This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/7ce56587-daa1-4400-bed4-6204cfafd220.roa File: 7ce56587-daa1-4400-bed4-6204cfafd220.roa (raw, json) Hash identifier: VD/uW8QNsfqNCMtLDJkTTzKuVuyDB6mN2joZSE5f+sI= Subject key identifier: B9:E0:C2:72:1A:BD:1A:05:A1:A8:6F:BE:2A:70:81:0E:7B:A0:AE:AE Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 1D41087A61C0ACB7DC20B4855B4789165409AE45 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/7ce56587-daa1-4400-bed4-6204cfafd220.roa Signing time: Tue 02 Dec 2025 01:40:36 +0000 ROA not before: Tue 02 Dec 2025 01:40:36 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:41:08:7a:61:c0:ac:b7:dc:20:b4:85:5b:47:89:16:54:09:ae:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:36 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=610fc5d1074bb42e60f3b130bb600b92be2f17cb182594cf2583f908256df715, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:72:64:a4:7c:81:a4:61:42:8d:07:b4:fd:7c: 55:0a:d8:4e:9b:45:1b:0e:e6:08:ee:d0:3e:11:2b: 8d:d2:4d:6c:d3:81:a2:30:a7:21:03:f9:f7:1d:72: ab:a2:fb:ec:f4:dc:72:a8:9a:d5:c5:52:7b:47:18: 52:e9:43:6c:57:5e:25:b4:46:08:8c:c8:ca:fb:5a: 16:0c:07:5b:b9:11:e7:65:6f:29:f6:e5:68:e5:6e: 99:2a:43:77:0c:e3:c4:64:0c:87:de:a8:23:15:ac: fe:6e:30:69:72:3e:ce:aa:19:98:4a:7a:a7:19:60: 02:49:c9:0f:b0:4d:52:fb:9d:4f:ed:57:bb:d7:83: 98:ac:83:e2:cc:7f:4e:54:fc:5a:6c:27:47:e5:fd: af:67:44:c4:c0:54:63:e5:ef:a6:71:56:67:da:d1: 0f:4d:92:b3:f1:60:39:0c:4b:4e:34:35:b0:9a:0c: fe:7b:23:e2:e9:18:0b:08:d9:a8:3f:65:06:9f:c9: d9:e5:f0:8c:ce:e7:6f:0b:10:ff:e1:d3:fd:47:d1: fd:32:eb:4d:c8:50:1b:25:d9:aa:0a:19:60:51:65: ca:bc:5d:d3:71:6f:b5:dc:eb:a8:a4:40:70:d6:07: ff:88:d8:82:b4:63:6a:0c:77:9e:21:47:32:cb:26: 8c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:E0:C2:72:1A:BD:1A:05:A1:A8:6F:BE:2A:70:81:0E:7B:A0:AE:AE X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/7ce56587-daa1-4400-bed4-6204cfafd220.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:2000::/36 Signature Algorithm: sha256WithRSAEncryption 4d:21:ee:fb:c9:1b:9d:bd:77:cf:f8:dd:ae:23:ec:54:d4:ca: 2d:dd:9c:5c:4b:d4:e0:fc:92:13:36:97:39:f9:63:e1:8b:31: 0f:31:0b:01:ea:0c:dc:2a:f0:a6:bc:c6:6e:47:e6:cb:77:da: 3d:02:ff:88:4f:b8:b7:39:47:7c:9b:f9:28:95:24:55:a3:b8: 64:9e:bb:27:db:08:f7:b8:c9:36:95:c6:18:7d:58:00:06:d6: c8:80:9e:bb:73:dd:69:b6:02:82:87:6c:85:8a:d6:d9:7c:c3: 12:3d:86:a3:1c:44:8b:cd:7f:0e:c0:fd:29:18:ae:da:97:59: e8:a2:5e:d8:3c:55:5a:8a:20:a3:07:e2:e3:69:6e:e6:71:04: 79:89:b4:0b:e1:78:c4:49:2c:82:d1:ab:2f:52:d6:8c:3a:87: fb:3e:c5:10:4e:8e:9b:2b:ba:fb:fd:c0:55:46:f2:9b:49:39: 3a:dd:f5:f1:86:f0:a5:51:89:c4:7a:63:5d:9d:21:6f:0f:0f: 2a:a9:a0:4a:2a:f1:f0:03:d4:83:92:70:07:7b:17:c0:7d:3f: a4:04:c4:12:0f:a1:6c:c0:10:d9:05:1f:86:56:13:6c:56:d8: 89:48:e2:12:d8:4d:0d:a6:f0:e6:64:6d:25:85:84:84:da:35: 05:ed:49:70 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHUEIemHArLfcILSFW0eJFlQJrkUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDYxMGZjNWQxMDc0YmI0MmU2MGYzYjEzMGJiNjAwYjkyYmUyZjE3Y2IxODI1 OTRjZjI1ODNmOTA4MjU2ZGY3MTUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN5yZKR8gaRhQo0HtP18VQrYTptFGw7mCO7QPhErjdJNbNOBojCnIQP59x1y q6L77PTccqia1cVSe0cYUulDbFdeJbRGCIzIyvtaFgwHW7kR52VvKfblaOVumSpD dwzjxGQMh96oIxWs/m4waXI+zqoZmEp6pxlgAknJD7BNUvudT+1Xu9eDmKyD4sx/ TlT8WmwnR+X9r2dExMBUY+XvpnFWZ9rRD02Ss/FgOQxLTjQ1sJoM/nsj4ukYCwjZ qD9lBp/J2eXwjM7nbwsQ/+HT/UfR/TLrTchQGyXZqgoZYFFlyrxd03FvtdzrqKRA cNYH/4jYgrRjagx3niFHMssmjDkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS54MJy Gr0aBaGob74qcIEOe6CurjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv N2NlNTY1ODctZGFhMS00NDAwLWJlZDQtNjIwNGNmYWZkMjIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Mg MA0GCSqGSIb3DQEBCwUAA4IBAQBNIe77yRudvXfP+N2uI+xU1Mot3ZxcS9Tg/JIT Npc5+WPhizEPMQsB6gzcKvCmvMZuR+bLd9o9Av+IT7i3OUd8m/kolSRVo7hknrsn 2wj3uMk2lcYYfVgABtbIgJ67c91ptgKCh2yFitbZfMMSPYajHESLzX8OwP0pGK7a l1nool7YPFVaiiCjB+LjaW7mcQR5ibQL4XjESSyC0asvUtaMOof7PsUQTo6bK7r7 /cBVRvKbSTk63fXxhvClUYnEemNdnSFvDw8qqaBKKvHwA9SDknAHexfAfT+kBMQS D6FswBDZBR+GVhNsVtiJSOIS2E0NpvDmZG0lhYSE2jUF7Ulw -----END CERTIFICATE-----Generated at Sat Dec 6 10:51:32 2025 by rpki-client