This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1eb0687e-b90a-4da4-a523-dc06e2dd8c1d.roa File: 1eb0687e-b90a-4da4-a523-dc06e2dd8c1d.roa (raw, json) Hash identifier: gNguSMalB8lrUarctjG2qoRhtpDcp8hr0XMSg7Z/zLw= Subject key identifier: A0:D4:B2:7A:E3:00:80:38:8A:38:25:D1:F9:5B:33:23:D3:74:AA:A9 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 2BD256E5229B068BD49DEE16A9B5C085C3B5C7B3 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1eb0687e-b90a-4da4-a523-dc06e2dd8c1d.roa Signing time: Tue 02 Dec 2025 01:30:14 +0000 ROA not before: Tue 02 Dec 2025 01:30:14 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:8::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:d2:56:e5:22:9b:06:8b:d4:9d:ee:16:a9:b5:c0:85:c3:b5:c7:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:14 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=11b4ebe8eaa8e548ca835a2a32d808b672bfbc40faf3fb2fca178fbcad047be5, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:5e:84:b7:72:7a:ee:fd:de:33:07:8d:43:88: 99:cb:04:7a:60:f8:f0:2f:a9:7a:c5:15:04:2b:45: 01:ba:fc:ac:67:ea:b4:8d:7e:da:47:1b:ce:09:28: d9:15:ff:94:5b:af:a6:de:05:19:34:44:c9:1d:59: fc:85:ca:fc:04:2d:1e:42:93:4c:c0:29:2d:c4:8f: b1:9e:09:a0:a3:33:24:8a:ae:60:c7:ca:c8:52:6e: ef:63:6f:49:9e:a4:6b:c9:e2:fd:df:92:5f:eb:ab: a8:7a:90:8c:c2:97:4e:7b:38:eb:9f:29:c5:ac:00: 93:4e:66:94:0e:75:82:8c:0b:84:f0:3b:cb:d2:a2: 9b:42:2a:dc:76:d7:6b:69:b7:fd:32:39:70:9b:7b: b3:80:5a:45:63:7b:9e:ab:60:86:b5:2e:73:23:a9: 05:de:0b:c6:06:bc:e6:b6:6b:a9:fa:6d:5b:0e:6f: de:e4:ca:aa:72:ef:66:44:a5:a0:9f:bf:90:76:bd: 21:7c:99:47:0b:ea:7f:4d:85:c8:93:e4:b6:3e:b8: 59:4f:63:86:0f:ec:ae:4a:7a:6f:2f:4d:ce:5a:78: 3c:7d:48:9b:29:81:6c:54:08:66:e2:af:5d:bc:6c: 24:41:46:ac:cf:71:70:6c:60:84:11:2e:bb:87:43: 45:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D4:B2:7A:E3:00:80:38:8A:38:25:D1:F9:5B:33:23:D3:74:AA:A9 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1eb0687e-b90a-4da4-a523-dc06e2dd8c1d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:8::/47 Signature Algorithm: sha256WithRSAEncryption cc:94:02:aa:e5:1b:0d:09:b8:47:b7:ba:92:ca:e6:e7:9b:4b: 11:a7:54:1e:29:a5:5e:57:6c:63:ac:8e:5a:91:b4:f9:a4:d3: b1:1d:80:64:a3:f4:b5:6a:b8:d5:73:4e:f9:c9:c0:63:f9:3b: ef:a2:10:01:5a:68:2e:c6:f9:7c:31:9e:19:53:8f:7d:0b:d9: 5f:0b:7f:e1:ea:d5:30:0d:fd:76:55:aa:8c:b9:0c:58:98:14: 3b:2c:50:80:22:df:bd:c5:bf:78:37:a1:36:c0:c0:0d:10:ea: 3e:2b:f1:77:1b:9b:51:a5:a9:51:3c:bb:4b:53:1f:82:d6:56: d6:0d:93:a4:65:c8:ab:55:c4:05:a6:3d:bb:df:8e:ac:43:97: 32:4c:58:24:c1:dd:12:0b:a7:a4:57:ab:b8:50:9c:83:c9:69: 17:3c:c1:65:d9:30:7d:75:1f:d9:83:ab:64:13:39:89:4b:98: fc:26:23:8a:7f:92:9a:bd:78:11:7d:31:aa:4f:b0:19:1d:89: 96:5f:9d:43:af:11:f5:df:f6:b7:40:84:2b:01:2d:e8:c9:79: 97:9c:c2:ef:d6:32:7f:29:69:80:69:60:68:e9:61:b7:ea:2f: b9:d4:98:de:fa:2c:50:a3:0c:99:1c:86:97:f9:55:65:06:dd: 9e:1c:5c:17 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUK9JW5SKbBovUne4WqbXAhcO1x7MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDExYjRlYmU4ZWFhOGU1NDhjYTgzNWEyYTMyZDgwOGI2NzJiZmJjNDBmYWYz ZmIyZmNhMTc4ZmJjYWQwNDdiZTUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFehLdyeu793jMHjUOImcsEemD48C+pesUVBCtFAbr8rGfqtI1+2kcbzgko 2RX/lFuvpt4FGTREyR1Z/IXK/AQtHkKTTMApLcSPsZ4JoKMzJIquYMfKyFJu72Nv SZ6ka8ni/d+SX+urqHqQjMKXTns4658pxawAk05mlA51gowLhPA7y9Kim0Iq3HbX a2m3/TI5cJt7s4BaRWN7nqtghrUucyOpBd4Lxga85rZrqfptWw5v3uTKqnLvZkSl oJ+/kHa9IXyZRwvqf02FyJPktj64WU9jhg/srkp6by9Nzlp4PH1ImymBbFQIZuKv XbxsJEFGrM9xcGxghBEuu4dDRTMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSg1LJ6 4wCAOIo4JdH5WzMj03SqqTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MWViMDY4N2UtYjkwYS00ZGE0LWE1MjMtZGMwNmUyZGQ4YzFkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA CDANBgkqhkiG9w0BAQsFAAOCAQEAzJQCquUbDQm4R7e6ksrm55tLEadUHimlXlds Y6yOWpG0+aTTsR2AZKP0tWq41XNO+cnAY/k776IQAVpoLsb5fDGeGVOPfQvZXwt/ 4erVMA39dlWqjLkMWJgUOyxQgCLfvcW/eDehNsDADRDqPivxdxubUaWpUTy7S1Mf gtZW1g2TpGXIq1XEBaY9u9+OrEOXMkxYJMHdEgunpFeruFCcg8lpFzzBZdkwfXUf 2YOrZBM5iUuY/CYjin+Smr14EX0xqk+wGR2Jll+dQ68R9d/2t0CEKwEt6Ml5l5zC 79YyfylpgGlgaOlht+ovudSY3vosUKMMmRyGl/lVZQbdnhxcFw== -----END CERTIFICATE-----Generated at Sat Dec 6 20:51:02 2025 by rpki-client