This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa File: ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa (raw, json) Hash identifier: mThQ1/LFwT67ykLI0/aA9XqUfm9sv68RcQ1wYJWzZ1Q= Subject key identifier: D4:4F:EC:2E:1B:CD:85:B8:CE:31:D6:FA:B9:F2:4D:B4:0F:29:65:39 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 724AF7CE65C4E9017A3FFCE75D79DE6049255227 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa Signing time: Tue 02 Dec 2025 01:40:06 +0000 ROA not before: Tue 02 Dec 2025 01:40:06 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:4a:f7:ce:65:c4:e9:01:7a:3f:fc:e7:5d:79:de:60:49:25:52:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:06 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=5c538cf643a123b3126c38eed6c02e11d29f1532de9ee9e206bec81008516bb1, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:3c:8c:c0:dc:7f:95:cd:01:c2:50:b7:07:a7: 3a:29:b5:ef:0a:4b:54:5c:7b:cc:a2:50:39:09:64: e0:db:93:43:eb:3c:32:94:10:2f:2b:db:5a:eb:6c: ec:b4:d7:e9:bf:1d:ea:30:7f:5f:ff:c4:55:5a:77: 25:20:ac:ca:45:22:34:96:ac:b5:b5:a5:14:68:2d: d0:50:b7:f1:66:58:17:eb:3e:4b:85:ea:2d:c1:fb: c0:67:59:35:22:64:e3:92:c0:49:6c:23:f6:ae:25: d5:f1:85:41:d3:3b:55:dd:bc:65:9c:1f:7a:71:e6: 39:2a:79:06:d7:e9:a2:18:77:17:40:6f:05:41:c9: d5:8f:93:40:f3:a4:db:ed:8a:e3:3e:8f:fc:e8:f5: 52:25:c3:bc:54:50:0a:0d:99:f2:29:8a:15:16:22: 77:9a:17:f2:67:b3:d2:75:cf:94:8d:4c:b3:7a:96: b5:08:f1:ba:41:42:5e:45:93:ab:d9:2f:ed:8c:fc: cb:69:c4:51:20:0e:c0:69:54:9b:4d:9c:ee:5c:1e: 3d:fb:a9:32:9d:5f:21:39:0a:fa:ad:a4:d5:2f:75: a6:f4:68:1f:2b:17:70:56:80:d6:95:d1:f0:df:5a: 83:bd:d7:ad:f9:e6:b0:59:1d:12:af:da:f2:5f:e6: 59:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:4F:EC:2E:1B:CD:85:B8:CE:31:D6:FA:B9:F2:4D:B4:0F:29:65:39 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:800::/40 Signature Algorithm: sha256WithRSAEncryption 6d:a5:71:ff:7b:a0:c4:3b:49:9a:c7:e1:cc:69:85:e2:14:99: 14:4f:51:32:5f:f3:a0:3c:8f:e6:39:15:00:cc:5d:47:5d:06: 00:28:6e:58:e6:dd:cd:59:7c:32:1a:51:f7:e7:bf:67:02:99: d9:af:df:f2:b7:cd:27:c3:c8:61:57:e5:d4:d2:b2:7d:f1:47: 2a:25:4f:97:a0:03:3d:4c:29:39:cd:e1:e1:e8:2f:45:7e:08: 58:34:e7:e6:ae:0d:1a:00:38:bf:0a:6d:e7:f6:02:c8:b0:f5: 8a:37:91:43:8a:d2:c7:09:cc:b8:64:ce:b2:55:fc:c2:86:c1: 4c:e8:95:3d:e0:3e:95:2c:5b:ec:29:ce:8f:6f:65:9e:94:e0: 29:dd:66:35:89:c7:fa:10:68:ed:80:09:43:59:fe:c9:5c:3e: 2f:fd:3d:21:8e:0f:77:58:3f:8a:bc:ce:31:bc:89:1f:6d:2b: b9:18:b6:e2:7a:27:b7:06:09:6b:c0:65:91:26:fe:b9:66:e2: 23:5a:24:d1:53:a7:0a:61:65:f4:98:f9:e6:5f:17:8e:93:d8: 66:a9:aa:2d:cf:13:e0:90:e0:47:16:15:ec:3f:82:77:1b:3e: 4a:96:87:fb:b7:d3:f8:0f:9c:7a:71:93:50:e9:b6:e4:92:13: 92:cf:f4:06 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUckr3zmXE6QF6P/znXXneYEklUicwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMDZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDVjNTM4Y2Y2NDNhMTIzYjMxMjZjMzhlZWQ2YzAyZTExZDI5ZjE1MzJkZTll ZTllMjA2YmVjODEwMDg1MTZiYjExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALg8jMDcf5XNAcJQtwenOim17wpLVFx7zKJQOQlk4NuTQ+s8MpQQLyvbWuts 7LTX6b8d6jB/X//EVVp3JSCsykUiNJastbWlFGgt0FC38WZYF+s+S4XqLcH7wGdZ NSJk45LASWwj9q4l1fGFQdM7Vd28ZZwfenHmOSp5Btfpohh3F0BvBUHJ1Y+TQPOk 2+2K4z6P/Oj1UiXDvFRQCg2Z8imKFRYid5oX8mez0nXPlI1Ms3qWtQjxukFCXkWT q9kv7Yz8y2nEUSAOwGlUm02c7lwePfupMp1fITkK+q2k1S91pvRoHysXcFaA1pXR 8N9ag73XrfnmsFkdEq/a8l/mWWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUT+wu G82FuM4x1vq58k20DyllOTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZWU3MGNhM2UtYTdkZC00M2Q4LWJiMzAtMDFjYzJmNDZlMWZjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI MA0GCSqGSIb3DQEBCwUAA4IBAQBtpXH/e6DEO0max+HMaYXiFJkUT1EyX/OgPI/m ORUAzF1HXQYAKG5Y5t3NWXwyGlH3579nApnZr9/yt80nw8hhV+XU0rJ98UcqJU+X oAM9TCk5zeHh6C9FfghYNOfmrg0aADi/Cm3n9gLIsPWKN5FDitLHCcy4ZM6yVfzC hsFM6JU94D6VLFvsKc6Pb2WelOAp3WY1icf6EGjtgAlDWf7JXD4v/T0hjg93WD+K vM4xvIkfbSu5GLbieie3BglrwGWRJv65ZuIjWiTRU6cKYWX0mPnmXxeOk9hmqaot zxPgkOBHFhXsP4J3Gz5Klof7t9P4D5x6cZNQ6bbkkhOSz/QG -----END CERTIFICATE-----Generated at Sun Dec 7 01:07:22 2025 by rpki-client