This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json) Hash identifier: uZfhZWrwEkYPCXfEYPvQwjZLjWwO+1RNlRMrlY63SOc= Subject key identifier: AB:B9:DC:61:8F:28:2C:AF:EE:2A:6A:20:8B:43:AA:3C:34:2A:7A:5B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4EE3243E7EFC3C97C39576FF43A3CB2CDE525E0F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa Signing time: Wed 10 Dec 2025 05:20:06 +0000 ROA not before: Wed 10 Dec 2025 05:20:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:e3:24:3e:7e:fc:3c:97:c3:95:76:ff:43:a3:cb:2c:de:52:5e:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=232ee9c891c1bcd8df8b6c492179a50a687b86989059d289e88b84e279a2a4ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:5f:62:9d:e7:65:b2:c9:d0:a6:bd:c4:36:37: 60:e5:7d:80:6e:5e:16:e2:b2:66:9f:5f:25:d9:b0: 18:7b:18:d7:d1:ab:c4:48:61:ab:58:20:06:f5:b9: 12:d6:42:ef:79:96:2e:45:0f:d3:15:12:33:14:73: 7f:d6:fa:79:02:5c:19:c5:7f:e7:8f:ea:74:ff:87: 33:70:0f:4c:56:75:97:bc:4a:90:1e:e4:bf:bb:2c: 4c:93:14:17:45:c6:c4:92:3f:e7:1c:33:07:ef:ae: 79:a6:93:c4:ce:0b:cb:f9:4a:f0:05:5b:f5:91:c6: de:79:cf:48:bb:3c:20:fe:d4:a0:8e:03:90:be:c4: 10:c5:bd:c9:8d:ed:99:c8:f6:5a:66:59:93:74:0f: 99:f7:de:06:a0:f4:8f:d9:04:c9:0b:39:16:da:8d: 7f:d9:49:18:28:a6:dd:19:ea:f2:a4:d0:9f:b8:9b: 02:31:22:0a:7f:0b:be:5c:1e:e8:fa:6d:86:b6:4c: 7d:d8:ad:6f:16:df:32:ba:b2:32:78:4c:dd:28:27: a2:25:b6:73:1a:d7:31:11:2a:de:a1:9d:87:4b:b2: cc:29:7f:b1:c6:4d:89:12:5f:1f:77:6e:7e:d5:ac: 59:c6:22:0d:6c:51:7f:7e:d0:f4:76:31:87:19:97: d3:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B9:DC:61:8F:28:2C:AF:EE:2A:6A:20:8B:43:AA:3C:34:2A:7A:5B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:2000::/40 Signature Algorithm: sha256WithRSAEncryption 37:30:f6:fd:53:80:c7:da:23:56:8d:f6:3b:4a:75:19:e8:92: 7a:78:a5:a9:99:97:c9:33:e0:fc:fe:eb:95:cc:7a:28:6c:13: cd:7f:cc:1c:46:3c:1f:35:3e:79:f9:76:7e:e7:c6:8a:fb:bc: 8a:57:9c:f9:94:0c:bf:89:3d:d1:8b:a2:ff:89:90:81:25:f2: ec:9e:04:dd:4a:e5:b9:26:76:71:bd:b8:8e:65:2f:9b:e4:02: 5c:d0:38:f2:88:6e:44:43:cc:bd:56:3d:74:69:5f:3a:e0:15: 44:ab:c2:ba:ac:b5:52:39:55:79:01:c3:23:f8:01:a3:74:e2: 7b:06:50:a2:e2:d4:76:d7:bd:f2:68:24:ca:62:00:a0:9d:b1: e7:86:ff:4e:13:91:fa:ef:b5:51:3f:cf:b2:e3:72:22:df:fc: f8:91:85:c7:cb:ff:9e:53:4c:53:03:93:f2:c5:56:ab:5b:9e: 4f:62:cc:b7:ec:a1:e4:62:ac:95:b2:22:ac:4f:5b:9b:08:85: f9:6f:3e:fa:d3:33:9b:a0:45:64:19:11:3c:02:76:56:2a:ce: 4e:87:46:42:51:c7:95:15:53:6a:0b:a7:24:37:81:3c:6d:b9: 35:50:d1:79:db:f2:c7:7e:d5:9e:bd:5d:91:0b:b3:c2:f8:e1: aa:0a:08:7e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTuMkPn78PJfDlXb/Q6PLLN5SXg8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIzMmVlOWM4OTFjMWJjZDhkZjhiNmM0OTIxNzlhNTBhNjg3Yjg2OTg5MDU5 ZDI4OWU4OGI4NGUyNzlhMmE0YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNfYp3nZbLJ0Ka9xDY3YOV9gG5eFuKyZp9fJdmwGHsY19GrxEhhq1ggBvW5 EtZC73mWLkUP0xUSMxRzf9b6eQJcGcV/54/qdP+HM3APTFZ1l7xKkB7kv7ssTJMU F0XGxJI/5xwzB++ueaaTxM4Ly/lK8AVb9ZHG3nnPSLs8IP7UoI4DkL7EEMW9yY3t mcj2WmZZk3QPmffeBqD0j9kEyQs5FtqNf9lJGCim3Rnq8qTQn7ibAjEiCn8Lvlwe 6PpthrZMfditbxbfMrqyMnhM3SgnoiW2cxrXMREq3qGdh0uyzCl/scZNiRJfH3du ftWsWcYiDWxRf37Q9HYxhxmX07cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrudxh jygsr+4qaiCLQ6o8NCp6WzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g MA0GCSqGSIb3DQEBCwUAA4IBAQA3MPb9U4DH2iNWjfY7SnUZ6JJ6eKWpmZfJM+D8 /uuVzHoobBPNf8wcRjwfNT55+XZ+58aK+7yKV5z5lAy/iT3Ri6L/iZCBJfLsngTd SuW5JnZxvbiOZS+b5AJc0DjyiG5EQ8y9Vj10aV864BVEq8K6rLVSOVV5AcMj+AGj dOJ7BlCi4tR2173yaCTKYgCgnbHnhv9OE5H677VRP8+y43Ii3/z4kYXHy/+eU0xT A5PyxVarW55PYsy37KHkYqyVsiKsT1ubCIX5bz760zOboEVkGRE8AnZWKs5Oh0ZC UceVFVNqC6ckN4E8bbk1UNF52/LHftWevV2RC7PC+OGqCgh+ -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:45 2026 by rpki-client