This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json) Hash identifier: CDSqOgpMDT8Zj+bhgz3VgIfKX9XpnLrM6eLTBxofFNc= Subject key identifier: 1A:47:6B:62:13:0B:A3:06:33:3D:42:2E:30:11:DF:9E:51:CA:05:4F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4F0E970AF0E7332E2767B56D6729247892B87C43 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa Signing time: Wed 10 Dec 2025 06:11:03 +0000 ROA not before: Wed 10 Dec 2025 06:11:03 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:0e:97:0a:f0:e7:33:2e:27:67:b5:6d:67:29:24:78:92:b8:7c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:03 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=71873b81abd4f809527e58a56378c6c7210d13de6e56d9b538ba134227a77463, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ff:53:99:b5:61:6f:f8:b0:58:70:cb:96:cf: 6d:56:de:3c:cd:7b:88:2f:ea:54:2e:98:bc:e0:27: 9a:26:25:9d:61:12:66:83:43:e7:e4:ac:73:5a:78: 18:77:df:48:a4:7a:a7:92:93:80:e4:2d:cb:11:c1: 51:ce:6a:95:d6:84:e9:ed:21:1f:69:cb:71:83:13: 78:62:1e:c3:7a:6c:fb:b0:c0:99:2b:6b:95:08:a0: 9c:cf:f6:ee:18:c8:7e:12:1c:77:fd:df:d8:57:38: cc:e6:a0:7d:9b:39:7b:90:12:1f:dc:c6:46:29:94: 0d:d8:d0:99:c8:64:de:7d:65:35:19:07:c8:ab:5d: 70:61:96:e8:80:65:11:f2:aa:88:92:85:36:a5:d8: fd:6a:c2:19:2d:ac:5e:44:ef:8f:f2:0e:ce:88:ce: 75:dd:34:1c:66:7c:71:ec:19:16:31:80:58:89:45: 02:cd:56:a1:b7:e3:1c:e6:27:e6:39:e3:fd:99:e4: 21:78:a7:92:e7:7f:46:b8:11:00:34:00:ab:dc:9a: a0:c2:fb:34:4a:cd:7f:d5:cb:0b:b2:aa:c8:d6:2d: 43:be:e8:74:be:e0:10:4a:45:0e:75:cb:2e:51:a7: 4c:fa:25:cc:cc:57:7d:e3:db:b4:03:39:80:c4:54: 35:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:47:6B:62:13:0B:A3:06:33:3D:42:2E:30:11:DF:9E:51:CA:05:4F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:c000::/40 Signature Algorithm: sha256WithRSAEncryption a7:f1:0a:dd:8d:d9:ee:87:66:eb:21:f5:57:78:a8:e7:48:c2: e9:ff:99:71:8f:a3:4b:59:88:4c:76:21:f1:b5:12:bc:b1:a8: 06:61:3e:80:47:67:ee:8a:aa:90:8b:8e:10:e5:55:c9:12:dc: 17:ad:69:bf:ae:44:67:76:81:76:62:7b:df:86:34:70:d7:ae: 9d:cf:7c:25:4f:10:55:49:12:cb:0d:e1:26:fe:a3:c2:3d:97: 9b:47:7a:64:03:c1:f7:06:9f:51:8e:24:db:57:68:aa:22:e7: 50:c7:57:11:84:84:4c:29:55:c6:03:8d:b4:81:82:48:df:e8: bc:c0:34:df:e7:86:5a:f1:04:5c:d7:fb:05:8e:7e:ee:88:57: ad:5f:4a:db:d0:d5:11:4a:a8:84:f9:16:ba:b5:b1:b7:92:f2: a3:dd:5b:aa:9c:a3:19:7f:e8:9b:e9:d1:bb:c2:41:05:02:4c: c3:f4:5e:6f:3b:7e:6b:e1:a8:d3:99:f1:19:71:f2:8e:ad:c1: 0c:ba:a0:9a:04:bf:a3:e5:6e:c8:1c:ed:39:2e:a7:cd:a1:3f: 0c:d1:ec:f2:e8:18:82:aa:a1:f9:f6:37:da:a8:09:58:1d:b2: 8e:72:ef:fc:49:d7:ea:89:2a:93:56:a8:b0:e3:01:6a:44:3d: 34:a9:9d:10 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTw6XCvDnMy4nZ7VtZykkeJK4fEMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDcxODczYjgxYWJkNGY4MDk1MjdlNThhNTYzNzhjNmM3MjEwZDEzZGU2ZTU2 ZDliNTM4YmExMzQyMjdhNzc0NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALr/U5m1YW/4sFhwy5bPbVbePM17iC/qVC6YvOAnmiYlnWESZoND5+Ssc1p4 GHffSKR6p5KTgOQtyxHBUc5qldaE6e0hH2nLcYMTeGIew3ps+7DAmStrlQignM/2 7hjIfhIcd/3f2Fc4zOagfZs5e5ASH9zGRimUDdjQmchk3n1lNRkHyKtdcGGW6IBl EfKqiJKFNqXY/WrCGS2sXkTvj/IOzojOdd00HGZ8cewZFjGAWIlFAs1WobfjHOYn 5jnj/ZnkIXinkud/RrgRADQAq9yaoML7NErNf9XLC7KqyNYtQ77odL7gEEpFDnXL LlGnTPolzMxXfePbtAM5gMRUNdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaR2ti EwujBjM9Qi4wEd+eUcoFTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA MA0GCSqGSIb3DQEBCwUAA4IBAQCn8Qrdjdnuh2brIfVXeKjnSMLp/5lxj6NLWYhM diHxtRK8sagGYT6AR2fuiqqQi44Q5VXJEtwXrWm/rkRndoF2YnvfhjRw166dz3wl TxBVSRLLDeEm/qPCPZebR3pkA8H3Bp9RjiTbV2iqIudQx1cRhIRMKVXGA420gYJI 3+i8wDTf54Za8QRc1/sFjn7uiFetX0rb0NURSqiE+Ra6tbG3kvKj3VuqnKMZf+ib 6dG7wkEFAkzD9F5vO35r4ajTmfEZcfKOrcEMuqCaBL+j5W7IHO05LqfNoT8M0ezy 6BiCqqH59jfaqAlYHbKOcu/8SdfqiSqTVqiw4wFqRD00qZ0Q -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:33 2026 by rpki-client