This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json) Hash identifier: aRx9L83c/zfg2J2vW3dz0Y4NoG3dt8yTVtbvJYAKDVk= Subject key identifier: 31:D8:50:17:4A:AC:DD:C5:AF:1C:13:52:75:30:A9:20:DA:41:B5:C5 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7E42DE047F483DE15EC85CD0B76CB892932BBB25 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa Signing time: Wed 10 Dec 2025 06:30:42 +0000 ROA not before: Wed 10 Dec 2025 06:30:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:42:de:04:7f:48:3d:e1:5e:c8:5c:d0:b7:6c:b8:92:93:2b:bb:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d4a1b46b5136f144b68fc77df6b15fdc55f1b3ea69e27fe0b9c1ba2bc899e7e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:82:df:7d:fa:a8:a5:91:cb:50:a0:fe:23:11: be:5f:6c:e2:8f:cc:02:42:a1:4c:21:80:39:9d:05: c5:26:a4:f7:1b:15:8e:b2:7a:3e:39:d8:ec:59:24: ef:9a:71:51:1f:08:c6:9c:f2:54:41:05:72:35:79: 09:c5:e6:e4:e2:8d:3b:d3:66:bf:d4:89:b2:40:5d: 2e:1c:71:62:63:9c:0d:7c:38:02:6f:13:85:b9:6d: 32:a2:1b:c1:40:f1:a7:52:60:6f:6a:6a:5e:cf:37: 4d:36:44:27:26:ff:6d:01:27:df:1e:95:cb:a6:68: 79:fd:07:31:3a:d8:9c:7c:29:78:a1:d9:e9:f0:08: 9c:c5:82:54:9a:56:eb:fb:b2:29:2a:bd:b6:dc:62: 83:5e:8e:00:74:60:a6:93:00:f8:39:ee:ea:50:40: 27:16:30:cf:24:af:24:52:2d:7f:37:ac:3e:e2:b5: 36:06:1f:75:b6:53:fc:89:5d:d2:1b:2d:69:fe:c0: a2:19:f6:20:3f:bb:49:ab:19:68:30:cd:51:fe:b5: 46:49:4a:88:25:41:cf:6b:e3:7d:de:2d:f1:73:3f: 04:f0:8d:55:8f:c3:19:68:c8:35:ec:fc:f8:0b:8f: d4:6a:62:ff:bd:3d:f2:78:09:07:e2:e7:4d:9c:e8: a8:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:D8:50:17:4A:AC:DD:C5:AF:1C:13:52:75:30:A9:20:DA:41:B5:C5 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:9080::/48 Signature Algorithm: sha256WithRSAEncryption 16:a8:b1:27:b7:45:e3:86:02:89:97:ac:22:74:db:be:16:7d: 6d:bb:00:f5:cf:46:86:3f:b7:c3:ec:cf:6a:2b:2e:96:03:76: ab:85:46:52:6b:50:52:1e:fc:9d:98:64:61:30:fa:08:23:c0: 94:38:8a:70:0d:3d:3f:b7:96:23:c4:3c:1b:07:f4:ec:2c:d5: 40:75:ea:c2:f2:19:07:13:77:be:37:99:98:9b:21:46:4d:c9: 9d:3e:06:37:f3:a2:c4:b1:c2:b3:7b:a7:da:58:ba:62:70:e1: 8e:2f:f1:0b:b4:32:2d:07:c2:e0:70:6f:e0:96:cc:4f:b3:3a: 8e:5c:6a:34:ad:60:e0:9c:86:f7:fc:5c:90:ce:95:47:ce:8c: 79:ad:59:a4:f0:b0:1e:9d:6f:bb:26:8b:6c:e5:b9:1b:0a:c7: 74:7f:aa:51:97:c2:d2:e1:23:36:64:f9:b4:8c:8a:d5:97:3a: 67:7d:6d:1f:37:eb:3b:80:68:31:a5:c8:8a:c9:60:e5:49:a9: e6:69:c3:78:9b:b6:32:eb:12:6f:00:36:0a:b8:42:ad:0a:79: 01:21:1b:33:42:51:b8:9a:4b:04:f0:50:10:11:ae:cc:89:78: 4d:da:40:3d:83:b7:fa:5f:7d:f8:5a:68:f5:c2:0d:37:e7:7d: f1:fb:2d:d9 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUfkLeBH9IPeFeyFzQt2y4kpMruyUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ0YTFiNDZiNTEzNmYxNDRiNjhmYzc3ZGY2YjE1ZmRjNTVmMWIzZWE2OWUy N2ZlMGI5YzFiYTJiYzg5OWU3ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM+C3336qKWRy1Cg/iMRvl9s4o/MAkKhTCGAOZ0FxSak9xsVjrJ6PjnY7Fkk 75pxUR8IxpzyVEEFcjV5CcXm5OKNO9Nmv9SJskBdLhxxYmOcDXw4Am8ThbltMqIb wUDxp1Jgb2pqXs83TTZEJyb/bQEn3x6Vy6Zoef0HMTrYnHwpeKHZ6fAInMWCVJpW 6/uyKSq9ttxig16OAHRgppMA+Dnu6lBAJxYwzySvJFItfzesPuK1NgYfdbZT/Ild 0hstaf7Aohn2ID+7SasZaDDNUf61RklKiCVBz2vjfd4t8XM/BPCNVY/DGWjINez8 +AuP1Gpi/7098ngJB+LnTZzoqMcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQx2FAX Sqzdxa8cE1J1MKkg2kG1xTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ gDANBgkqhkiG9w0BAQsFAAOCAQEAFqixJ7dF44YCiZesInTbvhZ9bbsA9c9Ghj+3 w+zPaisulgN2q4VGUmtQUh78nZhkYTD6CCPAlDiKcA09P7eWI8Q8Gwf07CzVQHXq wvIZBxN3vjeZmJshRk3JnT4GN/OixLHCs3un2li6YnDhji/xC7QyLQfC4HBv4JbM T7M6jlxqNK1g4JyG9/xckM6VR86Mea1ZpPCwHp1vuyaLbOW5GwrHdH+qUZfC0uEj NmT5tIyK1Zc6Z31tHzfrO4BoMaXIislg5Ump5mnDeJu2MusSbwA2CrhCrQp5ASEb M0JRuJpLBPBQEBGuzIl4TdpAPYO3+l99+Fpo9cINN+d98fst2Q== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:25 2026 by rpki-client