This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json) Hash identifier: leMPBQ8dSY+3C5few2nxukQ7Lzg3hWCSw2r5Sko+Ptw= Subject key identifier: 1F:C1:38:11:3A:86:C1:54:CC:DB:FD:22:8D:A2:96:4B:A0:54:27:87 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 167CB7D47F82FDF681F138E60591B58746DA9565 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa Signing time: Wed 10 Dec 2025 06:20:09 +0000 ROA not before: Wed 10 Dec 2025 06:20:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:7c:b7:d4:7f:82:fd:f6:81:f1:38:e6:05:91:b5:87:46:da:95:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d6cc29cc6cf0a26660ff28d535338d0443826aa10c8d620d1a7c954d64f47453, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:60:bd:9e:75:b3:c9:80:a2:3c:80:08:d0:6b: 6e:ca:f2:14:3e:a8:d2:f4:d9:08:21:b5:02:98:af: 23:65:be:0d:6e:91:30:f8:f7:31:0e:de:05:c9:5e: 7b:cc:40:f0:4a:26:3f:9d:ca:f9:17:95:e5:61:24: a0:5c:7d:31:20:c9:7e:9a:00:9a:97:6b:e1:8d:39: 1d:47:f6:6e:73:22:64:28:e3:fd:d9:fc:51:ce:3c: dc:d7:c5:61:e8:9a:f9:73:db:7d:a0:81:8c:cc:de: 84:60:df:c0:3c:fd:a2:c2:db:2d:ac:91:bb:a8:78: d9:10:33:74:1b:68:f3:f6:77:37:bf:61:78:cc:fe: 08:2b:8a:15:6e:d4:8d:27:e1:fb:aa:5e:8f:c8:1e: 4d:01:37:5b:c3:b4:2c:0a:b7:95:69:29:9a:94:4c: 04:36:38:d1:2e:5b:18:41:9c:37:a2:fb:cd:8b:03: f7:b0:bc:99:56:19:2a:46:bf:6e:27:03:ac:74:2b: 48:ae:11:b5:fe:2c:30:01:0d:82:c6:0c:a7:1f:d0: e6:1b:79:f8:8b:3a:2d:de:9b:44:8f:2a:2a:b9:ac: 33:50:c7:e8:0b:76:be:47:d3:5c:a2:64:18:2b:23: a5:7c:e8:17:5f:64:30:a8:0c:77:fe:bb:ef:99:3e: 05:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:C1:38:11:3A:86:C1:54:CC:DB:FD:22:8D:A2:96:4B:A0:54:27:87 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:10c0::/48 Signature Algorithm: sha256WithRSAEncryption ca:98:9e:46:fe:0e:db:f7:b3:47:51:8f:66:b7:0c:f9:c6:11: 81:e6:38:c2:bf:c8:8f:f9:b8:10:33:10:00:31:e3:63:8d:94: fc:08:80:d5:af:be:83:ff:9e:54:0a:1f:0c:b8:7b:9d:4d:30: 7a:b6:99:47:d2:72:d9:3d:52:27:5e:56:0b:13:16:9f:e0:4b: 41:b6:47:12:ad:a0:d3:c8:ab:b4:41:97:37:7f:8a:20:5f:57: 88:4c:c8:d8:b7:a8:2f:07:4c:02:5d:af:a6:67:d7:1e:f2:85: e5:22:a3:a5:bb:e0:0e:53:f1:09:bf:db:dc:9b:55:50:a8:cd: 30:29:dd:c4:45:6a:08:f4:9f:de:71:a7:ff:66:d9:2e:df:e3: 82:10:fc:60:56:f1:aa:c9:ff:f4:4b:8f:13:f7:32:7e:bd:7b: cc:21:83:2b:34:bb:c1:4b:2d:41:48:23:18:2e:ec:af:9c:a1: d1:90:56:19:bc:5f:7b:94:5f:7f:1a:f8:61:06:df:99:76:ab: f8:51:6c:45:1f:ca:ff:f5:13:fc:ca:97:50:2e:ea:c4:ef:89: 18:bc:79:61:a8:d8:a2:da:15:c2:06:f9:70:71:f8:15:ec:bc: 32:91:f8:87:12:b3:0e:a1:5d:77:a0:64:15:8f:f5:5d:b0:f4: bf:86:1b:9c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFny31H+C/faB8TjmBZG1h0balWUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ2Y2MyOWNjNmNmMGEyNjY2MGZmMjhkNTM1MzM4ZDA0NDM4MjZhYTEwYzhk NjIwZDFhN2M5NTRkNjRmNDc0NTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1gvZ51s8mAojyACNBrbsryFD6o0vTZCCG1ApivI2W+DW6RMPj3MQ7eBcle e8xA8EomP53K+ReV5WEkoFx9MSDJfpoAmpdr4Y05HUf2bnMiZCjj/dn8Uc483NfF Yeia+XPbfaCBjMzehGDfwDz9osLbLayRu6h42RAzdBto8/Z3N79heMz+CCuKFW7U jSfh+6pej8geTQE3W8O0LAq3lWkpmpRMBDY40S5bGEGcN6L7zYsD97C8mVYZKka/ bicDrHQrSK4Rtf4sMAENgsYMpx/Q5ht5+Is6Ld6bRI8qKrmsM1DH6At2vkfTXKJk GCsjpXzoF19kMKgMd/6775k+BWUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfwTgR OobBVMzb/SKNopZLoFQnhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q wDANBgkqhkiG9w0BAQsFAAOCAQEAypieRv4O2/ezR1GPZrcM+cYRgeY4wr/Ij/m4 EDMQADHjY42U/AiA1a++g/+eVAofDLh7nU0weraZR9Jy2T1SJ15WCxMWn+BLQbZH Eq2g08irtEGXN3+KIF9XiEzI2LeoLwdMAl2vpmfXHvKF5SKjpbvgDlPxCb/b3JtV UKjNMCndxEVqCPSf3nGn/2bZLt/jghD8YFbxqsn/9EuPE/cyfr17zCGDKzS7wUst QUgjGC7sr5yh0ZBWGbxfe5Rffxr4YQbfmXar+FFsRR/K//UT/MqXUC7qxO+JGLx5 YajYotoVwgb5cHH4Fey8MpH4hxKzDqFdd6BkFY/1XbD0v4YbnA== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:32 2026 by rpki-client