This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json) Hash identifier: hL1OqARI0NISkFPjzVETWGHXiAcxXAlHXe2ccno28qY= Subject key identifier: 9F:AE:3E:C8:CF:A5:10:88:F7:5A:7B:88:60:9D:FB:1B:6F:80:3F:4C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5FCBFE2D3F73FC67163F2D293176B945355E3E69 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa Signing time: Wed 10 Dec 2025 06:50:49 +0000 ROA not before: Wed 10 Dec 2025 06:50:49 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 194.198.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:cb:fe:2d:3f:73:fc:67:16:3f:2d:29:31:76:b9:45:35:5e:3e:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:49 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e8055663530065bd37afb94b9f98e058ce24b1209dc0fc3ded4558860c1d1951, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:83:26:f1:24:0e:17:32:a8:18:51:1f:a7:ad: 47:f5:75:a3:f8:87:60:3d:07:8e:f0:ce:6e:04:cc: 62:1e:a8:a1:0d:5b:0e:a2:ee:2f:ce:5e:11:9d:de: 3d:a9:e2:ad:59:36:67:e3:79:66:cc:29:49:b1:9d: 73:80:50:2b:96:b9:86:9b:f4:ab:54:f4:1b:79:d1: 2e:fb:2b:a3:20:e3:ec:17:2b:87:76:c3:3d:71:f1: 49:f4:e5:76:35:69:1a:a4:a2:d1:42:e8:52:3d:32: 78:fd:b0:6e:58:21:06:1f:b5:a8:20:92:80:c7:53: bf:c1:be:cd:a3:82:e2:e9:7f:4d:7e:c6:c0:dc:bf: 8b:65:3b:60:d3:dd:16:32:64:fb:07:11:a8:5f:4f: 3b:bc:8b:69:61:8a:b0:d4:96:13:b9:7f:39:b1:de: 67:ed:f1:39:20:8e:1e:68:42:ef:c8:5f:45:1f:9c: eb:ed:c5:4a:de:6b:2f:07:a7:40:74:39:28:fe:c1: 8f:e8:9e:2c:78:5d:dc:cc:73:2c:68:60:a0:f8:9d: de:82:a9:b8:ee:31:08:9e:1f:87:83:01:1d:50:65: d4:a9:6b:e7:5d:f5:37:56:9c:1c:f4:60:55:3c:84: 15:2c:d7:7c:0f:aa:9e:c9:ed:4b:35:24:3c:9f:30: 10:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:AE:3E:C8:CF:A5:10:88:F7:5A:7B:88:60:9D:FB:1B:6F:80:3F:4C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.198.0.0/16 Signature Algorithm: sha256WithRSAEncryption 7d:f4:0e:c8:ef:f7:92:0f:87:4d:8a:01:43:99:1d:a6:2a:8c: bc:ef:6d:56:d1:50:e2:05:96:f7:ad:1b:5d:86:f4:31:e6:98: 49:14:61:2d:63:51:f2:e9:54:3c:95:5d:b5:80:50:f7:56:c9: d3:e3:92:e6:2d:12:d4:90:a2:b5:25:29:4f:48:26:5b:e6:e4: e7:1f:78:ac:a7:13:50:b5:c7:c7:5c:28:6d:49:31:2b:34:6f: 37:1f:c7:a1:b7:b3:c8:55:c5:8f:17:3b:80:e5:01:55:9f:fa: f6:83:91:68:2a:8b:11:4e:a4:dd:95:1b:4d:ec:b9:0a:25:af: 6d:4e:d0:25:54:96:4f:26:75:55:1c:a1:60:f8:18:82:51:dc: 89:76:52:d9:fe:39:f6:d4:74:5f:8a:8e:42:d2:35:8d:e2:56: 0a:1b:f5:7c:7a:25:01:93:f0:b3:cd:f0:47:08:89:8f:31:e8: aa:02:4f:ac:8d:b4:d9:3a:27:ee:cd:bc:02:b3:79:c5:d5:75: 96:a9:95:3b:0b:ee:b9:2a:9d:34:f5:19:4e:96:ec:4c:a0:80: e7:e3:37:1f:07:c1:49:8f:96:0e:86:6e:8d:68:ba:a0:95:4d: 8d:08:de:ad:cb:2f:88:89:69:41:b9:e5:82:7d:65:9c:79:e6: ba:b7:6e:4b -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUX8v+LT9z/GcWPy0pMXa5RTVePmkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU4MDU1NjYzNTMwMDY1YmQzN2FmYjk0YjlmOThlMDU4Y2UyNGIxMjA5ZGMw ZmMzZGVkNDU1ODg2MGMxZDE5NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANiDJvEkDhcyqBhRH6etR/V1o/iHYD0HjvDObgTMYh6ooQ1bDqLuL85eEZ3e PanirVk2Z+N5ZswpSbGdc4BQK5a5hpv0q1T0G3nRLvsroyDj7Bcrh3bDPXHxSfTl djVpGqSi0ULoUj0yeP2wblghBh+1qCCSgMdTv8G+zaOC4ul/TX7GwNy/i2U7YNPd FjJk+wcRqF9PO7yLaWGKsNSWE7l/ObHeZ+3xOSCOHmhC78hfRR+c6+3FSt5rLwen QHQ5KP7Bj+ieLHhd3MxzLGhgoPid3oKpuO4xCJ4fh4MBHVBl1Klr5131N1acHPRg VTyEFSzXfA+qnsntSzUkPJ8wEG8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSfrj7I z6UQiPdae4hgnfsbb4A/TDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G CSqGSIb3DQEBCwUAA4IBAQB99A7I7/eSD4dNigFDmR2mKoy8721W0VDiBZb3rRtd hvQx5phJFGEtY1Hy6VQ8lV21gFD3VsnT45LmLRLUkKK1JSlPSCZb5uTnH3ispxNQ tcfHXChtSTErNG83H8eht7PIVcWPFzuA5QFVn/r2g5FoKosRTqTdlRtN7LkKJa9t TtAlVJZPJnVVHKFg+BiCUdyJdlLZ/jn21HRfio5C0jWN4lYKG/V8eiUBk/CzzfBH CImPMeiqAk+sjbTZOifuzbwCs3nF1XWWqZU7C+65Kp009RlOluxMoIDn4zcfB8FJ j5YOhm6NaLqglU2NCN6tyy+IiWlBueWCfWWceea6t25L -----END CERTIFICATE-----Generated at Wed Dec 17 13:27:25 2025 by rpki-client