc:6b:3a:45:3d:1a: 64:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:54:3C:B5:5A:75:BA:A5:BC:87:BB:BA:75:35:B4:61:0F:73:40:0A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:880::/48 Signature Algorithm: sha256WithRSAEncryption 91:de:01:33:01:bd:99:21:9b:c5:79:06:a7:1e:eb:ac:4e:c5: 55:24:ae:95:f1:04:63:f4:62:16:8f:85:e8:73:9a:fd:5f:e4: 65:e6:7e:2d:1a:29:dc:91:df:cd:3c:81:cd:4a:94:10:ff:39: 5a:cc:9e:de:ea:cf:ef:93:c4:8c:88:80:53:a5:6b:6e:02:34: 53:d6:2d:aa:14:5b:1a:9a:d7:07:30:f1:ad:86:6f:b4:fb:87: c8:f3:63:30:35:9f:1d:75:81:35:f1:b7:fa:7a:7c:40:39:61: 97:8d:8e:c1:62:9b:3d:19:30:7c:32:a8:63:c9:3d:8a:3a:9c: d4:5a:9c:63:0c:98:63:40:91:46:27:4e:29:26:bb:cd:1e:d0: 0a:4f:de:36:06:c6:54:c8:db:8c:26:3d:ec:32:9c:0e:66:c4: 4d:13:b9:43:a9:e4:cd:7e:26:80:8c:0b:1a:e9:c9:63:8b:6b: 01:3b:ad:53:aa:bc:d4:b3:f1:e9:e0:9e:b9:d6:14:2d:63:a7: 7e:76:2b:db:4d:2b:5e:9f:aa:3a:af:4d:84:82:0e:f0:e4:aa: 3a:92:22:59:3a:b8:cd:78:68:bf:96:1f:98:b4:f5:f6:ef:eb: 50:79:99:6b:ab:3e:fa:37:01:09:63:ad:96:07:94:40:30:01: 55:9e:25:0e -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUXgSMXwc7vOiPAyMsDFTwfYV3qdkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMTBaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDIxZWU1Y2QzODJhYTM5YjY3YzIzOWY3ZmVhYzc5ZTdiYzJlNTczZmE4YzA1 Mjg2OWYzNWI1MGU2YzE3NjJmMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK506zBuIwBiPx05feexPzUphO1BzPiEJDVWaMVVp4Leppfq5G6vJ7J5LxwB nJ7xe/7IuxgqRq+fnSzCxIWYVZxaZaKejdVD6IYNa/mH4KurmOCNVpcfLwtPHZaN es9+b3yaUFrpVgyv+ToZl6Z6C17vyf6OxtwIH/A4LSn0k2kj1K75+BeCIQG7UTD3 C9rGGuigLKQqF/hUSr0WbiG4W4XZmfMmcCoj25CudBmHYyFnAnwXfxm2tEltsSY7 MTxTDLINYeFvR3Yzg6DvvqgvEwMcx/ea648xTj6GmP7K5AeprwPNQl2fKH6WIxAq MTcSkUpHj66eVk+YvGs6RT0aZNcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ2VDy1 WnW6pbyHu7p1NbRhD3NACjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII gDANBgkqhkiG9w0BAQsFAAOCAQEAkd4BMwG9mSGbxXkGpx7rrE7FVSSulfEEY/Ri Fo+F6HOa/V/kZeZ+LRop3JHfzTyBzUqUEP85Wsye3urP75PEjIiAU6VrbgI0U9Yt qhRbGprXBzDxrYZvtPuHyPNjMDWfHXWBNfG3+np8QDlhl42OwWKbPRkwfDKoY8k9 ijqc1FqcYwyYY0CRRidOKSa7zR7QCk/eNgbGVMjbjCY97DKcDmbETRO5Q6nkzX4m gIwLGunJY4trATutU6q81LPx6eCeudYULWOnfnYr200rXp+qOq9NhIIO8OSqOpIi WTq4zXhov5YfmLT19u/rUHmZa6s++jcBCWOtlgeUQDABVZ4lDg== -----END CERTIFICATE-----Generated at Sun Dec 14 00:02:06 2025 by rpki-client