This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/cdf607fb-daf0-4767-b47b-4a8c3266c681.roa File: cdf607fb-daf0-4767-b47b-4a8c3266c681.roa (raw, json) Hash identifier: vDd5ed6HKQQDIBfzQeJ67CP76sE2iz7ZPYjHa+vxUKk= Subject key identifier: 19:37:EF:6B:53:29:04:2C:47:69:C8:EE:3A:50:DE:DF:E0:10:73:94 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 274C754AE2C5F377B53F09F67336437B93C14375 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/cdf607fb-daf0-4767-b47b-4a8c3266c681.roa Signing time: Tue 02 Dec 2025 01:40:04 +0000 ROA not before: Tue 02 Dec 2025 01:40:04 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:4c:75:4a:e2:c5:f3:77:b5:3f:09:f6:73:36:43:7b:93:c1:43:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:04 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=47ce4bcc2fb4d6a8db398aff283ce2944e315d66ff34647db365472922c7a5be, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:5b:5d:73:86:64:8c:9d:26:10:a9:85:30:fa: ea:d0:88:5b:76:74:d3:f8:b3:5a:41:31:84:41:2b: d9:86:bb:1f:88:e2:e9:07:ad:2e:81:3b:ee:f8:32: 6f:1f:03:74:28:d8:22:9a:c3:14:0b:47:77:7a:d0: 8d:4f:41:6f:98:18:60:ac:4a:c0:e3:cd:b6:45:41: a2:12:db:3d:06:9e:e6:83:21:46:c3:cf:34:59:58: 26:63:3f:f8:dc:51:25:00:d1:26:3d:a0:2a:35:c5: 7b:b2:0a:e2:39:22:44:2a:e1:b8:4b:83:0d:51:79: 48:ed:3a:34:9d:e5:ae:25:19:e8:2f:e4:5a:93:76: bb:83:1e:c4:a7:14:97:59:64:ec:12:f5:9c:df:a6: 2d:01:ea:18:49:2c:d1:d7:88:e5:98:04:e8:62:71: 13:87:80:52:f6:30:a9:6d:c8:91:26:bd:47:a0:df: 3b:52:21:e5:24:0a:fa:e7:7e:d3:b6:24:d6:9e:56: eb:2b:f4:71:90:37:b2:76:55:ee:d4:64:81:1b:49: 1c:1b:0b:62:28:ba:33:6b:5d:40:41:0c:86:b1:43: 81:1d:f8:27:12:8a:ce:c8:68:62:5f:b4:dc:14:01: a4:a7:65:56:92:7d:44:31:5a:5c:17:df:25:02:3f: f7:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:37:EF:6B:53:29:04:2C:47:69:C8:EE:3A:50:DE:DF:E0:10:73:94 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/cdf607fb-daf0-4767-b47b-4a8c3266c681.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc1:8c00::/38 Signature Algorithm: sha256WithRSAEncryption 45:04:1c:98:9a:01:31:9b:b4:24:20:46:bd:35:8f:35:0b:4e: 8f:31:44:f4:07:3a:27:14:61:0d:e5:0c:5d:55:17:21:c9:81: 2e:c1:97:ea:00:81:88:20:2b:63:97:73:5d:c4:26:2d:65:6c: cb:1a:40:65:63:ae:8f:89:91:64:02:ba:14:38:70:1f:ab:ad: 6c:ee:44:12:7b:a7:91:a6:11:ba:42:53:7f:ce:f3:3e:37:29: 7f:e6:6e:ff:34:0e:ed:1f:9e:53:a9:e3:f7:5c:fa:70:5f:c2: 22:a4:07:44:85:83:0a:d1:f0:bc:f1:d9:38:19:d0:4e:82:13: 09:c9:10:27:4d:d1:9f:49:ff:fb:dd:04:dc:e4:0e:2d:96:e8: c6:c2:d3:ec:e8:fa:ea:2a:10:6c:d5:99:d5:3f:34:b4:3d:19: 44:34:44:a4:48:12:67:af:07:3f:44:01:42:34:31:61:5c:48: 34:c9:62:25:7e:95:d8:7b:57:8e:c7:68:77:ac:83:df:cc:11: d8:c6:77:f4:99:81:56:e7:1c:26:82:12:56:b5:1d:0a:e3:ee: de:d1:f6:eb:9d:70:d4:af:46:69:ba:a8:76:6b:c0:eb:67:d2: 96:c5:e8:57:87:49:5c:14:bc:59:b4:50:ec:80:bc:9d:93:a5: 3e:7b:4f:88 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJ0x1SuLF83e1Pwn2czZDe5PBQ3UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMDRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDQ3Y2U0YmNjMmZiNGQ2YThkYjM5OGFmZjI4M2NlMjk0NGUzMTVkNjZmZjM0 NjQ3ZGIzNjU0NzI5MjJjN2E1YmUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAONbXXOGZIydJhCphTD66tCIW3Z00/izWkExhEEr2Ya7H4ji6QetLoE77vgy bx8DdCjYIprDFAtHd3rQjU9Bb5gYYKxKwOPNtkVBohLbPQae5oMhRsPPNFlYJmM/ +NxRJQDRJj2gKjXFe7IK4jkiRCrhuEuDDVF5SO06NJ3lriUZ6C/kWpN2u4MexKcU l1lk7BL1nN+mLQHqGEks0deI5ZgE6GJxE4eAUvYwqW3IkSa9R6DfO1Ih5SQK+ud+ 07Yk1p5W6yv0cZA3snZV7tRkgRtJHBsLYii6M2tdQEEMhrFDgR34JxKKzshoYl+0 3BQBpKdlVpJ9RDFaXBffJQI/90cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZN+9r UykELEdpyO46UN7f4BBzlDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv Y2RmNjA3ZmItZGFmMC00NzY3LWI0N2ItNGE4YzMyNjZjNjgxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM MA0GCSqGSIb3DQEBCwUAA4IBAQBFBByYmgExm7QkIEa9NY81C06PMUT0BzonFGEN 5QxdVRchyYEuwZfqAIGIICtjl3NdxCYtZWzLGkBlY66PiZFkAroUOHAfq61s7kQS e6eRphG6QlN/zvM+Nyl/5m7/NA7tH55TqeP3XPpwX8IipAdEhYMK0fC88dk4GdBO ghMJyRAnTdGfSf/73QTc5A4tlujGwtPs6PrqKhBs1ZnVPzS0PRlENESkSBJnrwc/ RAFCNDFhXEg0yWIlfpXYe1eOx2h3rIPfzBHYxnf0mYFW5xwmghJWtR0K4+7e0fbr nXDUr0Zpuqh2a8DrZ9KWxehXh0lcFLxZtFDsgLydk6U+e0+I -----END CERTIFICATE-----Generated at Sun Dec 7 01:07:32 2025 by rpki-client