This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json) Hash identifier: 80TvkZNISYXwwz2erxnL7Fk5Mmk9PK4ykozEYukMZcs= Subject key identifier: 74:03:03:91:06:9E:EF:58:1E:3E:C2:01:2F:4F:71:27:D0:4C:64:6B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 31845004B6A24EAB45BC46524E218FAC35A9512A Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa Signing time: Wed 10 Dec 2025 06:40:22 +0000 ROA not before: Wed 10 Dec 2025 06:40:22 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 152.134.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:84:50:04:b6:a2:4e:ab:45:bc:46:52:4e:21:8f:ac:35:a9:51:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:22 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6f7989dc26dc5733dcb0b7e5d52768aad089a3951fcb4e69c26768e4a780ec82, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:89:56:a1:65:40:2d:66:37:3b:7c:a6:70:9d: 0d:80:91:c8:bc:a0:49:5f:a7:2a:a7:07:b2:15:a5: a0:27:ef:fc:7c:8b:ee:e3:d8:d1:49:1f:80:a4:e8: 44:fe:79:40:85:41:c9:9a:f7:1d:97:dc:8a:6f:dd: 07:0e:bb:1b:6a:54:29:df:6e:e6:96:44:95:6d:a5: 73:5c:c4:84:f3:af:0e:30:1a:f3:c3:74:92:79:84: e0:fd:b8:5e:c8:2d:2a:c7:94:a6:57:9a:70:48:48: 98:15:3e:cc:25:1d:9e:26:a6:da:76:e4:82:af:e3: 20:89:a4:95:41:3f:eb:28:5b:2b:31:32:7f:ff:07: ef:c1:22:f1:a0:88:59:d5:61:29:46:49:d8:f3:c5: bd:25:0a:0d:d7:de:c5:cf:eb:09:62:de:4f:e4:e3: 29:d5:ee:27:3a:3e:ca:22:24:96:ff:e4:0d:20:aa: 8f:05:28:c6:a4:f5:bf:73:b2:5f:cc:cf:62:4e:04: 6a:29:d4:bd:ab:d0:e4:e8:4e:c5:31:4f:ca:b3:9a: 63:de:2d:19:99:61:cf:b2:f7:c3:1c:23:3f:6b:ae: 7c:ea:cb:d9:8e:c3:c6:da:e8:b6:8c:1b:fe:8a:be: bf:b5:6b:85:f9:67:2b:ea:41:2c:68:6f:e0:5f:7e: a3:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:03:03:91:06:9E:EF:58:1E:3E:C2:01:2F:4F:71:27:D0:4C:64:6B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption 9a:cd:f5:8e:1e:51:8c:6f:c8:c3:40:eb:74:b7:de:71:d3:5c: b8:ef:66:bb:95:ee:55:84:69:4a:8b:1c:cd:32:0f:de:f8:e6: 9c:a9:71:4b:c1:8f:c6:a6:60:d8:fd:a4:91:71:de:a5:0c:0e: 00:e5:da:6a:c2:0e:f0:c4:3a:c2:05:bb:4a:01:c8:c5:ef:8b: 2e:1b:57:f2:30:a5:c2:ff:15:ff:01:74:a8:0f:65:19:09:b1: 08:88:fe:c1:6e:6d:d3:e3:f9:88:29:73:7c:6a:18:f2:8b:8d: 9b:37:ab:39:c5:e6:62:2e:e8:b9:48:ad:5d:81:d1:44:bd:78: f3:0d:83:c5:06:2e:74:80:cb:00:6c:a4:4d:0a:78:bc:e1:3a: 70:0d:92:07:a7:58:88:0f:5f:19:18:41:b2:f3:65:a6:65:df: 91:77:11:47:d2:ac:18:d7:e6:43:35:33:05:85:df:48:98:a2: 5c:b9:48:4a:64:d4:b3:3d:af:e7:50:fb:05:20:5b:be:18:df: d7:30:ff:48:1c:0f:ca:b4:6e:d3:dd:66:93:a3:6e:74:a8:d9: 69:73:f8:41:75:0b:84:7a:f4:bd:0f:57:f2:65:50:43:1b:8f: 27:27:41:1d:86:f9:c2:bf:db:f0:05:aa:1f:f1:0f:a6:c9:16: e5:78:41:2e -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMYRQBLaiTqtFvEZSTiGPrDWpUSowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZmNzk4OWRjMjZkYzU3MzNkY2IwYjdlNWQ1Mjc2OGFhZDA4OWEzOTUxZmNi NGU2OWMyNjc2OGU0YTc4MGVjODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANGJVqFlQC1mNzt8pnCdDYCRyLygSV+nKqcHshWloCfv/HyL7uPY0UkfgKTo RP55QIVByZr3HZfcim/dBw67G2pUKd9u5pZElW2lc1zEhPOvDjAa88N0knmE4P24 XsgtKseUpleacEhImBU+zCUdniam2nbkgq/jIImklUE/6yhbKzEyf/8H78Ei8aCI WdVhKUZJ2PPFvSUKDdfexc/rCWLeT+TjKdXuJzo+yiIklv/kDSCqjwUoxqT1v3Oy X8zPYk4EainUvavQ5OhOxTFPyrOaY94tGZlhz7L3wxwjP2uufOrL2Y7Dxtrotowb /oq+v7VrhflnK+pBLGhv4F9+o9ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0AwOR Bp7vWB4+wgEvT3En0ExkazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G CSqGSIb3DQEBCwUAA4IBAQCazfWOHlGMb8jDQOt0t95x01y472a7le5VhGlKixzN Mg/e+OacqXFLwY/GpmDY/aSRcd6lDA4A5dpqwg7wxDrCBbtKAcjF74suG1fyMKXC /xX/AXSoD2UZCbEIiP7Bbm3T4/mIKXN8ahjyi42bN6s5xeZiLui5SK1dgdFEvXjz DYPFBi50gMsAbKRNCni84TpwDZIHp1iID18ZGEGy82WmZd+RdxFH0qwY1+ZDNTMF hd9ImKJcuUhKZNSzPa/nUPsFIFu+GN/XMP9IHA/KtG7T3WaTo250qNlpc/hBdQuE evS9D1fyZVBDG48nJ0EdhvnCv9vwBaof8Q+myRbleEEu -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:19 2025 by rpki-client