This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa File: e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa (raw, json) Hash identifier: S9icSWwpe5RkobJPMt0rpxTzbRD3ly3u6YzEUHOIMZI= Subject key identifier: C4:26:78:90:F6:5F:1E:FF:14:80:F5:D5:4F:C4:08:3F:4A:85:13:89 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 790166BDECE06E3F7198BA524596AAF7497A033C Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa Signing time: Tue 02 Dec 2025 01:40:10 +0000 ROA not before: Tue 02 Dec 2025 01:40:10 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc1:8000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:01:66:bd:ec:e0:6e:3f:71:98:ba:52:45:96:aa:f7:49:7a:03:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:10 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=aaf860aa12efb731d950088ce8694550ee639cf09d6acbb0c50d669ef9403b68, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:94:13:74:a9:d4:b1:0d:cb:5e:89:67:1c:95: 9a:4b:40:c5:5f:98:a1:40:26:c8:37:a0:83:38:af: 69:dc:94:86:fe:60:26:e9:5e:be:d8:1b:34:0d:d9: 8f:13:56:f3:c9:b9:8f:13:94:3b:cc:35:18:c9:d2: 05:00:bd:06:4f:7e:e3:d2:9f:5e:25:5a:98:dd:4d: 7f:03:09:82:ff:0d:fe:15:3e:0f:29:83:23:4b:0a: c8:71:f1:7d:90:54:2d:c6:45:a6:65:be:9d:fb:c9: 56:fe:5b:30:ff:6a:e2:0d:f2:a0:43:01:67:ce:42: 6f:4f:39:54:c5:2e:60:ee:f5:68:51:25:8b:0f:6b: 69:86:2f:ea:1b:51:6d:35:71:10:4a:63:9d:0f:9c: 49:f9:33:05:31:c5:3f:ce:3f:74:8a:43:93:bc:60: ca:f6:87:30:8a:b3:4c:c6:a1:a3:1a:30:41:14:81: 16:81:7f:34:12:ca:09:58:1e:be:1e:45:3a:7b:96: 45:77:0d:ad:71:08:3e:58:33:26:37:ca:4b:a0:81: e7:b2:23:46:3c:c5:bf:b1:b5:84:b8:f0:4b:d1:5c: 30:0b:ab:1e:69:f1:e2:b6:1d:b9:9b:b1:72:27:19: 91:1b:f6:38:31:62:7a:5c:9f:21:17:19:ff:f4:b8: d2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:26:78:90:F6:5F:1E:FF:14:80:F5:D5:4F:C4:08:3F:4A:85:13:89 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc1:8000::/38 Signature Algorithm: sha256WithRSAEncryption 0f:e0:7c:e8:03:36:b4:e8:a9:f6:d9:f2:04:80:ec:8f:72:3e: 2b:28:fa:09:d9:09:76:d1:6c:a8:da:e2:11:17:55:84:1f:a1: 45:26:a8:f7:a1:fc:39:68:53:2c:9f:e1:fd:cd:a9:0f:12:d3: 87:4d:5c:20:1f:78:ee:76:25:2e:73:ad:32:94:43:a1:a4:61: 53:8e:00:20:81:8d:70:67:7d:32:c5:59:2d:58:83:55:41:57: 96:b7:21:1b:f8:9f:15:0f:33:59:cc:f9:63:7b:ad:e1:0c:99: 55:d9:43:d7:f1:d2:e7:96:00:ae:77:e3:c4:e0:34:73:47:76: 0d:43:f4:56:15:42:88:f7:01:3c:aa:ee:ad:0e:35:84:c7:00: 13:82:d5:da:5d:49:46:7d:07:d7:88:47:fe:1b:c3:58:c8:9c: dd:0f:0e:11:fa:86:0e:4a:78:7f:62:94:01:4f:e8:0f:b7:20: 39:3f:83:f3:da:e4:97:ed:7f:40:94:9b:e8:e4:5d:84:9b:75: 26:11:c6:cd:b8:71:63:b3:ce:97:fe:e6:42:88:5b:72:c8:b1: 1f:c7:e5:e9:63:79:52:b3:8d:52:2f:97:ea:7a:03:3a:0d:8a: 68:94:8e:95:6e:43:83:61:e7:69:9e:1d:f1:fa:46:dc:96:a8: 37:8b:51:41 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUeQFmvezgbj9xmLpSRZaq90l6AzwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMTBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGFhZjg2MGFhMTJlZmI3MzFkOTUwMDg4Y2U4Njk0NTUwZWU2MzljZjA5ZDZh Y2JiMGM1MGQ2NjllZjk0MDNiNjgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuUE3Sp1LENy16JZxyVmktAxV+YoUAmyDeggzivadyUhv5gJulevtgbNA3Z jxNW88m5jxOUO8w1GMnSBQC9Bk9+49KfXiVamN1NfwMJgv8N/hU+DymDI0sKyHHx fZBULcZFpmW+nfvJVv5bMP9q4g3yoEMBZ85Cb085VMUuYO71aFEliw9raYYv6htR bTVxEEpjnQ+cSfkzBTHFP84/dIpDk7xgyvaHMIqzTMahoxowQRSBFoF/NBLKCVge vh5FOnuWRXcNrXEIPlgzJjfKS6CB57IjRjzFv7G1hLjwS9FcMAurHmnx4rYduZux cicZkRv2ODFielyfIRcZ//S40r0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEJniQ 9l8e/xSA9dVPxAg/SoUTiTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZTI3ZTdhNTktOTliZi00NTU5LWIwZGYtODdkYTJmNmRjNmU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA MA0GCSqGSIb3DQEBCwUAA4IBAQAP4HzoAza06Kn22fIEgOyPcj4rKPoJ2Ql20Wyo 2uIRF1WEH6FFJqj3ofw5aFMsn+H9zakPEtOHTVwgH3judiUuc60ylEOhpGFTjgAg gY1wZ30yxVktWINVQVeWtyEb+J8VDzNZzPlje63hDJlV2UPX8dLnlgCud+PE4DRz R3YNQ/RWFUKI9wE8qu6tDjWExwATgtXaXUlGfQfXiEf+G8NYyJzdDw4R+oYOSnh/ YpQBT+gPtyA5P4Pz2uSX7X9AlJvo5F2Em3UmEcbNuHFjs86X/uZCiFtyyLEfx+Xp Y3lSs41SL5fqegM6DYpolI6VbkODYedpnh3x+kbclqg3i1FB -----END CERTIFICATE-----Generated at Sat Dec 6 11:45:07 2025 by rpki-client