This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json) Hash identifier: 7B1cSVzWXgFHGd86CNurlnqVXbidtMWqX372VDOVzFg= Subject key identifier: 1E:88:18:F6:1B:6C:2C:D3:62:09:2A:B5:82:4C:70:A5:C4:D2:EF:EA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 15EFC40A862E85C0AF467691051E2A23DB045E6C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa Signing time: Wed 10 Dec 2025 06:21:31 +0000 ROA not before: Wed 10 Dec 2025 06:21:31 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:ef:c4:0a:86:2e:85:c0:af:46:76:91:05:1e:2a:23:db:04:5e:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:31 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3d1be06f188272e7b28e0e819a4e2410c2b7c90452c87dadcac65ca0d302af12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:10:6e:a4:e7:f8:bd:75:a9:9f:6d:b9:af:53: 9b:a0:91:41:99:d0:a6:bd:a8:93:71:46:76:15:59: 46:a6:ec:dc:15:74:b8:0f:36:43:65:06:3b:28:e4: 96:5b:79:4b:cb:6a:a9:ec:76:9b:33:a4:f6:c1:fa: 6a:33:48:26:a0:1e:07:a3:4d:ff:2a:0a:01:17:a9: 36:d7:dc:f8:0c:39:24:ef:dd:78:da:27:0c:45:1a: c2:68:73:c9:fd:7f:dd:4a:36:d4:4d:5d:e1:39:0f: e2:e9:11:4d:67:b4:03:13:ff:05:4b:44:98:4e:7b: 89:fd:30:02:be:77:be:77:2a:3e:f8:e5:e4:a3:c5: 80:ed:70:63:ba:1c:f0:54:22:91:68:3b:85:6d:39: 4c:12:8d:9b:29:7b:d9:cb:67:b0:3e:59:c8:a3:ea: c3:ac:04:4b:34:4d:2a:dc:5a:14:66:b8:f4:8a:46: c9:a9:56:b1:9d:87:e1:6e:d6:80:47:44:ab:b8:5c: 95:2a:14:e4:a5:99:7a:6c:50:15:eb:ca:86:63:2b: 4c:c9:5d:44:46:f7:a8:e5:9d:b7:7c:8d:7c:6e:28: 6d:44:b9:95:eb:c4:59:00:9d:9d:82:25:86:e7:55: 3d:03:59:1e:45:75:d8:af:33:37:f5:8c:fa:43:89: 19:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:88:18:F6:1B:6C:2C:D3:62:09:2A:B5:82:4C:70:A5:C4:D2:EF:EA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d018:800::/38 Signature Algorithm: sha256WithRSAEncryption 61:45:05:3c:f4:62:45:c1:ce:2b:b0:ef:fc:46:50:2d:e9:fa: ab:5e:cf:0e:87:22:f5:44:00:b8:49:6e:69:a9:55:b5:e0:f9: f9:b4:66:a3:d3:06:5b:4d:79:3a:33:d3:38:9d:33:16:cb:f4: 59:e0:15:84:ae:b8:1e:78:8d:92:6c:f9:0c:67:58:88:94:0d: ae:6c:cb:67:8d:c5:3c:24:ce:08:c8:f7:1b:da:e2:65:97:9f: 45:74:fc:29:03:03:8b:b7:5c:19:65:82:98:14:36:80:91:48: 42:2d:04:a2:e9:36:9f:61:9b:1e:e3:05:3a:28:a1:a4:6f:4a: a3:ff:59:a3:54:a2:a0:9d:ed:05:3d:7b:9d:e5:1b:5f:bf:11: 3c:9b:bb:31:35:d0:ff:b4:24:42:ff:1a:2d:6b:c2:19:6d:fd: 38:dd:eb:af:d7:ea:15:b2:56:10:a5:7c:f1:cf:83:a2:56:d9: 72:6a:f9:8f:3a:23:c2:eb:0f:14:08:80:c5:d5:13:de:a2:2a: 68:59:ab:70:d6:c7:3e:48:ce:27:c2:33:1c:17:21:97:ea:2b: 43:e2:e3:d7:a3:bf:77:c4:96:bc:68:dd:ca:a5:64:b4:de:62: 40:24:88:23:53:e4:c3:70:17:f4:c4:3d:da:ad:03:83:35:5c: 43:01:d2:c3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFe/ECoYuhcCvRnaRBR4qI9sEXmwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMzFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNkMWJlMDZmMTg4MjcyZTdiMjhlMGU4MTlhNGUyNDEwYzJiN2M5MDQ1MmM4 N2RhZGNhYzY1Y2EwZDMwMmFmMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsQbqTn+L11qZ9tua9Tm6CRQZnQpr2ok3FGdhVZRqbs3BV0uA82Q2UGOyjk llt5S8tqqex2mzOk9sH6ajNIJqAeB6NN/yoKARepNtfc+Aw5JO/deNonDEUawmhz yf1/3Uo21E1d4TkP4ukRTWe0AxP/BUtEmE57if0wAr53vncqPvjl5KPFgO1wY7oc 8FQikWg7hW05TBKNmyl72ctnsD5ZyKPqw6wESzRNKtxaFGa49IpGyalWsZ2H4W7W gEdEq7hclSoU5KWZemxQFevKhmMrTMldREb3qOWdt3yNfG4obUS5levEWQCdnYIl hudVPQNZHkV12K8zN/WM+kOJGSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeiBj2 G2ws02IJKrWCTHClxNLv6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI MA0GCSqGSIb3DQEBCwUAA4IBAQBhRQU89GJFwc4rsO/8RlAt6fqrXs8OhyL1RAC4 SW5pqVW14Pn5tGaj0wZbTXk6M9M4nTMWy/RZ4BWErrgeeI2SbPkMZ1iIlA2ubMtn jcU8JM4IyPcb2uJll59FdPwpAwOLt1wZZYKYFDaAkUhCLQSi6TafYZse4wU6KKGk b0qj/1mjVKKgne0FPXud5RtfvxE8m7sxNdD/tCRC/xota8IZbf043euv1+oVslYQ pXzxz4OiVtlyavmPOiPC6w8UCIDF1RPeoipoWatw1sc+SM4nwjMcFyGX6itD4uPX o793xJa8aN3KpWS03mJAJIgjU+TDcBf0xD3arQODNVxDAdLD -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:10 2026 by rpki-client