This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa File: 1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa (raw, json) Hash identifier: J0V+QtJhnDa83XOHc0JIfgd0kisLAj1p8VbuesI+tfI= Subject key identifier: BD:E6:2B:F6:F1:60:50:32:F4:4F:56:BD:94:5D:0D:7C:DD:75:BC:E9 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 667A21800C00D1FAF1846A2DEF6CE248B5C3877C Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa Signing time: Tue 02 Dec 2025 01:40:35 +0000 ROA not before: Tue 02 Dec 2025 01:40:35 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:6000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:7a:21:80:0c:00:d1:fa:f1:84:6a:2d:ef:6c:e2:48:b5:c3:87:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:35 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=285755c2fa37545a44f587b8db502a292bf1def8f824c2e7586f2dc50f322edb, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:62:8f:31:1f:20:67:4c:90:a0:60:c8:a5:46: 1e:ff:ba:e3:4c:75:2d:6d:85:ef:99:c3:61:e0:ff: 13:7e:6c:af:73:ea:9d:6c:de:53:df:ff:61:31:17: 21:fe:96:73:37:db:c1:11:4a:fc:88:bb:c8:49:6f: 5b:25:de:33:e1:8e:bf:db:18:a4:50:22:4f:15:48: 91:7c:2a:ba:c9:71:ad:6c:21:8a:cf:b2:3f:3f:a9: ca:b5:6a:e5:e8:79:87:85:15:86:9b:c5:55:57:13: 0c:32:db:51:10:48:3e:68:6e:85:c7:93:b9:a8:08: 5b:2f:00:f2:b0:44:cf:e7:f1:e6:af:c7:02:6a:18: 62:83:7b:3e:d3:63:5a:8e:26:4a:42:6a:97:a1:2e: df:1d:56:6f:a1:af:5e:b8:a5:c2:c2:ec:6d:6d:9c: fc:52:02:4a:df:44:26:63:3e:f3:96:ce:bb:56:a9: dd:39:5f:e9:b0:3c:4b:c0:92:a4:65:58:e2:45:e5: f3:14:79:f6:bb:b8:c5:df:7c:bd:ad:d2:fb:29:b7: 6a:e7:95:87:ea:b3:1a:45:21:32:0b:d6:c0:ef:e5: 8e:97:fc:d7:72:a4:48:2a:98:23:55:dc:a5:68:8e: 5d:cc:f8:66:f8:4a:0d:31:96:62:05:22:63:dc:79: fb:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:E6:2B:F6:F1:60:50:32:F4:4F:56:BD:94:5D:0D:7C:DD:75:BC:E9 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:6000::/36 Signature Algorithm: sha256WithRSAEncryption 27:cf:4e:53:09:78:61:28:65:14:fe:d3:28:4b:d3:0e:3d:b0: f0:52:f0:b8:73:6e:b5:76:1a:92:b9:7c:ec:dc:3d:49:56:bd: 33:99:d8:fe:14:46:2b:d9:cc:9b:87:74:b6:cb:82:90:8f:35: fa:1d:e1:32:72:63:a5:c1:8e:3b:2c:cc:76:cd:20:df:60:0c: 6e:2c:85:7a:21:87:9f:42:96:8f:6e:18:b2:0b:8c:0b:e0:34: 12:ad:9d:2e:84:9b:eb:50:c5:68:a6:fb:14:00:55:45:d2:f6: 77:17:94:3d:28:2b:2c:a6:31:04:30:06:e0:98:07:5f:e5:27: be:33:7b:b1:ee:ca:20:b9:c8:bf:c3:af:b2:ba:d0:be:3c:65: c3:39:3c:35:4f:a0:00:94:ef:0d:03:a1:41:1f:f1:40:0e:db: 68:5e:4c:ac:7f:db:7b:b4:38:d2:0b:ef:ee:d6:06:b4:3e:d2: 90:4a:3e:d6:bb:96:b0:83:d1:19:2f:49:c0:f2:27:39:ac:c3: f5:e7:ad:0d:fd:80:ab:0d:90:2b:1b:24:89:de:41:8e:e3:65: d1:0a:83:8d:ed:f7:c6:29:9a:40:09:35:7b:97:63:9c:cf:59: da:80:5e:44:ba:9a:ef:56:19:4f:28:84:29:22:3e:c9:1c:f8: b5:0c:85:8d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZnohgAwA0frxhGot72ziSLXDh3wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzVaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDI4NTc1NWMyZmEzNzU0NWE0NGY1ODdiOGRiNTAyYTI5MmJmMWRlZjhmODI0 YzJlNzU4NmYyZGM1MGYzMjJlZGIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMtijzEfIGdMkKBgyKVGHv+640x1LW2F75nDYeD/E35sr3PqnWzeU9//YTEX If6WczfbwRFK/Ii7yElvWyXeM+GOv9sYpFAiTxVIkXwquslxrWwhis+yPz+pyrVq 5eh5h4UVhpvFVVcTDDLbURBIPmhuhceTuagIWy8A8rBEz+fx5q/HAmoYYoN7PtNj Wo4mSkJql6Eu3x1Wb6GvXrilwsLsbW2c/FICSt9EJmM+85bOu1ap3Tlf6bA8S8CS pGVY4kXl8xR59ru4xd98va3S+ym3aueVh+qzGkUhMgvWwO/ljpf813KkSCqYI1Xc pWiOXcz4ZvhKDTGWYgUiY9x5+y8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS95iv2 8WBQMvRPVr2UXQ183XW86TAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MTkzNGRjNWUtODIwMS00ZmUyLWI3ZDUtNmJjNWZkMTVmNzIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Ng MA0GCSqGSIb3DQEBCwUAA4IBAQAnz05TCXhhKGUU/tMoS9MOPbDwUvC4c261dhqS uXzs3D1JVr0zmdj+FEYr2cybh3S2y4KQjzX6HeEycmOlwY47LMx2zSDfYAxuLIV6 IYefQpaPbhiyC4wL4DQSrZ0uhJvrUMVopvsUAFVF0vZ3F5Q9KCsspjEEMAbgmAdf 5Se+M3ux7soguci/w6+yutC+PGXDOTw1T6AAlO8NA6FBH/FADttoXkysf9t7tDjS C+/u1ga0PtKQSj7Wu5awg9EZL0nA8ic5rMP1560N/YCrDZArGySJ3kGO42XRCoON 7ffGKZpACTV7l2Ocz1nagF5EuprvVhlPKIQpIj7JHPi1DIWN -----END CERTIFICATE-----Generated at Sat Dec 6 20:51:08 2025 by rpki-client