This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json) Hash identifier: ga+XnU4iPXWPl1h9GW7mymQ5CDDDPkwGrxP/CWecAJE= Subject key identifier: C3:72:D0:D6:3D:D8:8E:37:C9:FB:66:05:3F:51:FA:DA:20:BC:CD:0E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3D6CB26741BEF266B24F3B2DA490702C6065B5BE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa Signing time: Wed 10 Dec 2025 05:30:59 +0000 ROA not before: Wed 10 Dec 2025 05:30:59 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:6c:b2:67:41:be:f2:66:b2:4f:3b:2d:a4:90:70:2c:60:65:b5:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:59 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=36e960d22fd10446062742fbe61a87a37c1ec8a2dbd5f961128fa76927f78510, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0a:8d:a0:55:13:ac:df:f8:7d:b5:da:c5:95: 48:19:9b:ad:1c:d9:a3:f1:6d:29:c7:7b:55:a2:b7: 4c:94:44:e1:04:7b:8a:63:cf:c7:81:40:00:39:d1: 06:a8:2f:ed:70:36:12:8a:3e:8f:69:e8:87:5e:6b: d7:f1:98:95:f3:6c:ac:91:21:7c:21:c8:a7:08:f3: c5:92:41:88:bd:34:09:0b:e6:68:ef:d5:82:f9:2a: 8d:ef:ab:1c:66:a3:b8:12:3d:5c:b5:e2:b2:2c:8f: 5f:58:b1:d2:ed:a4:a3:88:12:81:4f:70:d8:45:7f: 6c:15:9b:3c:dc:2e:54:f3:b8:74:fe:81:ab:a5:dd: 76:bb:81:92:8b:12:ed:ca:d7:90:19:36:75:43:21: 58:6d:ec:45:d3:d4:41:d1:10:0f:5b:ff:31:34:1a: 6f:55:54:4b:f3:d3:f3:98:56:60:4d:45:5b:b0:8a: d8:a0:8a:54:cd:93:7f:77:22:1c:c5:9a:b3:7f:dd: 82:75:27:62:4c:a1:7c:a6:2f:5b:6c:f4:80:3f:72: 45:a6:89:99:cd:03:50:84:47:6a:cd:8f:c0:e5:e1: fc:63:3c:6e:50:f8:93:bd:6b:62:c0:15:9e:4a:b3: 64:a6:df:69:23:43:ef:db:f3:25:6e:49:5b:e8:85: f7:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:72:D0:D6:3D:D8:8E:37:C9:FB:66:05:3F:51:FA:DA:20:BC:CD:0E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 24:91:a7:7c:38:54:00:81:00:95:43:5c:a9:6b:bd:c8:d9:e8: 63:cc:7e:37:3a:08:5c:9a:02:d0:7e:e3:86:9b:24:8e:b8:b8: 36:8d:f4:fa:af:75:80:31:4e:62:ba:6e:3b:fb:a4:92:04:5c: 4c:51:a2:51:26:06:01:82:02:84:6a:c8:8e:3e:8e:08:33:4f: a8:a9:57:d5:78:92:c9:f4:a5:39:c2:0a:06:e8:51:29:85:e1: bd:04:4b:63:24:ce:fb:86:e8:fe:f9:2f:fb:91:77:e9:6e:77: 85:9c:d9:4a:4b:2d:7a:22:19:af:33:37:08:bc:20:0f:0d:5f: 55:a0:3f:53:87:8d:45:b4:66:0e:97:57:2c:c7:30:23:ba:60: 54:6d:94:ac:0c:f8:4c:ab:56:1d:56:de:ba:bf:f3:cf:75:05: a3:4e:46:c9:d7:2d:e5:07:70:64:28:b0:88:4f:f5:66:92:42: 68:b2:fe:a8:a9:40:97:92:4e:12:39:12:fc:8a:99:84:f7:70: 25:f9:1f:ca:14:8f:dd:4c:97:61:ff:06:ba:a9:63:02:b7:53: 8a:00:0b:13:10:08:c1:29:b0:15:09:7d:4b:27:ef:bc:a1:b8: 71:d4:2f:12:62:0b:6f:0a:9c:8d:ea:f4:2b:7d:63:af:93:bf: 21:92:ac:c0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUPWyyZ0G+8mayTzstpJBwLGBltb4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDM2ZTk2MGQyMmZkMTA0NDYwNjI3NDJmYmU2MWE4N2EzN2MxZWM4YTJkYmQ1 Zjk2MTEyOGZhNzY5MjdmNzg1MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKoKjaBVE6zf+H212sWVSBmbrRzZo/FtKcd7VaK3TJRE4QR7imPPx4FAADnR Bqgv7XA2Eoo+j2noh15r1/GYlfNsrJEhfCHIpwjzxZJBiL00CQvmaO/Vgvkqje+r HGajuBI9XLXisiyPX1ix0u2ko4gSgU9w2EV/bBWbPNwuVPO4dP6Bq6XddruBkosS 7crXkBk2dUMhWG3sRdPUQdEQD1v/MTQab1VUS/PT85hWYE1FW7CK2KCKVM2Tf3ci HMWas3/dgnUnYkyhfKYvW2z0gD9yRaaJmc0DUIRHas2PwOXh/GM8blD4k71rYsAV nkqzZKbfaSND79vzJW5JW+iF99cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDctDW PdiON8n7ZgU/UfraILzNDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg wDANBgkqhkiG9w0BAQsFAAOCAQEAJJGnfDhUAIEAlUNcqWu9yNnoY8x+NzoIXJoC 0H7jhpskjri4No30+q91gDFOYrpuO/ukkgRcTFGiUSYGAYIChGrIjj6OCDNPqKlX 1XiSyfSlOcIKBuhRKYXhvQRLYyTO+4bo/vkv+5F36W53hZzZSksteiIZrzM3CLwg Dw1fVaA/U4eNRbRmDpdXLMcwI7pgVG2UrAz4TKtWHVbeur/zz3UFo05Gydct5Qdw ZCiwiE/1ZpJCaLL+qKlAl5JOEjkS/IqZhPdwJfkfyhSP3UyXYf8GuqljArdTigAL ExAIwSmwFQl9SyfvvKG4cdQvEmILbwqcjer0K31jr5O/IZKswA== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:25 2026 by rpki-client