This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json) Hash identifier: 3P6y264Q2TXh9HVyQtKpSatpypQ7ZQ0fTS/P2oOUYPc= Subject key identifier: 2E:95:C7:C5:2A:94:F7:5C:92:11:B5:4F:2B:F4:37:51:12:96:64:5C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 492B2AD9B99F203DF1A05D19DCBF4900CE5DFA9E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa Signing time: Wed 10 Dec 2025 06:50:33 +0000 ROA not before: Wed 10 Dec 2025 06:50:33 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.212.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:2b:2a:d9:b9:9f:20:3d:f1:a0:5d:19:dc:bf:49:00:ce:5d:fa:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:33 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9b88618e2cca489121acd66e1896c51506f800c6b6dc5d0435d964696a9b1bff, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:1d:fa:c9:69:eb:23:3b:9a:89:6b:fd:18:30: 7c:5c:46:41:eb:aa:b5:a4:ae:5e:15:6f:cb:dc:e0: 20:d8:0e:29:35:6c:2c:38:51:88:d4:df:d3:d9:7c: 82:b5:fc:a7:00:87:85:6a:e2:d9:bd:3f:de:f7:8c: 73:73:8d:95:9a:ac:e2:5d:a3:f1:d6:73:04:58:f0: a4:cd:94:ff:36:6d:96:b0:89:f1:97:2b:d6:64:dc: a8:18:bb:76:19:ea:ab:b7:68:e8:f7:44:ca:ea:49: 13:f7:a1:dc:8c:91:a8:88:72:8b:67:6b:7e:46:af: 8a:13:da:55:da:ce:5f:04:73:00:52:b6:d7:3d:c4: 28:8d:22:12:c7:41:2a:fc:24:27:37:4f:04:4f:06: 6b:7c:6d:80:25:d7:07:e5:e8:99:7a:bb:54:9d:05: be:44:44:da:cc:3e:83:44:be:8b:6c:c9:b5:46:75: f9:5e:41:05:a8:aa:72:6c:e1:39:8a:55:00:51:96: 1a:57:f7:f2:ec:5f:4d:f2:3a:eb:0b:36:d3:91:29: 87:89:41:c8:fd:6e:83:f7:b6:0d:92:09:1c:89:15: cb:db:91:ce:44:d1:63:9f:4c:e5:76:d6:57:f6:4c: b5:1e:2f:71:e3:28:c2:44:43:bd:0e:e5:c2:2f:49: 15:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:95:C7:C5:2A:94:F7:5C:92:11:B5:4F:2B:F4:37:51:12:96:64:5C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.212.0.0/15 Signature Algorithm: sha256WithRSAEncryption 2f:72:54:c0:dc:b2:06:d7:8f:ec:6a:b2:65:9a:b6:aa:03:d7: 21:7c:69:31:ea:4f:11:b7:59:2c:a7:3d:a0:fe:7e:63:ae:22: b1:b4:ad:03:c4:63:1a:9f:cb:37:32:9d:0c:5e:0e:c1:92:7a: ae:fe:33:fc:c0:02:82:25:f1:86:92:4e:f2:cd:ac:a8:2e:8f: 53:f1:94:7b:76:c8:8d:f4:62:53:d2:e8:76:b6:98:e3:5b:b7: 2a:08:86:32:fb:b4:8f:45:75:14:f5:0c:f7:0b:45:08:c5:a0: 04:f8:ae:b0:59:5c:a2:63:32:a8:ff:5b:37:36:6b:72:e5:64: d4:db:95:1c:5e:74:72:5a:87:53:3e:5b:56:21:88:d6:06:1b: d0:e3:09:20:b7:ac:c3:88:3e:18:12:32:e7:f9:cb:e2:89:e9: 27:73:51:03:c2:f1:e6:95:97:96:14:dd:82:29:b4:22:4a:53: c1:bb:a6:ae:b2:7c:5e:2b:0d:f0:5f:60:57:59:f6:59:34:1d: 35:0c:cc:22:39:12:5c:a8:07:8c:16:21:86:ee:b1:59:fe:50: 3d:26:3f:75:8e:80:e6:d6:45:75:fe:cf:45:00:af:0b:12:dd: 93:82:e4:e5:5c:3e:e1:08:46:cc:f2:8e:7a:9e:e3:ac:fa:df: f3:ff:77:24 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSSsq2bmfID3xoF0Z3L9JAM5d+p4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDliODg2MThlMmNjYTQ4OTEyMWFjZDY2ZTE4OTZjNTE1MDZmODAwYzZiNmRj NWQwNDM1ZDk2NDY5NmE5YjFiZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALgd+slp6yM7molr/RgwfFxGQeuqtaSuXhVvy9zgINgOKTVsLDhRiNTf09l8 grX8pwCHhWri2b0/3veMc3ONlZqs4l2j8dZzBFjwpM2U/zZtlrCJ8Zcr1mTcqBi7 dhnqq7do6PdEyupJE/eh3IyRqIhyi2drfkavihPaVdrOXwRzAFK21z3EKI0iEsdB KvwkJzdPBE8Ga3xtgCXXB+XomXq7VJ0FvkRE2sw+g0S+i2zJtUZ1+V5BBaiqcmzh OYpVAFGWGlf38uxfTfI66ws205Eph4lByP1ug/e2DZIJHIkVy9uRzkTRY59M5XbW V/ZMtR4vceMowkRDvQ7lwi9JFU8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQulcfF KpT3XJIRtU8r9DdREpZkXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G CSqGSIb3DQEBCwUAA4IBAQAvclTA3LIG14/sarJlmraqA9chfGkx6k8Rt1kspz2g /n5jriKxtK0DxGMan8s3Mp0MXg7Bknqu/jP8wAKCJfGGkk7yzayoLo9T8ZR7dsiN 9GJT0uh2tpjjW7cqCIYy+7SPRXUU9Qz3C0UIxaAE+K6wWVyiYzKo/1s3Nmty5WTU 25UcXnRyWodTPltWIYjWBhvQ4wkgt6zDiD4YEjLn+cviieknc1EDwvHmlZeWFN2C KbQiSlPBu6ausnxeKw3wX2BXWfZZNB01DMwiORJcqAeMFiGG7rFZ/lA9Jj91joDm 1kV1/s9FAK8LEt2TguTlXD7hCEbM8o56nuOs+t/z/3ck -----END CERTIFICATE-----Generated at Fri Dec 19 23:23:33 2025 by rpki-client