This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a58b6238-ef14-49df-aad0-16d332405e96.roa File: a58b6238-ef14-49df-aad0-16d332405e96.roa (raw, json) Hash identifier: PMIe6bwpd/8buhYAgnkv6y6k7glDefHspCa+v7Q3MKA= Subject key identifier: 4B:D4:72:6D:8A:5A:A3:16:F2:F1:17:5B:76:BF:C5:94:07:15:43:91 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 34D59035C0EB005485A59299C27F231D022C0668 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a58b6238-ef14-49df-aad0-16d332405e96.roa Signing time: Tue 02 Dec 2025 01:30:13 +0000 ROA not before: Tue 02 Dec 2025 01:30:13 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:d5:90:35:c0:eb:00:54:85:a5:92:99:c2:7f:23:1d:02:2c:06:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:13 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=16303476498c308302433860b0bcc4d5a26254d8906a47512330e241e338d95e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:2d:53:32:3b:ae:0c:50:b8:e6:c9:15:63:26: 8c:bf:c2:c5:fd:1f:76:25:84:f5:cd:f0:54:cb:13: 04:40:12:a9:de:9f:fe:c5:c7:fe:eb:c8:db:e9:55: 90:d6:94:a7:d2:0e:a3:89:80:d3:1a:13:83:9d:9f: 8c:66:9e:30:8f:f3:f4:80:96:b2:86:13:6f:2d:d0: 1e:1c:81:2b:19:f3:50:9f:20:3b:c5:37:ee:ed:4f: 45:4f:bd:ec:e9:03:06:25:8e:0d:b9:70:a4:de:1c: a7:7d:e9:33:37:1d:f7:65:25:4e:de:09:48:3b:91: e2:b1:48:26:28:8a:33:c8:38:c1:9d:d1:d6:7e:f3: 20:5c:b5:36:dd:2f:6b:9c:c5:2d:62:04:3a:3a:69: b2:e1:31:7f:e3:33:37:5c:ec:0d:c8:f7:86:06:71: 7a:0b:3e:91:e1:d2:41:f1:f9:47:8b:a3:bf:b7:c1: 84:2b:ed:b2:50:08:c8:63:aa:be:7f:ee:b3:6f:1a: ea:ad:2d:9a:b3:37:a0:9f:c0:b1:f5:30:de:81:47: 6b:0c:7e:9d:41:2e:ac:61:3e:1d:f7:6e:c5:d4:eb: c5:bf:59:7a:c4:50:0d:5f:2e:d9:92:8a:7f:4d:52: 89:b8:a7:13:20:20:5b:81:a1:dd:95:80:4e:44:13: d4:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:D4:72:6D:8A:5A:A3:16:F2:F1:17:5B:76:BF:C5:94:07:15:43:91 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a58b6238-ef14-49df-aad0-16d332405e96.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:1000::/36 Signature Algorithm: sha256WithRSAEncryption be:97:51:97:7d:2e:16:7f:97:a1:78:ff:13:06:17:37:d9:5c: f6:5d:51:01:b5:2d:cc:6a:f2:f5:5b:ca:f3:ff:4f:ba:30:8a: 0c:96:43:c4:33:1d:c8:7f:c6:87:66:11:a8:91:c9:63:9d:4c: 0a:1d:ff:26:43:c7:32:0e:e7:b7:84:69:74:3a:40:ee:a3:d4: cc:f6:4c:e0:c3:a7:6b:07:53:3e:d6:6f:4b:f4:1f:6f:c3:1a: 58:6d:34:83:fd:11:9e:3c:f2:9b:dd:72:60:e9:79:10:4c:de: a7:d0:39:98:00:94:7c:56:c3:54:dc:6d:1c:5f:69:f5:c2:ac: b9:3e:fa:73:77:75:db:43:ca:a7:a8:d2:c2:dc:9d:99:cd:8b: 23:66:bf:52:d3:6a:08:f4:d0:94:6a:af:2d:e8:87:cc:10:9f: 84:ea:ee:03:98:3a:77:9e:4d:20:4a:77:3e:4e:49:e8:15:79: 6c:9c:b3:82:b6:ce:ff:48:eb:ae:79:84:2d:1e:4e:cc:a9:2e: ab:d8:aa:23:69:ac:b5:44:0b:5a:dd:41:72:f4:83:9f:0a:c7: ab:16:d8:ef:ef:ab:55:28:99:47:0d:3e:6f:e4:1c:ce:68:16: e7:60:d6:4c:11:9d:fc:fb:49:bf:0d:52:c8:db:8a:45:59:0d: 9b:35:8e:4a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNNWQNcDrAFSFpZKZwn8jHQIsBmgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTNaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDE2MzAzNDc2NDk4YzMwODMwMjQzMzg2MGIwYmNjNGQ1YTI2MjU0ZDg5MDZh NDc1MTIzMzBlMjQxZTMzOGQ5NWUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIgtUzI7rgxQuObJFWMmjL/Cxf0fdiWE9c3wVMsTBEASqd6f/sXH/uvI2+lV kNaUp9IOo4mA0xoTg52fjGaeMI/z9ICWsoYTby3QHhyBKxnzUJ8gO8U37u1PRU+9 7OkDBiWODblwpN4cp33pMzcd92UlTt4JSDuR4rFIJiiKM8g4wZ3R1n7zIFy1Nt0v a5zFLWIEOjppsuExf+MzN1zsDcj3hgZxegs+keHSQfH5R4ujv7fBhCvtslAIyGOq vn/us28a6q0tmrM3oJ/AsfUw3oFHawx+nUEurGE+HfduxdTrxb9ZesRQDV8u2ZKK f01SibinEyAgW4Gh3ZWATkQT1LECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRL1HJt ilqjFvLxF1t2v8WUBxVDkTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YTU4YjYyMzgtZWYxNC00OWRmLWFhZDAtMTZkMzMyNDA1ZTk2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cQ MA0GCSqGSIb3DQEBCwUAA4IBAQC+l1GXfS4Wf5eheP8TBhc32Vz2XVEBtS3MavL1 W8rz/0+6MIoMlkPEMx3If8aHZhGokcljnUwKHf8mQ8cyDue3hGl0OkDuo9TM9kzg w6drB1M+1m9L9B9vwxpYbTSD/RGePPKb3XJg6XkQTN6n0DmYAJR8VsNU3G0cX2n1 wqy5Pvpzd3XbQ8qnqNLC3J2ZzYsjZr9S02oI9NCUaq8t6IfMEJ+E6u4DmDp3nk0g Snc+TknoFXlsnLOCts7/SOuueYQtHk7MqS6r2Kojaay1RAta3UFy9IOfCserFtjv 76tVKJlHDT5v5BzOaBbnYNZMEZ38+0m/DVLI24pFWQ2bNY5K -----END CERTIFICATE-----Generated at Sat Dec 6 11:44:47 2025 by rpki-client