This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4e175ead-18b1-4e23-a13e-68ba2a69c2ab.roa File: 4e175ead-18b1-4e23-a13e-68ba2a69c2ab.roa (raw, json) Hash identifier: Lsei6X5mcnlVPdCRzqK1USqdC/NmDLcNiln+deJEFPQ= Subject key identifier: 9F:0F:B4:70:1F:0A:55:21:85:4F:ED:56:EC:F4:BC:91:D5:8C:72:F7 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 435F7752FBBD19D8A5FE53D779CD3EBF2D4B85B4 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4e175ead-18b1-4e23-a13e-68ba2a69c2ab.roa Signing time: Tue 02 Dec 2025 01:40:38 +0000 ROA not before: Tue 02 Dec 2025 01:40:38 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:5f:77:52:fb:bd:19:d8:a5:fe:53:d7:79:cd:3e:bf:2d:4b:85:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:38 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=6385502e646cb31aa964a3e30a663a6a474686e783a4bb4b99c96e37f82a7487, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:cc:57:8e:f1:b2:1f:c8:df:b0:37:c9:04:e3: e5:77:21:76:cb:1e:91:95:a4:67:0a:b0:56:71:89: 3f:77:c0:cb:ec:70:ef:20:fd:e7:f6:a8:6d:0d:b6: 55:22:4e:1e:47:0f:30:87:c7:21:ea:ab:e7:83:c7: 68:87:04:9c:d1:ec:9e:20:4f:e3:ce:f6:63:75:a1: a3:33:85:8b:cd:cd:1d:c0:4b:f1:34:c4:d2:3e:16: c9:31:53:83:fd:ca:15:c2:f7:a3:0e:48:38:3c:ea: 15:ae:f2:63:a6:7a:b3:32:87:63:66:f1:f7:55:dc: 52:97:8a:4d:bf:82:44:f0:ca:64:a3:ff:1a:d3:a8: 29:fa:12:26:da:31:07:5e:02:82:2f:f2:21:f6:90: ce:aa:69:26:77:2b:10:cb:57:62:86:82:d3:4d:c8: 9b:35:50:d9:65:79:93:7e:1f:7e:d8:9c:8b:10:79: d7:e6:b0:e2:3c:68:a5:a9:41:ba:ad:00:4b:74:a5: 66:5b:7f:9f:75:1c:dc:07:07:b9:43:8d:d9:6f:dc: a1:b8:d6:75:4f:ce:54:ad:2c:f2:fe:d4:1b:1d:88: 4a:e9:3d:3f:39:12:d4:cc:ac:de:9a:00:0f:c5:5a: 30:3a:94:0b:83:ad:8c:37:d9:ba:ba:32:00:08:42: cc:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:0F:B4:70:1F:0A:55:21:85:4F:ED:56:EC:F4:BC:91:D5:8C:72:F7 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4e175ead-18b1-4e23-a13e-68ba2a69c2ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:2800::/40 Signature Algorithm: sha256WithRSAEncryption af:61:93:7a:28:8c:17:f1:93:d0:70:a1:b7:5a:ad:2b:50:4e: a3:69:39:93:b5:65:c6:27:cf:12:4f:62:7f:6b:05:01:8f:bd: 95:44:75:55:db:a6:31:2b:29:1f:aa:81:24:06:bf:6d:4a:cf: ea:05:cf:3d:fa:d4:fe:ab:5a:7a:a8:b0:74:5b:c7:56:5b:8c: da:7f:42:6d:f6:0c:67:e5:d5:ec:63:fc:59:2b:d2:0b:b5:37: 25:a0:32:b2:82:d9:da:84:4b:b2:4a:0f:ef:b3:df:24:25:96: b4:94:ac:32:5e:07:e5:30:f9:11:82:1a:d2:83:ef:53:f8:d4: c3:5a:59:a6:54:a8:31:fe:b0:e9:53:ce:18:46:e2:f6:07:7c: 6e:e3:71:4c:f8:88:7d:5f:48:cf:f1:7b:dd:ad:4b:e7:7a:59: 07:34:f7:3d:7b:ff:7f:d6:cc:5c:d7:7e:7e:3b:c8:e2:f5:95: 60:83:25:7d:4d:63:b9:8f:a2:02:4f:77:95:0e:3f:bd:b8:3b: 0e:57:74:f2:5b:78:49:e3:f8:ea:3a:a8:ba:f1:46:76:c2:27: 5b:24:5f:08:c3:a1:c9:b1:bf:9b:9f:c2:29:70:1f:03:8a:19: 36:4b:66:be:b3:26:63:f3:6a:93:9a:96:1b:14:e2:7a:e1:9a: 8d:a5:78:76 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUQ193Uvu9Gdil/lPXec0+vy1LhbQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDYzODU1MDJlNjQ2Y2IzMWFhOTY0YTNlMzBhNjYzYTZhNDc0Njg2ZTc4M2E0 YmI0Yjk5Yzk2ZTM3ZjgyYTc0ODcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHMV47xsh/I37A3yQTj5XchdssekZWkZwqwVnGJP3fAy+xw7yD95/aobQ22 VSJOHkcPMIfHIeqr54PHaIcEnNHsniBP4872Y3WhozOFi83NHcBL8TTE0j4WyTFT g/3KFcL3ow5IODzqFa7yY6Z6szKHY2bx91XcUpeKTb+CRPDKZKP/GtOoKfoSJtox B14Cgi/yIfaQzqppJncrEMtXYoaC003ImzVQ2WV5k34ffticixB51+aw4jxopalB uq0AS3SlZlt/n3Uc3AcHuUON2W/cobjWdU/OVK0s8v7UGx2ISuk9PzkS1Mys3poA D8VaMDqUC4OtjDfZuroyAAhCzHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfD7Rw HwpVIYVP7Vbs9LyR1Yxy9zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NGUxNzVlYWQtMThiMS00ZTIzLWExM2UtNjhiYTJhNjljMmFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Mo MA0GCSqGSIb3DQEBCwUAA4IBAQCvYZN6KIwX8ZPQcKG3Wq0rUE6jaTmTtWXGJ88S T2J/awUBj72VRHVV26YxKykfqoEkBr9tSs/qBc89+tT+q1p6qLB0W8dWW4zaf0Jt 9gxn5dXsY/xZK9ILtTcloDKygtnahEuySg/vs98kJZa0lKwyXgflMPkRghrSg+9T +NTDWlmmVKgx/rDpU84YRuL2B3xu43FM+Ih9X0jP8XvdrUvnelkHNPc9e/9/1sxc 135+O8ji9ZVggyV9TWO5j6ICT3eVDj+9uDsOV3TyW3hJ4/jqOqi68UZ2widbJF8I w6HJsb+bn8IpcB8Dihk2S2a+syZj82qTmpYbFOJ64ZqNpXh2 -----END CERTIFICATE-----Generated at Sat Dec 6 20:51:14 2025 by rpki-client