This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ef2e1fb6-d368-45de-866d-0e09f49b5eef.roa File: ef2e1fb6-d368-45de-866d-0e09f49b5eef.roa (raw, json) Hash identifier: X8bsHhQ02AIH0d+6J5sK6RC0q/HE+N9lKDnK5TIe+94= Subject key identifier: 9D:FE:A8:4C:5A:A0:BA:E8:F4:FA:BE:29:6F:B9:8A:16:7F:68:7C:C5 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 678406975F6B14F3593C2B2E23807CEDB6D39592 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ef2e1fb6-d368-45de-866d-0e09f49b5eef.roa Signing time: Tue 02 Dec 2025 01:40:26 +0000 ROA not before: Tue 02 Dec 2025 01:40:26 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc0::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:84:06:97:5f:6b:14:f3:59:3c:2b:2e:23:80:7c:ed:b6:d3:95:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:26 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=003854dd268ed4cbb1277bf7d25441a5fa0b049bdf31b485d0ddcf4312378e5c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:c1:ec:db:e3:74:57:be:7a:33:57:a1:52:7a: af:12:8e:ea:61:51:ef:79:2b:84:6e:e2:9b:7d:e6: de:1a:ee:fd:1a:60:d1:b7:1a:fc:dc:37:7f:a6:93: 0b:3b:e5:14:3e:9a:12:b1:74:44:b2:e4:ca:6e:f7: fe:84:f6:34:d9:c9:dc:b7:4c:24:f6:ed:40:ac:ca: cc:83:de:50:9e:d7:96:9d:fd:4c:bb:39:17:6a:0d: 1a:00:90:a1:d0:28:15:1f:4d:2c:75:ac:40:73:43: fa:0e:2a:aa:33:c2:ab:b8:4b:fa:d8:d4:0d:63:c6: eb:02:24:8c:75:ac:12:6d:70:21:4f:4e:2c:db:e9: 61:24:1e:be:da:59:d4:4b:b0:65:7e:81:14:51:a3: 70:6d:35:d9:41:6b:1d:ba:25:74:0e:51:ad:f7:f3: 24:11:41:c1:0a:2c:19:b9:64:84:1d:29:7f:23:a2: 5f:1a:83:14:81:41:1a:70:37:94:86:f9:c5:3f:a2: a2:4f:10:c1:26:fe:99:e9:e4:31:db:e0:a1:31:a1: c7:b8:17:32:a3:1c:9b:8c:61:98:9d:e7:2b:a5:ac: d8:7a:54:25:f8:b9:6d:c1:c0:13:3f:df:5b:ca:33: 04:bf:7b:26:06:db:58:0f:54:22:3c:e9:ed:1b:f2: 3f:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:FE:A8:4C:5A:A0:BA:E8:F4:FA:BE:29:6F:B9:8A:16:7F:68:7C:C5 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ef2e1fb6-d368-45de-866d-0e09f49b5eef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc0::/36 Signature Algorithm: sha256WithRSAEncryption 62:c1:5d:9b:25:df:23:3a:71:f9:5c:b0:32:c8:55:2d:77:38: 89:4b:a2:43:b6:d8:69:35:f1:09:1c:c1:d8:e9:ae:7d:91:21: 86:bc:ea:9c:a2:c7:fc:b8:1f:7a:cb:97:44:8e:78:9d:c9:df: 0d:a0:d8:4f:f5:82:a7:e0:18:dc:14:96:61:7f:7c:83:fc:3b: ef:4e:70:d4:d5:8b:0e:47:72:1c:e4:e5:3b:49:6e:2a:81:5c: 9b:48:2a:c6:84:49:fe:31:1c:c9:76:a9:2e:36:93:08:a1:e1: 30:f7:0d:b0:dc:f6:32:61:b9:3e:28:59:d0:89:94:ef:0b:85: 6f:f2:57:3c:a9:95:ee:93:72:a9:26:f8:e1:b6:a8:c3:d4:75: b8:6a:86:78:68:de:f6:42:d0:ff:78:e7:03:4c:14:16:94:90: 03:2a:58:b6:fe:d0:c4:3b:e2:a0:b7:a9:c1:33:e2:19:7d:98: bd:96:a5:c2:1c:9f:99:c9:56:ca:f8:a4:9d:e4:ce:6f:39:1b: 89:80:bc:ef:71:2e:8a:e5:47:ca:11:f6:bd:4f:16:a5:75:ca: 55:10:7f:87:9d:05:0f:7d:cb:c2:dc:28:e9:51:41:5f:5d:f2: 39:86:f9:b8:52:5c:5c:d4:e0:ad:29:b3:93:dc:d1:8d:cf:3d: f9:88:43:e3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZ4QGl19rFPNZPCsuI4B87bbTlZIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDAwMzg1NGRkMjY4ZWQ0Y2JiMTI3N2JmN2QyNTQ0MWE1ZmEwYjA0OWJkZjMx YjQ4NWQwZGRjZjQzMTIzNzhlNWMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIXB7NvjdFe+ejNXoVJ6rxKO6mFR73krhG7im33m3hru/Rpg0bca/Nw3f6aT CzvlFD6aErF0RLLkym73/oT2NNnJ3LdMJPbtQKzKzIPeUJ7Xlp39TLs5F2oNGgCQ odAoFR9NLHWsQHND+g4qqjPCq7hL+tjUDWPG6wIkjHWsEm1wIU9OLNvpYSQevtpZ 1EuwZX6BFFGjcG012UFrHboldA5RrffzJBFBwQosGblkhB0pfyOiXxqDFIFBGnA3 lIb5xT+iok8QwSb+menkMdvgoTGhx7gXMqMcm4xhmJ3nK6Ws2HpUJfi5bcHAEz/f W8ozBL97JgbbWA9UIjzp7RvyPxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSd/qhM WqC66PT6vilvuYoWf2h8xTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZWYyZTFmYjYtZDM2OC00NWRlLTg2NmQtMGUwOWY0OWI1ZWVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8AA MA0GCSqGSIb3DQEBCwUAA4IBAQBiwV2bJd8jOnH5XLAyyFUtdziJS6JDtthpNfEJ HMHY6a59kSGGvOqcosf8uB96y5dEjnidyd8NoNhP9YKn4BjcFJZhf3yD/DvvTnDU 1YsOR3Ic5OU7SW4qgVybSCrGhEn+MRzJdqkuNpMIoeEw9w2w3PYyYbk+KFnQiZTv C4Vv8lc8qZXuk3KpJvjhtqjD1HW4aoZ4aN72QtD/eOcDTBQWlJADKli2/tDEO+Kg t6nBM+IZfZi9lqXCHJ+ZyVbK+KSd5M5vORuJgLzvcS6K5UfKEfa9TxaldcpVEH+H nQUPfcvC3CjpUUFfXfI5hvm4Ulxc1OCtKbOT3NGNzz35iEPj -----END CERTIFICATE-----Generated at Sun Dec 7 01:06:47 2025 by rpki-client