This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa File: bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa (raw, json) Hash identifier: YwZNHgy/qzZEGiL2PHuHvaMnV8oUsg+IZGG7ObDW7Qc= Subject key identifier: 54:F0:61:4E:F9:A0:8F:B1:CE:11:3D:2E:2E:17:7C:31:F6:12:44:A1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7D422F9FA424B59A442FB3F44C52BA7EB03AC1FA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa Signing time: Wed 10 Dec 2025 06:01:02 +0000 ROA not before: Wed 10 Dec 2025 06:01:02 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:42:2f:9f:a4:24:b5:9a:44:2f:b3:f4:4c:52:ba:7e:b0:3a:c1:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:02 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b0e104fb6ac228bd1999edab2d10b617420050229652c4336bab0d0b9eb6b05d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:16:10:e6:5f:29:e0:45:61:24:0d:e3:8f:6c: cd:53:86:65:9e:23:b5:9b:f2:55:33:39:22:61:fa: e1:f6:33:d8:8c:f7:9a:04:cd:02:f5:08:96:fe:36: 37:c0:a1:5e:9b:ae:dd:a4:75:2d:75:ca:1d:64:10: 26:b4:4b:ac:2b:07:a2:ae:2b:6e:a3:f0:70:07:ce: 83:da:72:49:92:dd:dc:57:15:a6:6a:03:97:b4:a8: 64:23:37:92:90:19:06:b1:fd:2f:87:46:88:fa:f8: ed:3e:19:1b:0f:2a:52:50:9a:18:f7:94:1e:82:4b: ef:e2:60:b1:4d:2b:8c:f8:4f:ce:b1:91:f3:05:cc: dd:bd:f9:c3:87:4c:a3:8a:02:0f:5b:c1:da:28:ed: 86:e4:05:57:df:a9:43:1e:c3:ac:40:52:33:97:84: 2a:94:63:19:08:6a:c0:9c:e8:3e:bf:fb:22:e6:b9: 57:9b:42:8e:10:e1:d3:bb:ab:1b:7e:1e:1b:67:af: f7:4f:5b:41:8d:80:8d:4b:fa:5f:85:4d:99:20:3e: 50:b2:e0:aa:fe:37:9e:29:ec:fc:57:37:d1:51:eb: 97:a6:9d:98:a5:ad:62:e5:1a:59:9d:64:71:ae:14: 0a:90:e0:9e:f4:b5:c1:e3:87:0d:9c:e1:b6:04:fc: c3:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:F0:61:4E:F9:A0:8F:B1:CE:11:3D:2E:2E:17:7C:31:F6:12:44:A1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:b000::/40 Signature Algorithm: sha256WithRSAEncryption 07:2f:82:aa:95:8a:23:87:b1:8e:b5:2c:50:64:95:7c:07:3f: 2f:67:60:2b:bc:33:27:f1:27:6c:0a:75:28:64:63:c1:bf:48: 51:1b:e5:00:62:30:df:55:b7:fe:e5:bd:bd:4a:83:3c:ae:03: 14:ef:23:f2:99:02:a1:5f:d6:83:f3:6e:42:4c:12:4a:b5:6a: 42:7d:53:49:b2:e7:7c:ac:99:36:57:16:90:78:21:20:66:07: 2a:99:d6:46:90:46:22:97:67:a8:fc:92:80:63:b1:cf:ba:3c: cd:b4:57:2d:4c:6d:1f:98:53:0f:ad:24:2c:2f:67:e5:2e:76: 61:e2:8c:d4:1f:24:e8:90:ef:d7:87:13:65:b7:8f:e5:1c:28: 12:6a:5b:0a:8b:67:31:60:6a:de:11:19:9a:ba:48:3c:0d:3f: 98:b1:20:91:c6:ac:bd:1b:16:b3:af:3f:ae:6c:96:ee:7b:62: d1:73:d9:5d:e6:19:eb:1b:f1:5e:76:11:37:63:6f:27:2c:15: 8b:a6:a2:a2:9b:0f:63:8e:88:7b:c7:dc:6e:a5:90:58:e1:7b: 1a:70:56:c9:93:95:43:4f:10:9d:d9:01:b8:df:8e:6c:25:a9: de:b7:d8:a1:a3:19:ec:74:83:22:57:0a:d7:90:68:b8:04:d2: 8c:5b:e9:f5 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfUIvn6QktZpEL7P0TFK6frA6wfowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGIwZTEwNGZiNmFjMjI4YmQxOTk5ZWRhYjJkMTBiNjE3NDIwMDUwMjI5NjUy YzQzMzZiYWIwZDBiOWViNmIwNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAWEOZfKeBFYSQN449szVOGZZ4jtZvyVTM5ImH64fYz2Iz3mgTNAvUIlv42 N8ChXpuu3aR1LXXKHWQQJrRLrCsHoq4rbqPwcAfOg9pySZLd3FcVpmoDl7SoZCM3 kpAZBrH9L4dGiPr47T4ZGw8qUlCaGPeUHoJL7+JgsU0rjPhPzrGR8wXM3b35w4dM o4oCD1vB2ijthuQFV9+pQx7DrEBSM5eEKpRjGQhqwJzoPr/7Iua5V5tCjhDh07ur G34eG2ev909bQY2AjUv6X4VNmSA+ULLgqv43nins/Fc30VHrl6admKWtYuUaWZ1k ca4UCpDgnvS1weOHDZzhtgT8wz0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRU8GFO +aCPsc4RPS4uF3wx9hJEoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmYxZGIwZjMtNmNhZC00ZmNjLTk2YzUtZGRkZTcwMGU2MjY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWw MA0GCSqGSIb3DQEBCwUAA4IBAQAHL4KqlYojh7GOtSxQZJV8Bz8vZ2ArvDMn8Sds CnUoZGPBv0hRG+UAYjDfVbf+5b29SoM8rgMU7yPymQKhX9aD825CTBJKtWpCfVNJ sud8rJk2VxaQeCEgZgcqmdZGkEYil2eo/JKAY7HPujzNtFctTG0fmFMPrSQsL2fl LnZh4ozUHyTokO/XhxNlt4/lHCgSalsKi2cxYGreERmaukg8DT+YsSCRxqy9Gxaz rz+ubJbue2LRc9ld5hnrG/FedhE3Y28nLBWLpqKimw9jjoh7x9xupZBY4XsacFbJ k5VDTxCd2QG4345sJanet9ihoxnsdIMiVwrXkGi4BNKMW+n1 -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:54 2026 by rpki-client