This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json) Hash identifier: jsmMNn/TL5qrllokP5VrQ+IZcmTTSPbmanj+FhzGqRc= Subject key identifier: 48:CF:A4:30:6C:47:05:CA:A1:CF:32:04:40:0C:01:C0:F8:C9:43:3C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 67EE35D20D4244CC0CD8CF122A3866AB19B95591 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa Signing time: Thu 11 Dec 2025 01:00:23 +0000 ROA not before: Thu 11 Dec 2025 01:00:23 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.96.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:ee:35:d2:0d:42:44:cc:0c:d8:cf:12:2a:38:66:ab:19:b9:55:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:23 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=4748665694f1e95e5d504b0f56f1592fb00df9bf258984d053f866e95cafd343, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:c5:0d:be:8b:10:2f:76:27:17:8f:8f:3d:6a: bc:d1:ac:bd:72:f4:20:20:60:d2:ac:fd:eb:1e:51: e7:3f:71:4d:f4:a7:7f:57:10:06:ca:6e:79:bb:ae: 07:29:97:31:36:36:f7:d0:59:9c:7a:cf:38:65:a5: 8b:33:c4:28:b8:3b:2f:ee:e5:8d:79:01:4d:a0:23: 41:5a:57:bb:fe:12:4d:f5:16:f6:22:b9:4e:84:26: 2f:7d:3b:1b:98:56:8c:02:40:a2:2c:3c:15:d7:c9: 4f:6a:ed:c7:ae:b0:18:dd:40:f2:cf:62:8a:c9:95: b2:4f:f5:de:1a:01:0d:0b:a2:7f:8a:ec:f0:b5:41: fa:98:5a:ad:27:d9:3d:0b:3d:16:3b:7b:a3:39:5d: 67:70:d8:6e:7c:95:0f:93:ba:b7:49:b9:1a:2d:3a: 28:20:5d:a3:43:69:eb:d5:af:8a:79:be:22:82:ce: a6:89:b3:74:72:24:dd:f9:9c:c6:ac:d7:eb:8a:82: 85:d3:1c:cd:f8:23:3d:f7:4b:6a:d9:59:04:2f:f7: 86:1c:14:ec:98:94:6e:5b:de:90:35:9f:30:0d:93: 2c:0c:8c:73:68:64:6c:43:af:fa:6c:db:95:e0:00: c4:4a:21:a4:51:4b:75:80:87:69:c9:e8:35:58:25: 57:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:CF:A4:30:6C:47:05:CA:A1:CF:32:04:40:0C:01:C0:F8:C9:43:3C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.96.0/21 Signature Algorithm: sha256WithRSAEncryption 01:92:2f:06:27:bd:06:a4:7c:70:28:46:3f:67:b1:71:35:74: b6:53:dd:19:ab:fc:36:71:16:3a:e9:a0:8d:35:86:b5:d5:a5: 3d:3c:07:e3:a2:f7:19:79:08:8c:e7:38:cf:3f:7a:86:67:e3: 54:9b:b9:db:f7:f5:ca:36:eb:5b:d4:56:16:13:32:73:de:49: 3a:97:82:75:bf:9e:e4:7a:f0:45:6a:cb:24:8f:d3:4b:86:c7: 0b:f4:27:0e:b4:a9:a0:b2:77:9a:41:3f:e3:67:5b:21:2e:39: 21:6b:72:44:93:01:6a:1b:9a:a3:8f:38:0d:b6:2d:4a:c6:b7: 06:a5:20:79:63:ef:dc:f1:72:b1:b1:1b:97:cf:5c:2c:46:95: 4a:23:e9:05:d3:f0:11:29:6a:fa:d5:65:45:5d:3a:1e:85:2a: e6:58:b8:f3:54:16:d3:8c:ba:89:66:fd:86:3d:b2:c9:c6:63: 04:37:ab:14:11:f2:14:dc:7e:25:65:27:ba:1d:37:5c:10:d6: 67:e1:e7:11:e9:0c:b7:b3:b5:27:18:05:96:ee:53:52:f8:a9: f8:cf:ed:85:28:60:63:95:2b:9a:1b:34:63:da:d9:e6:a7:e5: 99:5a:8d:a8:cc:60:f4:3a:cd:b6:5e:1b:4c:5a:86:a7:72:ba: b6:ca:cb:c7 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUZ+410g1CRMwM2M8SKjhmqxm5VZEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjNaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDQ3NDg2NjU2OTRmMWU5NWU1ZDUwNGIwZjU2ZjE1OTJmYjAwZGY5YmYyNTg5 ODRkMDUzZjg2NmU5NWNhZmQzNDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOfFDb6LEC92JxePjz1qvNGsvXL0ICBg0qz96x5R5z9xTfSnf1cQBspuebuu BymXMTY299BZnHrPOGWlizPEKLg7L+7ljXkBTaAjQVpXu/4STfUW9iK5ToQmL307 G5hWjAJAoiw8FdfJT2rtx66wGN1A8s9iismVsk/13hoBDQuif4rs8LVB+pharSfZ PQs9Fjt7ozldZ3DYbnyVD5O6t0m5Gi06KCBdo0Np69Wvinm+IoLOpomzdHIk3fmc xqzX64qChdMczfgjPfdLatlZBC/3hhwU7JiUblvekDWfMA2TLAyMc2hkbEOv+mzb leAAxEohpFFLdYCHacnoNVglV+kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRIz6Qw bEcFyqHPMgRADAHA+MlDPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN BgkqhkiG9w0BAQsFAAOCAQEAAZIvBie9BqR8cChGP2excTV0tlPdGav8NnEWOumg jTWGtdWlPTwH46L3GXkIjOc4zz96hmfjVJu52/f1yjbrW9RWFhMyc95JOpeCdb+e 5HrwRWrLJI/TS4bHC/QnDrSpoLJ3mkE/42dbIS45IWtyRJMBahuao484DbYtSsa3 BqUgeWPv3PFysbEbl89cLEaVSiPpBdPwESlq+tVlRV06HoUq5li481QW04y6iWb9 hj2yycZjBDerFBHyFNx+JWUnuh03XBDWZ+HnEekMt7O1JxgFlu5TUvip+M/thShg Y5Urmhs0Y9rZ5qflmVqNqMxg9DrNtl4bTFqGp3K6tsrLxw== -----END CERTIFICATE-----Generated at Thu Dec 18 11:55:27 2025 by rpki-client