This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json) Hash identifier: ThRw6t9TRpMHyGjZZ291f+qgLmnZcu1i0uSgAs2eZ70= Subject key identifier: A8:96:D1:4D:DF:6F:AC:B8:8D:EA:2C:1D:FC:1C:61:CA:EF:E1:54:4A Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 292095C33B3A3FCD1A0618F8BD2CDB51D6585345 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa Signing time: Wed 10 Dec 2025 06:40:19 +0000 ROA not before: Wed 10 Dec 2025 06:40:19 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.50.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:20:95:c3:3b:3a:3f:cd:1a:06:18:f8:bd:2c:db:51:d6:58:53:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:19 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=12e1bfc1995d73298870fa4c36f997256cf91745ba5c2b70aabaeae310a88365, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3c:fb:13:1c:87:db:df:b7:85:9b:5a:e3:2b: bc:48:0b:2f:0e:55:6a:d4:d1:ee:06:18:3c:ad:29: 7c:f0:fd:c3:21:5d:f6:a8:73:b8:f1:f4:e1:b1:73: 1b:92:45:a8:08:cf:e8:85:31:d5:96:2b:78:3a:bd: fa:ff:77:95:c9:81:ba:df:89:9f:5d:7c:fe:63:30: de:68:07:a8:4d:8e:54:81:69:ac:60:8e:52:d6:06: b9:56:40:f6:90:27:3a:7d:a8:62:86:a4:63:16:77: a1:c9:5a:57:03:20:50:c3:bc:de:00:d0:84:87:9c: ab:42:2d:29:ef:19:d9:6a:9c:b5:25:9b:b0:d6:e4: 4e:e4:9a:d5:2a:27:17:39:30:de:11:fd:f1:cd:22: 58:66:64:cd:63:c7:cc:d9:ec:ad:3b:93:bd:d7:6c: aa:10:01:eb:04:10:bf:c4:c5:55:19:36:a9:e9:29: 27:2f:8e:75:97:65:e3:38:91:82:fa:a6:47:e7:54: 19:48:7a:ef:0e:bd:36:0d:0d:e1:0d:28:d7:19:87: e4:fa:07:1f:7b:f0:58:27:dc:40:37:c4:32:4a:58: 32:f5:58:e7:84:ff:ec:bd:fe:cd:c7:2d:62:bd:0d: 9e:0d:3a:18:4c:02:35:0d:a1:df:92:03:6e:36:0b: cc:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:96:D1:4D:DF:6F:AC:B8:8D:EA:2C:1D:FC:1C:61:CA:EF:E1:54:4A X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.50.0.0/16 Signature Algorithm: sha256WithRSAEncryption 46:24:e7:85:79:2b:2b:42:06:c7:b2:01:09:2f:8f:10:f0:c1: 1b:22:38:59:87:bf:37:39:be:81:3f:44:7a:8f:86:78:b9:a4: d1:fb:fb:dc:7f:55:c5:17:f7:c4:ba:6b:a6:f8:6b:28:f1:e2: e0:28:34:f3:1e:7d:f0:1a:fa:f1:ff:5f:3a:5f:fe:d0:d9:cc: 58:21:9f:0a:0d:1f:35:9f:12:0d:66:39:36:c9:16:4f:17:36: 74:94:cd:69:05:1f:19:0a:e0:54:cc:2a:c0:ce:9f:01:c5:1b: 25:2a:88:7f:12:76:14:c2:c3:70:2c:1f:b2:d7:c3:39:ed:b6: 4d:27:2c:a3:3b:5f:28:e4:bb:56:b4:d1:66:97:da:56:3f:61: 31:85:82:23:d7:91:4b:0c:2c:c2:b2:ef:0a:1d:64:4f:58:77: 2a:59:fd:83:05:ea:fc:e5:fa:5c:3e:c2:5e:22:56:ab:23:42: a6:e7:a6:1e:a5:c9:41:30:52:cb:32:f1:ce:63:ed:ee:a3:82: 72:a5:bb:5b:43:8e:2a:89:53:7f:bd:1f:df:b0:9e:92:1d:1b: 1b:48:c7:2d:fc:ef:04:dd:90:53:56:14:c6:9b:9c:d4:a0:ba: 9e:c9:64:25:65:ae:d9:bb:3d:bd:b6:53:db:a0:8e:54:6a:d2: 3d:bc:25:90 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUKSCVwzs6P80aBhj4vSzbUdZYU0UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDEyZTFiZmMxOTk1ZDczMjk4ODcwZmE0YzM2Zjk5NzI1NmNmOTE3NDViYTVj MmI3MGFhYmFlYWUzMTBhODgzNjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALw8+xMch9vft4WbWuMrvEgLLw5VatTR7gYYPK0pfPD9wyFd9qhzuPH04bFz G5JFqAjP6IUx1ZYreDq9+v93lcmBut+Jn118/mMw3mgHqE2OVIFprGCOUtYGuVZA 9pAnOn2oYoakYxZ3oclaVwMgUMO83gDQhIecq0ItKe8Z2WqctSWbsNbkTuSa1Son Fzkw3hH98c0iWGZkzWPHzNnsrTuTvddsqhAB6wQQv8TFVRk2qekpJy+OdZdl4ziR gvqmR+dUGUh67w69Ng0N4Q0o1xmH5PoHH3vwWCfcQDfEMkpYMvVY54T/7L3+zcct Yr0Nng06GEwCNQ2h35IDbjYLzIsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSoltFN 32+suI3qLB38HGHK7+FUSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G CSqGSIb3DQEBCwUAA4IBAQBGJOeFeSsrQgbHsgEJL48Q8MEbIjhZh783Ob6BP0R6 j4Z4uaTR+/vcf1XFF/fEumum+Gso8eLgKDTzHn3wGvrx/186X/7Q2cxYIZ8KDR81 nxINZjk2yRZPFzZ0lM1pBR8ZCuBUzCrAzp8BxRslKoh/EnYUwsNwLB+y18M57bZN JyyjO18o5LtWtNFml9pWP2ExhYIj15FLDCzCsu8KHWRPWHcqWf2DBer85fpcPsJe IlarI0Km56YepclBMFLLMvHOY+3uo4JypbtbQ44qiVN/vR/fsJ6SHRsbSMct/O8E 3ZBTVhTGm5zUoLqeyWQlZa7Zuz29tlPboI5UatI9vCWQ -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:59 2025 by rpki-client