This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a217acb6-25db-4f7f-bed2-0251978424c1.roa File: a217acb6-25db-4f7f-bed2-0251978424c1.roa (raw, json) Hash identifier: i+nE6T9jCynW51U6urcfGPTXSOIkkmxUn542xuQ6b6Y= Subject key identifier: 72:1B:EA:A7:02:8B:22:E0:84:4F:C7:95:E7:D5:31:3A:9F:F4:AC:DD Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 6600218EB07B8AC8B9443FA7E967CAECCEAE5D5D Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a217acb6-25db-4f7f-bed2-0251978424c1.roa Signing time: Tue 02 Dec 2025 01:40:12 +0000 ROA not before: Tue 02 Dec 2025 01:40:12 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc0:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:00:21:8e:b0:7b:8a:c8:b9:44:3f:a7:e9:67:ca:ec:ce:ae:5d:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:12 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=e959101b57899b1aeff9175bff23f6aa92fa668053ddaf4b5321b60ae3bf7be9, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cb:54:31:24:e5:c5:ae:58:9b:de:b6:ec:6f: 96:14:a3:62:4e:87:6c:0f:85:a9:7a:40:57:5a:8c: 09:a4:59:e0:aa:79:cc:c5:00:ff:8d:23:f5:67:19: e2:35:68:23:7f:8b:9d:0b:f9:80:42:84:27:bd:71: 53:e5:af:34:fa:23:75:99:55:b9:81:a9:70:fe:f6: 59:55:14:60:2a:60:6f:45:35:e4:e0:5b:f3:d0:1c: 27:ee:d5:e3:cf:90:37:36:d2:00:8a:0b:1b:06:60: 69:ec:bb:b1:61:ad:6c:37:84:c0:0b:6b:2d:14:90: 5b:54:c6:f1:2a:f2:8d:c2:29:a9:11:33:e7:38:26: 15:df:9b:94:53:11:3d:4f:c3:57:18:1e:e3:5c:7b: 31:6b:73:35:4f:d5:3a:0b:de:5f:2b:a2:60:62:5b: 2a:94:ec:c7:98:67:b2:cc:c8:87:3c:82:fa:de:06: 81:7a:e5:82:a7:82:e6:3b:ba:81:68:71:dc:9e:b7: cd:40:e4:7a:a7:47:e4:ea:41:ff:5f:6c:1f:8e:db: e5:7f:c9:68:62:de:08:3a:1c:ae:99:e2:76:45:2a: 0c:e8:f3:09:02:3a:d6:e9:10:0f:80:2c:90:fe:a3: 4b:9a:3d:6b:58:4b:7c:8d:4f:71:4b:c8:ae:cf:a2: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:1B:EA:A7:02:8B:22:E0:84:4F:C7:95:E7:D5:31:3A:9F:F4:AC:DD X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a217acb6-25db-4f7f-bed2-0251978424c1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc0:840::/48 Signature Algorithm: sha256WithRSAEncryption b4:ca:0a:17:b8:44:e1:4b:50:d8:a6:bd:fc:9c:4a:d6:4e:3a: 8d:31:4b:01:24:ea:c9:fe:21:0b:bc:e7:59:0a:9f:50:6d:f7: 7a:3c:7a:a2:6f:e0:1c:57:48:c4:37:97:5d:4c:f9:8d:4c:03: 56:af:a2:b0:54:53:ec:e4:8d:f5:bb:69:4e:e4:76:93:99:0b: 6d:41:6f:ab:85:e3:4f:0f:f3:0c:00:43:72:11:a8:bd:c3:f4: 11:3e:14:31:d6:51:dd:70:bf:f1:19:fd:40:69:5e:dc:3e:90: a7:37:03:cb:5e:b8:7d:40:1c:88:41:f8:c2:1c:0c:ef:2a:d6: a0:fb:61:39:89:07:2f:40:65:eb:b8:b1:fb:cd:be:4d:5d:38: 20:92:a9:3f:d2:39:05:17:53:80:5b:49:4c:4b:35:73:e5:47: 03:82:78:09:4d:9f:a1:21:50:12:0c:46:4e:b6:2e:d3:18:df: f8:33:4c:06:24:45:30:64:8d:fd:94:48:6d:9c:35:08:d4:7d: 92:0e:0e:11:46:3a:fc:87:32:5c:b8:12:93:85:df:03:a4:e2: ec:1a:69:d5:c0:86:f1:d2:3a:4e:9c:98:b5:64:e0:b8:31:8f: d7:01:a6:cb:80:f8:21:bf:b7:55:7f:98:f5:ae:15:67:92:22: bf:aa:8a:1f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZgAhjrB7isi5RD+n6WfK7M6uXV0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMTJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGU5NTkxMDFiNTc4OTliMWFlZmY5MTc1YmZmMjNmNmFhOTJmYTY2ODA1M2Rk YWY0YjUzMjFiNjBhZTNiZjdiZTkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzLVDEk5cWuWJvetuxvlhSjYk6HbA+FqXpAV1qMCaRZ4Kp5zMUA/40j9WcZ 4jVoI3+LnQv5gEKEJ71xU+WvNPojdZlVuYGpcP72WVUUYCpgb0U15OBb89AcJ+7V 48+QNzbSAIoLGwZgaey7sWGtbDeEwAtrLRSQW1TG8SryjcIpqREz5zgmFd+blFMR PU/DVxge41x7MWtzNU/VOgveXyuiYGJbKpTsx5hnsszIhzyC+t4GgXrlgqeC5ju6 gWhx3J63zUDkeqdH5OpB/19sH47b5X/JaGLeCDocrpnidkUqDOjzCQI61ukQD4As kP6jS5o9a1hLfI1PcUvIrs+ibrcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyG+qn Aosi4IRPx5Xn1TE6n/Ss3TAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YTIxN2FjYjYtMjVkYi00ZjdmLWJlZDItMDI1MTk3ODQyNGMxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI QDANBgkqhkiG9w0BAQsFAAOCAQEAtMoKF7hE4UtQ2Ka9/JxK1k46jTFLASTqyf4h C7znWQqfUG33ejx6om/gHFdIxDeXXUz5jUwDVq+isFRT7OSN9btpTuR2k5kLbUFv q4XjTw/zDABDchGovcP0ET4UMdZR3XC/8Rn9QGle3D6QpzcDy164fUAciEH4whwM 7yrWoPthOYkHL0Bl67ix+82+TV04IJKpP9I5BRdTgFtJTEs1c+VHA4J4CU2foSFQ EgxGTrYu0xjf+DNMBiRFMGSN/ZRIbZw1CNR9kg4OEUY6/IcyXLgSk4XfA6Ti7Bpp 1cCG8dI6TpyYtWTguDGP1wGmy4D4Ib+3VX+Y9a4VZ5Iiv6qKHw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:33 2025 by rpki-client