This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json) Hash identifier: 1Hcz/GMLOCBaeJGsP5KyrpskKL8fArKSirqHlEOIyZg= Subject key identifier: F9:50:85:2F:22:76:66:E8:CA:C9:2E:AC:05:BC:7B:E6:7B:CA:D7:A7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1242DB7174BB4F467ECE713CD0683B42BAEAF3D6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa Signing time: Wed 10 Dec 2025 06:40:39 +0000 ROA not before: Wed 10 Dec 2025 06:40:39 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.34.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:42:db:71:74:bb:4f:46:7e:ce:71:3c:d0:68:3b:42:ba:ea:f3:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:39 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2d44e6a04d2b83626949f373fef7a70af863c3651476de4896c2f28c6e939670, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:86:2b:d3:37:9b:ae:20:9e:ce:fa:5f:b8:94: 50:47:24:2e:6d:51:b9:c5:10:45:e1:90:2d:77:64: e0:e3:8a:73:ad:fd:e2:94:47:4c:6a:2a:8f:6f:1e: 41:7e:c9:bc:35:b0:e3:12:f3:11:a9:0b:6e:5a:4c: c4:ae:48:f5:90:72:79:e9:65:fa:f9:57:f6:84:ff: 45:b7:5b:61:93:62:2e:4d:92:34:e5:96:ed:16:bc: 3d:8c:1a:25:a3:b1:27:92:3c:0c:1c:00:32:8b:2f: 41:05:65:f2:91:f2:d8:7d:b1:42:d4:39:f6:5f:66: 83:a0:c9:80:50:b9:71:95:e5:2f:63:f1:aa:ba:b1: 9d:af:b7:b6:ae:62:e0:7b:70:ab:0d:6a:8a:6e:71: 08:c6:1d:16:49:58:d7:6c:d8:aa:5f:1d:91:3a:44: 04:8e:f2:2e:bb:47:37:aa:88:ff:77:de:6e:3a:20: 15:33:1b:35:1f:f5:3c:f6:c8:b8:b2:d0:46:7b:cf: 54:21:e4:17:b2:7e:1c:74:05:54:d0:15:15:7c:48: 46:24:48:33:b7:80:c7:d4:cd:8d:2d:4c:f2:dc:0c: e5:db:36:d4:68:66:a5:4f:5e:b6:ca:4e:58:55:70: d3:61:b9:06:ac:c5:00:99:31:9a:62:5e:d2:9a:55: 7f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:50:85:2F:22:76:66:E8:CA:C9:2E:AC:05:BC:7B:E6:7B:CA:D7:A7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.34.0.0/16 Signature Algorithm: sha256WithRSAEncryption 90:92:82:89:32:b9:61:de:0a:0c:3a:8c:6e:ef:87:18:c2:22: d6:3e:b8:cb:b6:7d:74:32:c2:75:1a:f3:af:ce:a6:75:ca:5e: 5a:49:bb:05:4b:41:ef:79:3d:96:31:9e:f1:bb:e5:ed:b8:69: c5:46:df:c3:98:9b:25:c2:5c:9f:11:96:4a:dd:7c:95:8a:64: f4:83:99:8b:26:c7:c5:0e:11:78:75:d3:98:06:77:f5:af:05: 7e:59:0a:92:68:73:5d:89:66:44:78:62:16:26:01:f0:6a:10: 04:74:0f:f9:de:6f:e7:04:85:2d:5e:4f:c7:95:c2:8c:af:e5: 15:b7:18:37:15:68:ae:98:ab:8d:6c:4c:64:83:90:81:26:41: b0:5a:51:a4:26:8e:21:7e:2f:55:3f:9e:f0:be:ff:78:41:94: 54:3a:42:cc:8e:13:85:c9:6c:f7:5a:e7:c7:b7:14:75:46:93: e5:21:56:6d:44:f9:1d:88:fa:b5:ad:d1:b1:a8:04:6e:71:08: a2:8b:81:27:08:94:34:49:aa:c9:ed:61:d4:33:87:cc:6c:1b: 07:be:b9:08:6e:16:c4:d2:7f:09:75:a0:e5:46:00:f5:d9:94: 5d:f6:14:a2:20:60:6e:8d:1c:bf:b3:9e:6a:43:a1:0d:bd:12: 60:26:17:7c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUEkLbcXS7T0Z+znE80Gg7Qrrq89YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJkNDRlNmEwNGQyYjgzNjI2OTQ5ZjM3M2ZlZjdhNzBhZjg2M2MzNjUxNDc2 ZGU0ODk2YzJmMjhjNmU5Mzk2NzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWGK9M3m64gns76X7iUUEckLm1RucUQReGQLXdk4OOKc6394pRHTGoqj28e QX7JvDWw4xLzEakLblpMxK5I9ZByeell+vlX9oT/RbdbYZNiLk2SNOWW7Ra8PYwa JaOxJ5I8DBwAMosvQQVl8pHy2H2xQtQ59l9mg6DJgFC5cZXlL2Pxqrqxna+3tq5i 4Htwqw1qim5xCMYdFklY12zYql8dkTpEBI7yLrtHN6qI/3febjogFTMbNR/1PPbI uLLQRnvPVCHkF7J+HHQFVNAVFXxIRiRIM7eAx9TNjS1M8twM5ds21GhmpU9etspO WFVw02G5BqzFAJkxmmJe0ppVf+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT5UIUv InZm6MrJLqwFvHvme8rXpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G CSqGSIb3DQEBCwUAA4IBAQCQkoKJMrlh3goMOoxu74cYwiLWPrjLtn10MsJ1GvOv zqZ1yl5aSbsFS0HveT2WMZ7xu+XtuGnFRt/DmJslwlyfEZZK3XyVimT0g5mLJsfF DhF4ddOYBnf1rwV+WQqSaHNdiWZEeGIWJgHwahAEdA/53m/nBIUtXk/HlcKMr+UV txg3FWiumKuNbExkg5CBJkGwWlGkJo4hfi9VP57wvv94QZRUOkLMjhOFyWz3WufH txR1RpPlIVZtRPkdiPq1rdGxqARucQiii4EnCJQ0SarJ7WHUM4fMbBsHvrkIbhbE 0n8JdaDlRgD12ZRd9hSiIGBujRy/s55qQ6ENvRJgJhd8 -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:22 2025 by rpki-client