This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa File: d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa (raw, json) Hash identifier: Zoze1EzK1+d/IZxTWqU5dNcJQN6VIn7jSolCdxLDSSg= Subject key identifier: C5:7D:FE:B9:41:F0:C4:5E:CF:C8:92:AE:7E:CF:10:D7:F8:18:AA:F2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 440783199B8E7C787BFD016878ACB804CB4C9005 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa Signing time: Thu 11 Dec 2025 00:00:12 +0000 ROA not before: Thu 11 Dec 2025 00:00:12 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014:1800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:07:83:19:9b:8e:7c:78:7b:fd:01:68:78:ac:b8:04:cb:4c:90:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 11 00:00:12 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=f1a47a1b05ed30a2a9ef248a0361e27513e810406928107035a6a4ae95e00f55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:4d:2c:09:03:62:64:a9:3e:0e:24:8d:f5:ff: 13:f9:4e:39:46:77:f8:4b:06:5b:53:7f:3d:63:11: b0:fa:72:4d:21:0b:1a:75:13:6c:70:16:90:b9:00: 21:af:f7:9e:94:a1:f5:b7:a9:9d:08:2d:59:d9:1a: 65:6f:12:80:bc:35:ea:42:1e:9f:5c:2c:da:b0:da: 35:fa:a5:55:eb:e6:09:61:8f:70:dc:20:dc:10:f4: d9:f7:68:7c:85:f4:0a:f6:71:b2:2b:2e:2c:e4:08: 0d:32:47:5e:dd:ef:18:d9:5c:cd:1a:ff:ae:06:fa: cf:0a:c6:f1:51:e4:b4:09:87:56:0b:86:88:94:ad: 1b:31:76:a4:3a:6e:74:c7:96:c4:31:c9:cc:7a:4d: 26:9a:7b:b0:0f:48:1f:8e:d8:62:8e:a8:97:3b:6d: a3:42:b8:ad:a2:aa:d2:d6:48:77:b1:7f:c6:76:1f: 3d:d1:95:4c:52:1e:e9:c6:c5:18:b1:2c:1f:40:8e: 80:f9:47:1c:e2:58:51:bc:20:55:62:25:92:cb:fd: a7:e8:df:12:91:3d:18:b8:dd:1d:f5:a4:93:e8:0e: 59:5d:e1:20:6d:2b:62:dd:71:c5:a6:b7:a1:63:ec: 5c:84:e7:83:aa:0c:ea:76:43:31:82:7f:dd:81:ff: 8a:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:7D:FE:B9:41:F0:C4:5E:CF:C8:92:AE:7E:CF:10:D7:F8:18:AA:F2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014:1800::/38 Signature Algorithm: sha256WithRSAEncryption 00:80:ff:e0:fc:76:83:d0:85:8f:2f:2e:9e:5d:ca:39:9d:ce: 93:ea:dd:7a:8d:b5:66:93:f0:ce:c4:1a:90:4d:83:6e:31:e2: c5:eb:b9:6e:de:5e:0f:1d:a2:bb:0f:ad:0b:8b:5a:6e:f2:03: c1:c4:01:01:27:43:28:a8:26:56:5f:1b:d6:ff:2b:54:0f:8f: 57:e5:51:36:f8:4e:0f:59:19:9b:91:e7:4f:4a:f7:9f:d5:da: 46:37:b7:da:32:2f:11:aa:4a:a3:08:d1:50:bd:a7:d4:3c:6b: 3e:c1:3a:ca:42:d0:17:fb:a4:85:d3:f1:64:ba:8b:cf:4d:7f: 57:cd:ea:67:50:6e:22:a2:2a:fa:0c:e0:a6:a5:b6:cf:4d:a8: 8c:fa:9d:a3:7b:99:5b:41:87:70:a2:6f:50:78:3f:fa:4c:e6: 13:76:73:94:79:06:c4:3b:7c:8a:e7:49:45:18:d8:d9:c6:56: e6:c8:9d:12:94:75:13:4b:81:4a:6c:65:f7:c7:d0:ed:5c:5b: 04:87:b4:b2:96:b7:10:42:bd:66:97:88:fb:f8:12:e9:84:61: 30:b1:1f:d1:fd:16:50:25:8c:93:fd:f4:98:f3:b3:49:4e:b5: b6:50:7a:15:23:62:4f:f3:89:d9:c8:de:ca:b4:aa:c6:2e:8c: 1c:7b:96:6b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURAeDGZuOfHh7/QFoeKy4BMtMkAUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTEwMDAwMTJaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQGYxYTQ3YTFiMDVlZDMwYTJhOWVmMjQ4YTAzNjFlMjc1MTNlODEwNDA2OTI4 MTA3MDM1YTZhNGFlOTVlMDBmNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVNLAkDYmSpPg4kjfX/E/lOOUZ3+EsGW1N/PWMRsPpyTSELGnUTbHAWkLkA Ia/3npSh9bepnQgtWdkaZW8SgLw16kIen1ws2rDaNfqlVevmCWGPcNwg3BD02fdo fIX0CvZxsisuLOQIDTJHXt3vGNlczRr/rgb6zwrG8VHktAmHVguGiJStGzF2pDpu dMeWxDHJzHpNJpp7sA9IH47YYo6olztto0K4raKq0tZId7F/xnYfPdGVTFIe6cbF GLEsH0COgPlHHOJYUbwgVWIlksv9p+jfEpE9GLjdHfWkk+gOWV3hIG0rYt1xxaa3 oWPsXITng6oM6nZDMYJ/3YH/io8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFff65 QfDEXs/Ikq5+zxDX+Biq8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDk5NWMzYTEtMjg1OC00MDkwLWEwOTYtMWJmNmFlY2NkNWYyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQY MA0GCSqGSIb3DQEBCwUAA4IBAQAAgP/g/HaD0IWPLy6eXco5nc6T6t16jbVmk/DO xBqQTYNuMeLF67lu3l4PHaK7D60Li1pu8gPBxAEBJ0MoqCZWXxvW/ytUD49X5VE2 +E4PWRmbkedPSvef1dpGN7faMi8RqkqjCNFQvafUPGs+wTrKQtAX+6SF0/FkuovP TX9XzepnUG4ioir6DOCmpbbPTaiM+p2je5lbQYdwom9QeD/6TOYTdnOUeQbEO3yK 50lFGNjZxlbmyJ0SlHUTS4FKbGX3x9DtXFsEh7SylrcQQr1ml4j7+BLphGEwsR/R /RZQJYyT/fSY87NJTrW2UHoVI2JP84nZyN7KtKrGLowce5Zr -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:13 2026 by rpki-client