This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/dbbae141-16d6-4005-935c-887ace4080ba.roa File: dbbae141-16d6-4005-935c-887ace4080ba.roa (raw, json) Hash identifier: MJFNXd+OOgJQkNT+hnWmIe8H0Ngq7lHVM/q/EUuz+wo= Subject key identifier: 59:8A:BB:12:0C:80:59:42:30:01:D2:AF:87:2F:FA:80:06:7B:F6:AC Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 7C7C643D645F203DFF6881F16DC5B50C5D885EE4 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/dbbae141-16d6-4005-935c-887ace4080ba.roa Signing time: Tue 02 Dec 2025 01:40:07 +0000 ROA not before: Tue 02 Dec 2025 01:40:07 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:7c:64:3d:64:5f:20:3d:ff:68:81:f1:6d:c5:b5:0c:5d:88:5e:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:07 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=83aa327dc37545d4ed89aad8e1efc3631d2339c70cf2dc64d3f8b2d13f9c0a5e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:61:36:4c:c7:1e:e6:a4:fc:f2:40:3c:6a:6a: 58:90:62:bc:3f:34:b1:67:57:0e:c3:a5:a8:f8:c2: b6:92:58:7a:94:71:e5:29:6d:e4:75:e5:9a:8e:52: 2f:5f:09:06:e6:10:83:81:8f:b7:f2:a1:22:e1:25: 83:61:57:3e:bb:28:b5:f3:19:99:68:f1:f1:1a:0d: f3:92:81:8e:71:f7:c0:a6:33:b9:c3:e8:f2:10:e3: e4:ce:5a:0a:44:44:ef:ec:77:f9:68:bf:a5:14:ec: d8:18:a5:b3:af:60:64:36:a8:f7:e7:ce:72:91:82: 3c:ae:6c:66:ed:64:f8:20:0a:4e:fe:0b:64:0c:66: 95:91:65:93:4a:34:2c:75:b9:3d:fa:77:71:d2:bb: 03:b7:59:80:e4:c2:bb:89:b4:79:04:ff:e2:5d:0e: a3:82:f1:16:9c:86:ee:b4:e0:f7:09:98:51:01:f3: cc:07:71:95:fc:d0:07:b4:b2:89:03:93:81:89:d2: af:32:76:99:e3:e1:c2:9d:12:02:cc:42:72:c2:80: c8:af:86:0a:a2:f9:68:4f:e5:60:cd:91:6d:99:31: 53:57:62:9d:f5:c8:03:ec:b2:1e:03:b6:1e:5d:91: 7c:c6:2f:ff:9c:57:ec:14:26:20:50:7b:90:a7:9f: 0e:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:8A:BB:12:0C:80:59:42:30:01:D2:AF:87:2F:FA:80:06:7B:F6:AC X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/dbbae141-16d6-4005-935c-887ace4080ba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:f8c0::/48 Signature Algorithm: sha256WithRSAEncryption 90:7b:8b:29:b4:a9:e1:ea:2b:b6:d4:b1:ee:8d:b8:de:2f:a2: 81:f5:8e:22:fe:ca:b6:33:73:cb:8a:18:76:c7:2d:43:73:f5: 74:78:b4:44:5c:18:4a:dd:ed:d9:f9:98:08:8d:92:c5:8b:9f: ea:10:a2:df:6e:fa:bc:60:9a:a5:9c:a3:41:46:07:67:ca:68: 2a:28:5c:cd:33:88:8b:6a:c1:36:f0:c5:27:5a:a5:74:3d:fb: 6a:b8:2e:d9:af:64:c9:ba:1d:87:e7:20:0f:a8:48:85:3f:16: ec:7a:eb:5a:9a:73:18:0f:0a:c7:5d:ed:c5:f5:85:6c:42:6f: f7:e4:aa:ef:54:fb:86:34:7f:d6:ef:58:6d:21:53:d8:3d:e4: 94:74:b1:f9:cc:e0:3d:71:e6:cd:2b:af:37:42:e3:62:57:0f: 89:a1:8e:01:f1:df:fd:71:72:70:15:ea:b8:10:14:51:d1:58: 7d:18:f8:0d:6b:ed:fb:19:6b:91:11:80:4b:c8:7e:f8:41:78: 7f:29:00:fe:47:a4:2e:da:e4:de:ee:70:b2:a2:50:43:b0:a6: 38:3f:c7:65:e1:1a:62:d0:0e:ab:84:a2:dc:8c:3e:4b:3e:ce: 20:f4:7c:14:06:3e:a6:77:4d:41:98:0c:a4:39:81:2f:42:8c: 65:7d:ef:59 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUfHxkPWRfID3/aIHxbcW1DF2IXuQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMDdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDgzYWEzMjdkYzM3NTQ1ZDRlZDg5YWFkOGUxZWZjMzYzMWQyMzM5YzcwY2Yy ZGM2NGQzZjhiMmQxM2Y5YzBhNWUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKthNkzHHuak/PJAPGpqWJBivD80sWdXDsOlqPjCtpJYepRx5Slt5HXlmo5S L18JBuYQg4GPt/KhIuElg2FXPrsotfMZmWjx8RoN85KBjnH3wKYzucPo8hDj5M5a CkRE7+x3+Wi/pRTs2Bils69gZDao9+fOcpGCPK5sZu1k+CAKTv4LZAxmlZFlk0o0 LHW5Pfp3cdK7A7dZgOTCu4m0eQT/4l0Oo4LxFpyG7rTg9wmYUQHzzAdxlfzQB7Sy iQOTgYnSrzJ2mePhwp0SAsxCcsKAyK+GCqL5aE/lYM2RbZkxU1dinfXIA+yyHgO2 Hl2RfMYv/5xX7BQmIFB7kKefDhcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZirsS DIBZQjAB0q+HL/qABnv2rDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZGJiYWUxNDEtMTZkNi00MDA1LTkzNWMtODg3YWNlNDA4MGJhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4 wDANBgkqhkiG9w0BAQsFAAOCAQEAkHuLKbSp4eorttSx7o243i+igfWOIv7KtjNz y4oYdsctQ3P1dHi0RFwYSt3t2fmYCI2SxYuf6hCi3276vGCapZyjQUYHZ8poKihc zTOIi2rBNvDFJ1qldD37argu2a9kybodh+cgD6hIhT8W7HrrWppzGA8Kx13txfWF bEJv9+Sq71T7hjR/1u9YbSFT2D3klHSx+czgPXHmzSuvN0LjYlcPiaGOAfHf/XFy cBXquBAUUdFYfRj4DWvt+xlrkRGAS8h++EF4fykA/kekLtrk3u5wsqJQQ7CmOD/H ZeEaYtAOq4Si3Iw+Sz7OIPR8FAY+pndNQZgMpDmBL0KMZX3vWQ== -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:22 2025 by rpki-client