This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/3fe8d737-6af0-4f49-813a-04581455d703.roa File: 3fe8d737-6af0-4f49-813a-04581455d703.roa (raw, json) Hash identifier: Ny/0JiH75+33RT+l/p/Q+511nCpQApqDbCW9tn002SI= Subject key identifier: 86:22:D4:E3:B8:F5:7B:30:AB:06:F9:01:EF:9B:2E:8E:9E:11:B2:4B Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 7C60CEAE8142F699BB907AA92D37DAF66BB773D2 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/3fe8d737-6af0-4f49-813a-04581455d703.roa Signing time: Tue 02 Dec 2025 01:30:16 +0000 ROA not before: Tue 02 Dec 2025 01:30:16 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc5:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:60:ce:ae:81:42:f6:99:bb:90:7a:a9:2d:37:da:f6:6b:b7:73:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:16 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=fe377725da06483b61bfbe63180d36cf7e55bebc90f1f074d0b54c403464ef02, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:67:20:9e:3d:2b:22:22:a2:cb:f5:55:76:ff: 22:28:76:66:e6:13:fc:34:31:f1:b1:9f:ec:f9:59: 8e:99:1d:58:11:f2:fd:33:cd:bb:8a:41:78:fb:da: 70:a5:86:2c:e7:b0:a6:cb:32:25:2b:dc:cf:e9:70: 7a:84:6e:61:ab:c0:1f:4f:2b:33:5e:46:db:48:15: dd:af:73:23:fb:49:89:15:03:8e:f2:dc:77:e9:1b: 35:81:6b:ef:62:09:a4:ea:2b:51:92:d1:d5:7b:72: f0:c0:9c:65:8f:1f:be:42:58:a7:98:81:c2:d5:5e: ed:5c:57:03:82:80:65:a5:90:05:57:da:47:b5:12: 0e:b9:aa:e0:aa:6d:61:ee:67:11:e8:94:95:8e:cd: dc:bb:4d:11:30:55:7d:a5:ff:c5:1f:81:fc:73:50: 82:d0:c3:06:75:6b:2b:af:d4:82:bd:4a:58:ae:29: 5b:9f:f8:3d:8c:42:39:61:67:81:3e:9e:9b:7c:d7: 1f:1c:79:36:d3:d9:ee:2a:2a:d4:c3:7f:68:b3:8f: 15:64:fc:16:89:93:76:0d:c3:97:90:d4:bc:0c:6a: 62:82:97:86:95:8a:2d:ae:f8:bd:0d:8c:8b:6b:7e: da:2f:78:b8:a2:b3:92:ff:ce:5c:e3:2d:e4:24:3b: a7:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:22:D4:E3:B8:F5:7B:30:AB:06:F9:01:EF:9B:2E:8E:9E:11:B2:4B X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/3fe8d737-6af0-4f49-813a-04581455d703.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc5:8800::/40 Signature Algorithm: sha256WithRSAEncryption 9d:3d:2a:c2:ae:d5:0a:cf:79:a4:4b:7c:04:39:18:b2:e5:42: f4:58:fa:47:43:7d:95:5d:66:47:a9:a3:1a:03:b1:37:29:b9: 45:c5:5d:b3:5e:ef:b8:85:e0:5e:66:38:23:80:73:11:31:60: 54:c1:ec:ae:b9:61:fa:ca:3b:91:6d:c2:92:9c:9d:cc:e2:ca: a1:58:fd:80:d2:44:c9:50:70:0f:4f:3c:a9:50:cb:83:6c:7d: 5a:e5:b6:30:26:72:a4:87:7b:ac:29:7a:c6:a2:00:41:6e:8f: 2b:44:85:84:9c:a4:fd:c8:0b:c0:26:b3:db:8d:56:03:63:3e: e0:9b:8f:66:e3:de:9c:54:19:c7:f8:83:2e:7c:10:34:2b:91: 0b:4e:aa:20:d0:90:b9:4c:55:77:1d:23:8d:0c:9c:fd:c3:03: 74:6f:85:d9:34:d6:da:6c:85:40:a1:a5:3d:58:4c:92:fe:24: 76:d9:6c:53:e8:91:aa:41:d1:19:f2:a6:87:cd:40:d3:d1:a2: 9e:c8:f5:a1:6b:ae:07:a6:1e:60:5e:64:d8:84:d3:2d:80:01: f8:25:08:6e:4a:ba:77:0c:b5:e6:04:66:b6:b8:99:4e:7b:a0: 24:97:ed:c0:5e:b9:c1:bd:53:c7:6a:cc:7a:5a:ea:dd:c3:97: 9f:af:83:53 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfGDOroFC9pm7kHqpLTfa9mu3c9IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGZlMzc3NzI1ZGEwNjQ4M2I2MWJmYmU2MzE4MGQzNmNmN2U1NWJlYmM5MGYx ZjA3NGQwYjU0YzQwMzQ2NGVmMDIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOlnIJ49KyIiosv1VXb/Iih2ZuYT/DQx8bGf7PlZjpkdWBHy/TPNu4pBePva cKWGLOewpssyJSvcz+lweoRuYavAH08rM15G20gV3a9zI/tJiRUDjvLcd+kbNYFr 72IJpOorUZLR1Xty8MCcZY8fvkJYp5iBwtVe7VxXA4KAZaWQBVfaR7USDrmq4Kpt Ye5nEeiUlY7N3LtNETBVfaX/xR+B/HNQgtDDBnVrK6/Ugr1KWK4pW5/4PYxCOWFn gT6em3zXHxx5NtPZ7ioq1MN/aLOPFWT8FomTdg3Dl5DUvAxqYoKXhpWKLa74vQ2M i2t+2i94uKKzkv/OXOMt5CQ7p4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGItTj uPV7MKsG+QHvmy6OnhGySzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv M2ZlOGQ3MzctNmFmMC00ZjQ5LTgxM2EtMDQ1ODE0NTVkNzAzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI MA0GCSqGSIb3DQEBCwUAA4IBAQCdPSrCrtUKz3mkS3wEORiy5UL0WPpHQ32VXWZH qaMaA7E3KblFxV2zXu+4heBeZjgjgHMRMWBUweyuuWH6yjuRbcKSnJ3M4sqhWP2A 0kTJUHAPTzypUMuDbH1a5bYwJnKkh3usKXrGogBBbo8rRIWEnKT9yAvAJrPbjVYD Yz7gm49m496cVBnH+IMufBA0K5ELTqog0JC5TFV3HSONDJz9wwN0b4XZNNbabIVA oaU9WEyS/iR22WxT6JGqQdEZ8qaHzUDT0aKeyPWha64Hph5gXmTYhNMtgAH4JQhu Srp3DLXmBGa2uJlOe6Akl+3AXrnBvVPHasx6Wurdw5efr4NT -----END CERTIFICATE-----Generated at Sat Dec 6 09:48:35 2025 by rpki-client