This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/76596d4d-5093-4468-a590-5fe51a279b6f.roa File: 76596d4d-5093-4468-a590-5fe51a279b6f.roa (raw, json) Hash identifier: 45F1V8PdtSuBA2oUiCw0KYervaoSKOEuewgz0PXQt00= Subject key identifier: 6C:11:1B:9C:0D:8A:D6:2A:EB:9D:80:02:05:04:4A:6F:1B:7B:BD:46 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 097015944C0674D41A73103D5DA478A9EA370A43 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/76596d4d-5093-4468-a590-5fe51a279b6f.roa Signing time: Tue 02 Dec 2025 01:40:20 +0000 ROA not before: Tue 02 Dec 2025 01:40:20 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:70:15:94:4c:06:74:d4:1a:73:10:3d:5d:a4:78:a9:ea:37:0a:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:20 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=f614405ee1d9e246e299ed7cd97ed6d803e1bb5a8ad9a73a8d44b56c0d8cbcbe, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:bd:f1:7e:ad:6c:06:79:48:5f:74:ba:89:1b: 16:bc:c3:f4:b6:b6:db:6f:bb:84:fb:47:9b:96:10: d3:4a:77:23:d9:65:11:95:34:4f:ef:f7:0c:2e:c2: 0e:0b:bf:a5:8c:33:6b:dd:d3:79:de:d9:a5:35:5f: 75:54:3b:97:ef:54:c5:04:81:51:59:4f:84:70:54: f2:1c:e7:78:9c:3a:c6:c1:e4:14:35:40:64:6d:22: 59:a9:b2:bd:8c:76:04:d6:53:82:5f:d1:0c:4a:a8: 66:c7:bd:97:aa:70:ad:47:29:24:64:3a:35:d6:59: ca:e8:17:be:64:47:03:a5:d8:4f:7f:52:06:b2:6d: 9e:71:32:19:c8:b3:03:4f:98:a2:4b:cd:e0:5a:ac: 1d:21:8c:6d:0c:f0:15:6b:61:08:d3:5b:6b:9a:8c: 8b:2a:00:63:bf:b2:0b:96:ce:12:1c:04:9b:70:49: d5:80:dc:e1:6a:67:2e:94:16:0d:1b:5e:d7:e7:79: c3:0d:46:0e:f5:30:c5:2e:c8:b5:da:39:aa:17:89: ba:80:c0:93:0c:de:6a:33:b4:77:79:95:0e:a2:32: 97:2f:6b:1e:45:1a:72:c8:35:76:a3:bc:4a:2e:5f: 9b:f5:1b:a3:60:93:02:a2:5b:01:cb:52:9b:b6:cf: 0b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:11:1B:9C:0D:8A:D6:2A:EB:9D:80:02:05:04:4A:6F:1B:7B:BD:46 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/76596d4d-5093-4468-a590-5fe51a279b6f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:8800::/40 Signature Algorithm: sha256WithRSAEncryption 07:2b:cb:22:33:9d:8c:06:13:67:a4:1c:39:e1:8f:de:0b:1c: ff:61:ef:1d:b2:96:74:40:b4:ac:3a:a5:49:3e:ee:4d:89:5c: 93:0a:59:ed:7a:45:ed:45:af:04:5a:8b:f8:19:10:d2:29:2d: 09:76:60:f5:42:e1:80:7b:85:00:b1:14:e7:41:b9:97:2c:08: 22:0d:7b:7f:00:99:d9:37:fb:e8:6e:f4:42:3c:bf:ea:7d:3b: 87:26:c6:72:3e:ce:52:c4:3b:8c:d1:cc:13:79:80:5a:20:8a: 4b:0b:d1:11:af:f4:23:36:0a:ad:7e:ed:5a:ff:ae:76:97:4b: 8f:d8:bb:c5:f8:70:f7:1f:3c:81:0e:3d:58:ee:ef:b8:6d:a4: c1:79:2f:25:ea:0e:e5:36:66:2a:51:34:02:e1:ca:b8:c3:5d: 42:fe:04:d3:71:a8:9f:59:f9:a6:64:54:d6:35:9e:48:63:a3: e6:7f:9b:5e:71:3f:bb:10:d4:a5:c8:b6:0a:27:0a:84:32:f0: 49:06:92:b4:7c:29:3c:93:75:d1:9b:f3:7d:0e:b4:a3:f6:4d: 44:22:a4:b4:53:a9:4a:19:20:24:12:84:af:78:a0:e5:79:fa: a0:54:74:63:72:d4:85:6f:b1:ff:ce:b8:8f:3f:fe:68:f5:25: 1e:c0:f2:ad -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCXAVlEwGdNQacxA9XaR4qeo3CkMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGY2MTQ0MDVlZTFkOWUyNDZlMjk5ZWQ3Y2Q5N2VkNmQ4MDNlMWJiNWE4YWQ5 YTczYThkNDRiNTZjMGQ4Y2JjYmUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMW98X6tbAZ5SF90uokbFrzD9La222+7hPtHm5YQ00p3I9llEZU0T+/3DC7C Dgu/pYwza93Ted7ZpTVfdVQ7l+9UxQSBUVlPhHBU8hzneJw6xsHkFDVAZG0iWamy vYx2BNZTgl/RDEqoZse9l6pwrUcpJGQ6NdZZyugXvmRHA6XYT39SBrJtnnEyGciz A0+YokvN4FqsHSGMbQzwFWthCNNba5qMiyoAY7+yC5bOEhwEm3BJ1YDc4WpnLpQW DRte1+d5ww1GDvUwxS7Itdo5qheJuoDAkwzeajO0d3mVDqIyly9rHkUacsg1dqO8 Si5fm/Ubo2CTAqJbActSm7bPCxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsERuc DYrWKuudgAIFBEpvG3u9RjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzY1OTZkNGQtNTA5My00NDY4LWE1OTAtNWZlNTFhMjc5YjZmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI MA0GCSqGSIb3DQEBCwUAA4IBAQAHK8siM52MBhNnpBw54Y/eCxz/Ye8dspZ0QLSs OqVJPu5NiVyTClntekXtRa8EWov4GRDSKS0JdmD1QuGAe4UAsRTnQbmXLAgiDXt/ AJnZN/vobvRCPL/qfTuHJsZyPs5SxDuM0cwTeYBaIIpLC9ERr/QjNgqtfu1a/652 l0uP2LvF+HD3HzyBDj1Y7u+4baTBeS8l6g7lNmYqUTQC4cq4w11C/gTTcaifWfmm ZFTWNZ5IY6Pmf5tecT+7ENSlyLYKJwqEMvBJBpK0fCk8k3XRm/N9DrSj9k1EIqS0 U6lKGSAkEoSveKDlefqgVHRjctSFb7H/zriPP/5o9SUewPKt -----END CERTIFICATE-----Generated at Sat Dec 6 10:48:57 2025 by rpki-client