This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa File: a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa (raw, json) Hash identifier: troF0VlVQkVqbc05pLZs9Y1Xc8Ct6UM/CNpFAYAza0k= Subject key identifier: C7:45:66:D4:8F:44:95:DD:99:A3:12:AB:8D:1F:D1:54:0B:57:A9:BB Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 1E35B7836FB34E376FED22515C6B94C7C9120043 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa Signing time: Tue 02 Dec 2025 01:30:12 +0000 ROA not before: Tue 02 Dec 2025 01:30:12 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 7224 IP address blocks: 2001:3fc7:d000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:35:b7:83:6f:b3:4e:37:6f:ed:22:51:5c:6b:94:c7:c9:12:00:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:12 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=3d5f93be1c2a0fc804d7d9553efff2180522f1860950caab8b70995610378063, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:b1:27:fa:8e:50:7e:76:43:21:f6:79:5b:18: b0:0a:f2:ae:da:e0:04:1b:30:0a:31:99:79:d3:c7: 17:54:2e:df:d0:f2:15:4e:e1:48:5e:c0:f3:16:10: 29:f5:46:15:e3:54:9b:c5:76:69:d8:a7:cd:32:e8: 6f:15:20:7d:d6:40:28:e4:79:6b:33:60:70:87:21: d9:5c:39:68:f2:30:ee:09:ab:a9:58:cb:0d:56:4f: e7:0f:84:0b:6a:09:93:d6:7a:0d:58:43:b8:c2:f5: 1f:f5:34:ba:b2:22:04:f4:af:43:35:fc:c9:52:3d: b7:18:af:05:74:74:aa:47:ca:46:b5:b8:6a:9b:a1: 6f:22:d5:66:01:e6:73:76:cb:ab:c9:df:36:07:ec: 78:de:d1:10:58:d8:97:f3:7b:9e:c1:42:28:b3:80: c0:67:d7:67:08:0b:74:af:36:ce:81:af:d0:72:cf: 06:71:77:93:34:8a:b2:64:48:59:15:c2:6e:03:40: cc:d1:f8:80:9d:a5:39:6e:01:f1:e7:3e:a5:33:50: 85:59:18:71:01:56:f6:41:af:1b:47:76:80:e1:eb: bd:21:98:94:44:01:17:92:62:0e:56:81:c2:d4:c7: 26:4a:ee:e4:23:92:d7:78:ac:b1:2f:a1:04:6b:88: f8:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:45:66:D4:8F:44:95:DD:99:A3:12:AB:8D:1F:D1:54:0B:57:A9:BB X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:d000::/36 Signature Algorithm: sha256WithRSAEncryption 64:28:76:73:2f:62:b3:65:57:f3:e5:95:50:ba:fe:f4:c9:60: 1a:3a:42:b2:4e:d2:df:ee:67:f7:c5:8e:8f:33:75:98:18:3e: ce:20:6b:cd:80:a0:60:6b:91:1e:27:88:7e:90:04:ec:2d:02: 15:dc:fd:3f:26:45:d7:1d:ea:cb:89:2d:e2:12:e0:aa:1a:15: 28:14:1a:17:8d:bd:7d:df:59:81:4c:3c:31:7f:19:3d:cc:46: b8:65:65:b8:da:3d:38:4a:6a:10:36:79:b2:fc:ab:a8:40:94: ec:71:07:ef:59:f0:06:7f:c5:55:7d:b2:c5:68:88:ab:50:50: 0f:82:8a:00:60:72:11:87:11:09:f7:e6:6e:6c:0b:8b:98:58: c4:35:dc:86:52:9e:c3:e0:d7:64:c6:e3:8d:f2:38:ad:3f:ea: a3:63:46:da:5e:fc:44:ef:6d:99:1f:9c:3f:57:83:2d:c8:21: 14:3c:e8:52:e3:70:ee:f2:91:ae:65:5f:93:04:20:98:72:55: 80:cb:c0:58:2c:44:2c:51:cf:1e:77:0f:20:7c:dc:b5:3b:88: b5:ab:4f:ed:21:7b:98:7e:01:4a:6e:0b:36:73:76:ed:2c:6c: d9:69:e6:54:b8:51:a7:25:c3:b8:43:ff:62:28:42:7b:0c:69: 63:e5:1a:c0 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHjW3g2+zTjdv7SJRXGuUx8kSAEMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDNkNWY5M2JlMWMyYTBmYzgwNGQ3ZDk1NTNlZmZmMjE4MDUyMmYxODYwOTUw Y2FhYjhiNzA5OTU2MTAzNzgwNjMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANOxJ/qOUH52QyH2eVsYsAryrtrgBBswCjGZedPHF1Qu39DyFU7hSF7A8xYQ KfVGFeNUm8V2adinzTLobxUgfdZAKOR5azNgcIch2Vw5aPIw7gmrqVjLDVZP5w+E C2oJk9Z6DVhDuML1H/U0urIiBPSvQzX8yVI9txivBXR0qkfKRrW4apuhbyLVZgHm c3bLq8nfNgfseN7REFjYl/N7nsFCKLOAwGfXZwgLdK82zoGv0HLPBnF3kzSKsmRI WRXCbgNAzNH4gJ2lOW4B8ec+pTNQhVkYcQFW9kGvG0d2gOHrvSGYlEQBF5JiDlaB wtTHJkru5COS13issS+hBGuI+JECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHRWbU j0SV3ZmjEquNH9FUC1epuzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YTJjYWM3YzctZGY0MS00ZGI2LWI4YmQtMWIyN2QwZmZjMTE5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fQ MA0GCSqGSIb3DQEBCwUAA4IBAQBkKHZzL2KzZVfz5ZVQuv70yWAaOkKyTtLf7mf3 xY6PM3WYGD7OIGvNgKBga5EeJ4h+kATsLQIV3P0/JkXXHerLiS3iEuCqGhUoFBoX jb1931mBTDwxfxk9zEa4ZWW42j04SmoQNnmy/KuoQJTscQfvWfAGf8VVfbLFaIir UFAPgooAYHIRhxEJ9+ZubAuLmFjENdyGUp7D4NdkxuON8jitP+qjY0baXvxE722Z H5w/V4MtyCEUPOhS43Du8pGuZV+TBCCYclWAy8BYLEQsUc8edw8gfNy1O4i1q0/t IXuYfgFKbgs2c3btLGzZaeZUuFGnJcO4Q/9iKEJ7DGlj5RrA -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:27 2025 by rpki-client