This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa File: e2212154-4339-4293-b1a8-15f06519a708.roa (raw, json) Hash identifier: 2aI27ZI2jwUVj0ogDVcfNqx+8z7LGvE8PYZ0mHUpJGs= Subject key identifier: 80:03:39:ED:FA:BB:15:6C:63:62:F6:1E:E3:41:45:88:3C:71:6C:7A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 07985F8DAE65F79891FB2A5BE01B499B89947B7D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa Signing time: Wed 10 Dec 2025 05:10:06 +0000 ROA not before: Wed 10 Dec 2025 05:10:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:98:5f:8d:ae:65:f7:98:91:fb:2a:5b:e0:1b:49:9b:89:94:7b:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:10:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2126e30b315521ec374caf12105131b7995ef97e5a12c0c4eceaac96eea173fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:46:e7:7c:84:d8:fb:a6:70:11:3a:dc:40:89: 7d:57:19:52:5c:51:7a:c1:06:e5:8c:7a:2c:7b:12: fc:bb:23:c5:5e:30:a5:77:b1:f0:ad:f4:cb:00:cb: d3:7c:b1:79:37:9b:6c:64:d1:43:98:80:55:e3:e1: 84:73:38:7b:9e:73:44:f3:43:ce:98:bf:3e:73:89: 19:73:7c:c8:85:0d:27:6c:d9:82:02:c4:e4:de:c2: 8c:44:c1:20:77:95:66:a3:9d:f3:54:eb:22:d9:6e: 6c:2d:8a:7f:7d:dd:5c:6f:37:16:7d:fb:05:72:b3: 4e:d4:2e:06:06:21:6d:f5:94:a2:f5:1d:5f:60:f3: e0:03:2d:0d:c6:c7:81:90:46:d0:ed:61:cc:dd:2d: 3c:24:e3:75:60:ca:5d:7c:9c:9f:76:3a:da:6d:dd: 42:da:65:7e:37:6b:9d:84:05:38:be:d8:63:92:5c: 3c:30:10:e2:19:b3:2e:73:2c:91:59:39:85:27:79: 9b:8e:13:69:0e:5c:b9:98:c1:b8:bd:ce:48:85:e1: f4:93:08:fd:d8:46:bf:c5:1d:ea:22:b3:ba:a1:a0: f4:e7:8a:0e:27:3d:35:b5:65:57:ad:51:64:58:ee: 8b:7a:30:4a:b5:17:a5:b3:93:12:92:62:43:2d:99: b1:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:03:39:ED:FA:BB:15:6C:63:62:F6:1E:E3:41:45:88:3C:71:6C:7A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:a000::/40 Signature Algorithm: sha256WithRSAEncryption 4b:cb:2d:cb:9f:82:67:c1:38:a3:85:90:25:60:db:d3:8f:26: bd:85:0f:a1:92:a7:4c:e8:3c:4e:f5:fd:63:26:57:2c:9a:90: 91:f7:8a:0d:30:db:e4:e6:fd:79:c8:10:96:d5:2a:c3:15:15: af:f2:9b:38:e8:d2:99:bc:63:dd:f7:3b:30:60:fa:be:4a:ef: 3c:77:6f:a3:99:50:96:c4:7b:13:ad:9b:d6:58:13:57:cc:40: a5:cb:ab:b1:b2:5d:7a:a5:ff:9e:52:a0:66:3e:93:e1:22:6c: a8:5d:c2:74:62:b2:f7:4d:51:b2:de:ee:9b:56:53:38:50:f7: c6:44:cd:c2:fe:ec:99:33:f8:ad:66:55:c9:2d:50:14:8d:be: 24:ed:29:75:65:a8:3c:4d:e0:21:81:9b:46:11:ae:40:79:c0: 01:30:53:20:31:96:cd:65:ba:c9:f8:d5:fe:59:68:34:4e:a8: 40:98:95:fa:4c:bb:d1:f0:9d:51:e1:c2:bf:59:5b:7b:36:34: 6d:c1:69:7d:a9:df:67:6e:28:c8:13:38:0a:47:39:30:36:6a: 82:07:6c:63:27:55:71:ce:06:76:41:62:b0:5f:54:05:90:02: 23:bf:d5:37:be:1f:8b:48:91:79:d0:7c:ce:0b:b9:11:a7:11: 95:3b:8a:bc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUB5hfja5l95iR+ypb4BtJm4mUe30wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTEwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIxMjZlMzBiMzE1NTIxZWMzNzRjYWYxMjEwNTEzMWI3OTk1ZWY5N2U1YTEy YzBjNGVjZWFhYzk2ZWVhMTczZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVG53yE2PumcBE63ECJfVcZUlxResEG5Yx6LHsS/LsjxV4wpXex8K30ywDL 03yxeTebbGTRQ5iAVePhhHM4e55zRPNDzpi/PnOJGXN8yIUNJ2zZggLE5N7CjETB IHeVZqOd81TrItlubC2Kf33dXG83Fn37BXKzTtQuBgYhbfWUovUdX2Dz4AMtDcbH gZBG0O1hzN0tPCTjdWDKXXycn3Y62m3dQtplfjdrnYQFOL7YY5JcPDAQ4hmzLnMs kVk5hSd5m44TaQ5cuZjBuL3OSIXh9JMI/dhGv8Ud6iKzuqGg9OeKDic9NbVlV61R ZFjui3owSrUXpbOTEpJiQy2ZsUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAAznt +rsVbGNi9h7jQUWIPHFsejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTIyMTIxNTQtNDMzOS00MjkzLWIxYTgtMTVmMDY1MTlhNzA4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g MA0GCSqGSIb3DQEBCwUAA4IBAQBLyy3Ln4JnwTijhZAlYNvTjya9hQ+hkqdM6DxO 9f1jJlcsmpCR94oNMNvk5v15yBCW1SrDFRWv8ps46NKZvGPd9zswYPq+Su88d2+j mVCWxHsTrZvWWBNXzECly6uxsl16pf+eUqBmPpPhImyoXcJ0YrL3TVGy3u6bVlM4 UPfGRM3C/uyZM/itZlXJLVAUjb4k7Sl1Zag8TeAhgZtGEa5AecABMFMgMZbNZbrJ +NX+WWg0TqhAmJX6TLvR8J1R4cK/WVt7NjRtwWl9qd9nbijIEzgKRzkwNmqCB2xj J1VxzgZ2QWKwX1QFkAIjv9U3vh+LSJF50HzOC7kRpxGVO4q8 -----END CERTIFICATE-----Generated at Fri Jan 2 10:58:33 2026 by rpki-client