This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json) Hash identifier: O9DFoIBHbeWsVGDrrSuwKoOtGZebyHCQ7UlJ3oris4k= Subject key identifier: 5B:CC:8F:6A:2E:BC:C0:00:FE:64:1C:D6:42:FE:2B:6D:36:58:1B:C4 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2D8BE6FC0073D2CE621236F3183D14A303B65196 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa Signing time: Thu 11 Dec 2025 01:00:22 +0000 ROA not before: Thu 11 Dec 2025 01:00:22 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.17.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:8b:e6:fc:00:73:d2:ce:62:12:36:f3:18:3d:14:a3:03:b6:51:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:22 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=8557192efb6f04c5f4860905b35d601d151c6dfa49e0e30e2309f36f075f5938, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:cf:ae:23:63:d1:66:29:83:c8:ef:10:0c:9a: ae:31:3f:63:93:31:69:01:04:f9:c8:a4:46:17:2d: 4f:e1:d3:7e:fb:fe:2a:a9:f8:98:14:97:5f:a7:4d: 0e:b1:ea:76:47:a0:4e:04:26:32:9b:53:44:b1:4f: de:88:c1:ca:85:ff:d7:de:56:1c:70:bd:bf:61:88: 41:09:11:60:34:f4:ca:98:b3:24:54:e5:ca:a2:21: 1a:63:72:78:2a:e6:6f:00:80:cd:34:a3:92:c5:3e: 47:3d:e8:f0:68:ab:01:1f:6e:75:e4:ee:ca:b0:4e: 1a:08:f8:ab:31:c4:6d:ff:e5:aa:0c:5d:01:41:be: 58:fa:81:3c:e4:85:98:a1:86:76:c5:68:ff:93:11: 62:7b:a4:ec:2b:b6:44:b4:22:13:d4:3f:79:fd:b3: 48:1b:cc:d6:f6:ee:3c:bb:57:34:39:b5:4c:85:ef: 3d:23:f5:a2:cb:8a:28:47:16:b5:bb:66:cf:ba:1a: 50:36:41:2f:b8:aa:44:11:2e:d4:32:f0:ca:86:9a: bf:e8:0a:09:f1:02:ea:46:30:a1:cc:08:a4:38:70: d8:d3:43:f9:ec:f4:f5:db:fe:d8:57:2a:1d:6e:c4: 33:ba:f0:01:f8:c7:6e:4b:a7:a2:b2:1c:65:b0:0b: fa:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:CC:8F:6A:2E:BC:C0:00:FE:64:1C:D6:42:FE:2B:6D:36:58:1B:C4 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.17.0.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:21:76:0e:b5:40:46:bd:4e:3f:7a:64:27:fa:ce:24:97:51: 93:d2:b8:1c:a4:58:9c:bb:a9:13:6d:6f:22:8f:b0:50:3f:71: e0:0b:d9:52:4e:47:2e:2f:76:bc:5f:e9:94:72:74:e7:a8:06: 20:90:24:c5:6b:68:b7:0e:3d:25:8d:53:a1:4e:7a:7d:b9:16: c8:e2:10:45:64:4f:90:2c:77:64:23:c3:19:0a:f7:97:26:e3: e5:23:c3:59:81:e5:03:2b:48:a2:9d:54:93:46:7f:d2:10:78: 16:df:b9:2c:65:fa:d6:8a:10:ce:7f:bb:46:e0:92:02:f6:cd: 06:05:18:99:3d:e2:4a:d3:94:31:37:9a:2e:09:ba:18:cd:e8: 84:ef:06:fa:1e:66:c4:28:b4:3f:62:d3:df:88:79:78:60:37: 9f:82:14:b9:5b:bf:97:d6:5f:13:a8:12:2d:43:a3:ae:47:99: ad:ea:48:36:c5:3c:23:55:8c:53:5a:14:93:24:5b:ee:ba:f4: 6b:ee:ac:0c:cd:c5:3b:29:94:c3:e2:62:56:70:04:eb:97:e5: 70:3e:a6:5c:ae:6b:b2:49:2f:0d:2d:04:11:28:26:d6:91:2a: 50:6f:22:f1:ba:e6:56:4f:3b:fb:fa:e2:f5:12:53:36:1d:9c: 5a:62:d6:11 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIULYvm/ABz0s5iEjbzGD0UowO2UZYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjJaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDg1NTcxOTJlZmI2ZjA0YzVmNDg2MDkwNWIzNWQ2MDFkMTUxYzZkZmE0OWUw ZTMwZTIzMDlmMzZmMDc1ZjU5MzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/PriNj0WYpg8jvEAyarjE/Y5MxaQEE+cikRhctT+HTfvv+Kqn4mBSXX6dN DrHqdkegTgQmMptTRLFP3ojByoX/195WHHC9v2GIQQkRYDT0ypizJFTlyqIhGmNy eCrmbwCAzTSjksU+Rz3o8GirAR9udeTuyrBOGgj4qzHEbf/lqgxdAUG+WPqBPOSF mKGGdsVo/5MRYnuk7Cu2RLQiE9Q/ef2zSBvM1vbuPLtXNDm1TIXvPSP1osuKKEcW tbtmz7oaUDZBL7iqRBEu1DLwyoaav+gKCfEC6kYwocwIpDhw2NND+ez09dv+2Fcq HW7EM7rwAfjHbkunorIcZbAL+uUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRbzI9q LrzAAP5kHNZC/ittNlgbxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN BgkqhkiG9w0BAQsFAAOCAQEAXSF2DrVARr1OP3pkJ/rOJJdRk9K4HKRYnLupE21v Io+wUD9x4AvZUk5HLi92vF/plHJ056gGIJAkxWtotw49JY1ToU56fbkWyOIQRWRP kCx3ZCPDGQr3lybj5SPDWYHlAytIop1Uk0Z/0hB4Ft+5LGX61ooQzn+7RuCSAvbN BgUYmT3iStOUMTeaLgm6GM3ohO8G+h5mxCi0P2LT34h5eGA3n4IUuVu/l9ZfE6gS LUOjrkeZrepINsU8I1WMU1oUkyRb7rr0a+6sDM3FOymUw+JiVnAE65flcD6mXK5r skkvDS0EESgm1pEqUG8i8brmVk87+/ri9RJTNh2cWmLWEQ== -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:23 2025 by rpki-client