This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f80fda1-9681-4549-9269-31023c00bc49.roa File: 4f80fda1-9681-4549-9269-31023c00bc49.roa (raw, json) Hash identifier: o7L2AaoIkglong2HX50xklwY0P2eubfMfiR1flkY0wU= Subject key identifier: 0A:E2:80:28:BB:52:DE:F0:62:D0:B6:53:80:C6:D4:1D:CD:DC:5E:B1 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 37DEE4869B91586757D8A7B83CCC2D2E5C681E74 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f80fda1-9681-4549-9269-31023c00bc49.roa Signing time: Tue 02 Dec 2025 01:40:07 +0000 ROA not before: Tue 02 Dec 2025 01:40:07 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2001:3fc3:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:de:e4:86:9b:91:58:67:57:d8:a7:b8:3c:cc:2d:2e:5c:68:1e:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:07 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=121eeb6d8d4e87c5a5c14656e0eb77cb19c350e7b1787ee2bafa746174d0df80, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:62:e0:30:6d:fb:de:b4:5e:40:a1:dc:45:b5: b2:0a:9a:fd:fd:b0:04:31:f8:31:54:2b:f0:a4:43: 9e:26:d6:df:8d:87:dc:d9:f5:7f:68:f8:5b:ac:1e: af:0e:e6:9c:d2:0f:5e:7f:18:88:d0:24:7f:ec:fd: 71:14:8a:b3:b2:43:a2:bb:4e:4d:f2:b7:35:c4:b3: a7:cc:eb:56:e9:4c:11:9f:5b:c2:f5:5c:64:f2:3a: a5:0d:93:ba:3a:14:c5:45:07:ce:99:33:b2:3f:1f: 42:fa:cc:cc:01:29:77:45:57:f7:ab:56:36:d3:ea: 05:29:fb:af:4d:58:fc:99:84:f1:8e:5f:b7:94:05: f2:14:0d:5e:c6:2b:b7:6e:33:79:0f:fe:4c:2e:fb: f5:eb:c1:6f:a4:18:b1:6a:ee:3e:c5:0a:02:6f:ea: f9:11:7c:61:35:35:d8:a2:73:b5:54:38:e6:76:e4: 7c:b0:72:31:22:78:c4:bc:55:84:f4:08:54:e9:e7: 34:5f:9f:7e:6f:f7:af:fd:8a:88:55:01:36:f6:b0: 82:ae:7a:4b:0c:03:4d:93:61:10:57:49:1d:dc:bd: 4e:70:d3:0d:f3:a5:be:96:ba:bd:06:73:dd:f8:4a: 68:f8:c4:86:bd:9a:27:d2:43:ef:37:06:45:39:f2: 81:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:E2:80:28:BB:52:DE:F0:62:D0:B6:53:80:C6:D4:1D:CD:DC:5E:B1 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f80fda1-9681-4549-9269-31023c00bc49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:800::/40 Signature Algorithm: sha256WithRSAEncryption a8:88:46:4a:23:cd:0d:24:65:67:92:02:76:e5:15:cb:dd:2d: 08:e7:03:39:d1:f5:39:93:96:ff:2d:8f:12:e5:56:df:14:40: d3:1a:98:92:54:96:bb:8f:4a:e5:bc:92:35:40:35:66:97:7b: 95:6f:80:c3:3e:03:3e:76:63:3c:46:c9:67:a7:6d:95:eb:82: 35:cd:01:ce:47:86:a3:df:f4:87:dd:ea:34:55:a0:c0:fc:6f: 6a:01:13:61:6c:76:c7:a2:00:21:96:00:ce:32:9c:f7:f8:3f: bc:23:59:34:77:9e:30:b4:e0:39:0e:4b:2f:34:10:b3:3b:63: de:59:cd:88:fe:91:2f:0f:7e:d6:64:83:15:3c:81:9e:30:c9: bc:7d:36:b9:fe:ca:a5:7e:7a:16:26:00:0d:31:76:61:0e:02: 7b:d2:cf:c4:2a:d3:8a:1a:4f:dc:8a:17:34:0b:73:90:66:1e: 19:70:e4:7e:0d:d8:23:46:d2:5b:5a:cb:02:b2:e1:ba:55:4d: 09:a9:da:eb:9f:0d:ae:04:b2:06:28:f5:c1:7b:d7:d7:aa:5c: f7:3a:94:46:cc:c5:d9:48:1f:03:de:33:a6:4c:63:f5:18:24: f0:42:c8:46:8f:99:e2:99:06:81:ad:a3:f2:98:7f:68:2d:de: ce:56:17:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUN97khpuRWGdX2Ke4PMwtLlxoHnQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMDdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDEyMWVlYjZkOGQ0ZTg3YzVhNWMxNDY1NmUwZWI3N2NiMTljMzUwZTdiMTc4 N2VlMmJhZmE3NDYxNzRkMGRmODAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFi4DBt+960XkCh3EW1sgqa/f2wBDH4MVQr8KRDnibW342H3Nn1f2j4W6we rw7mnNIPXn8YiNAkf+z9cRSKs7JDortOTfK3NcSzp8zrVulMEZ9bwvVcZPI6pQ2T ujoUxUUHzpkzsj8fQvrMzAEpd0VX96tWNtPqBSn7r01Y/JmE8Y5ft5QF8hQNXsYr t24zeQ/+TC779evBb6QYsWruPsUKAm/q+RF8YTU12KJztVQ45nbkfLByMSJ4xLxV hPQIVOnnNF+ffm/3r/2KiFUBNvawgq56SwwDTZNhEFdJHdy9TnDTDfOlvpa6vQZz 3fhKaPjEhr2aJ9JD7zcGRTnygSkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQK4oAo u1Le8GLQtlOAxtQdzdxesTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NGY4MGZkYTEtOTY4MS00NTQ5LTkyNjktMzEwMjNjMDBiYzQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI MA0GCSqGSIb3DQEBCwUAA4IBAQCoiEZKI80NJGVnkgJ25RXL3S0I5wM50fU5k5b/ LY8S5VbfFEDTGpiSVJa7j0rlvJI1QDVml3uVb4DDPgM+dmM8Rslnp22V64I1zQHO R4aj3/SH3eo0VaDA/G9qARNhbHbHogAhlgDOMpz3+D+8I1k0d54wtOA5DksvNBCz O2PeWc2I/pEvD37WZIMVPIGeMMm8fTa5/sqlfnoWJgANMXZhDgJ70s/EKtOKGk/c ihc0C3OQZh4ZcOR+DdgjRtJbWssCsuG6VU0Jqdrrnw2uBLIGKPXBe9fXqlz3OpRG zMXZSB8D3jOmTGP1GCTwQshGj5nimQaBraPymH9oLd7OVhfU -----END CERTIFICATE-----Generated at Sat Dec 6 10:49:29 2025 by rpki-client