This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json) Hash identifier: LVTN+y5VJvzQYjYGwSSQVsLjooiJDlbKrslJ6G7AlWs= Subject key identifier: AB:B2:9E:33:25:2D:27:6A:45:D1:88:5C:03:98:37:A5:5B:4D:1C:3F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 274464227C99B5D897E1110150CBEAD7B7014D2A Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa Signing time: Wed 10 Dec 2025 06:40:39 +0000 ROA not before: Wed 10 Dec 2025 06:40:39 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.150.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:44:64:22:7c:99:b5:d8:97:e1:11:01:50:cb:ea:d7:b7:01:4d:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:39 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=47d78a40d5e41d7bbec055b957b3fc60899091f9790b470023f397943bff9eb4, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:41:8d:f0:dc:4b:be:8c:94:84:6c:0e:39:a0: 22:37:07:bc:e7:3a:58:c4:04:14:b0:c4:19:5c:cf: 30:e5:bd:d1:5e:a3:08:29:2a:26:ba:3c:47:c5:5f: 3e:49:d8:a8:fc:b8:5d:c3:e3:3f:14:3c:ca:97:9a: 5d:43:49:48:b6:d0:86:f7:4f:3b:d3:a5:cf:6e:3b: 9c:0b:66:6f:67:49:52:21:51:2b:fb:e4:85:9d:ed: ae:e6:a2:dd:30:14:12:4c:03:58:ed:87:89:37:a6: 59:18:d1:34:f5:8a:78:b2:a1:11:e8:bf:f3:d0:9c: 63:0b:28:f8:1f:03:8f:bc:aa:ab:01:26:e3:6b:73: 5b:a2:69:3c:4a:d4:df:c0:65:11:99:81:24:1d:bd: 62:de:bd:ae:a4:eb:9e:ed:58:8d:05:d6:41:d9:0e: 81:b1:6c:14:db:6d:8f:05:d7:6e:54:87:80:4e:d8: ad:ce:f7:be:02:07:4b:ca:55:26:c5:25:1b:80:78: 0c:f9:47:68:65:ba:f9:5a:bb:4a:c8:de:9d:b8:25: 64:6a:66:d3:53:fe:35:35:a0:32:a2:ca:b2:3a:31: 7a:2b:51:57:e0:f0:8e:2b:68:56:80:aa:2f:0f:74: 33:fe:9c:2b:04:06:bf:a1:f4:e5:24:17:d8:29:51: a5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B2:9E:33:25:2D:27:6A:45:D1:88:5C:03:98:37:A5:5B:4D:1C:3F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.150.0.0/16 Signature Algorithm: sha256WithRSAEncryption 4b:9b:4a:ff:95:9b:c5:99:e2:58:64:76:e4:27:30:26:67:2b: 95:20:8b:21:42:19:07:be:ec:b7:ad:c4:4e:f1:47:ed:bd:f0: d0:14:20:d0:f8:59:12:aa:1e:30:cc:4f:2e:10:ca:c8:df:2c: 23:24:07:13:bb:f6:88:6c:f9:ee:bf:b6:13:99:9b:11:ef:a4: e3:6a:bc:97:4b:4b:4f:a5:03:95:d5:c3:bc:dc:d6:75:ea:00: 85:c4:8c:d9:48:cc:c0:e5:74:df:b5:7f:bc:9f:14:b4:a9:9b: 29:47:5b:24:11:f9:72:49:f6:62:f7:46:e2:39:a5:14:ec:9b: 1d:47:e2:85:84:e0:c5:16:4e:27:c8:49:0d:c6:3b:49:52:da: d7:3f:6c:13:fe:e5:a5:e4:f9:1d:1d:3d:ea:13:e7:2b:5e:28: 5e:00:62:d0:e9:ea:68:55:4b:3e:3e:3e:43:7c:f1:13:3f:b4: c0:b7:aa:1a:eb:37:21:1e:d5:3c:7a:90:9a:16:51:b0:c9:e6: 32:4b:00:04:0c:bb:7d:7f:b2:52:3b:ea:f3:5e:9f:63:81:18: 24:1a:91:93:19:7e:a5:e3:90:d4:df:5e:e0:9d:a6:07:72:0c: a0:12:c9:80:08:d2:e8:47:86:09:82:64:44:52:61:37:8d:1c: 2d:2f:cd:64 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUJ0RkInyZtdiX4REBUMvq17cBTSowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ3ZDc4YTQwZDVlNDFkN2JiZWMwNTViOTU3YjNmYzYwODk5MDkxZjk3OTBi NDcwMDIzZjM5Nzk0M2JmZjllYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9BjfDcS76MlIRsDjmgIjcHvOc6WMQEFLDEGVzPMOW90V6jCCkqJro8R8Vf PknYqPy4XcPjPxQ8ypeaXUNJSLbQhvdPO9Olz247nAtmb2dJUiFRK/vkhZ3truai 3TAUEkwDWO2HiTemWRjRNPWKeLKhEei/89CcYwso+B8Dj7yqqwEm42tzW6JpPErU 38BlEZmBJB29Yt69rqTrnu1YjQXWQdkOgbFsFNttjwXXblSHgE7Yrc73vgIHS8pV JsUlG4B4DPlHaGW6+Vq7SsjenbglZGpm01P+NTWgMqLKsjoxeitRV+DwjitoVoCq Lw90M/6cKwQGv6H05SQX2ClRpdUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSrsp4z JS0nakXRiFwDmDelW00cPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G CSqGSIb3DQEBCwUAA4IBAQBLm0r/lZvFmeJYZHbkJzAmZyuVIIshQhkHvuy3rcRO 8UftvfDQFCDQ+FkSqh4wzE8uEMrI3ywjJAcTu/aIbPnuv7YTmZsR76TjaryXS0tP pQOV1cO83NZ16gCFxIzZSMzA5XTftX+8nxS0qZspR1skEflySfZi90biOaUU7Jsd R+KFhODFFk4nyEkNxjtJUtrXP2wT/uWl5PkdHT3qE+crXiheAGLQ6epoVUs+Pj5D fPETP7TAt6oa6zchHtU8epCaFlGwyeYySwAEDLt9f7JSO+rzXp9jgRgkGpGTGX6l 45DU317gnaYHcgygEsmACNLoR4YJgmREUmE3jRwtL81k -----END CERTIFICATE-----Generated at Fri Dec 19 23:23:33 2025 by rpki-client