This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json) Hash identifier: KpS2bsVU8TSgD7tqiVHGsmVfM0OPk3GdaI68Eml5+GA= Subject key identifier: 91:0B:C7:81:83:99:31:B0:A4:B6:8D:9F:9C:FF:75:25:38:3D:7F:CE Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6BED9C38E7AFFCD9238E1E98B5C18DB5238DB946 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa Signing time: Wed 10 Dec 2025 06:30:15 +0000 ROA not before: Wed 10 Dec 2025 06:30:15 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 212.255.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:ed:9c:38:e7:af:fc:d9:23:8e:1e:98:b5:c1:8d:b5:23:8d:b9:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:15 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ef73d831fc2dab9fbf9ef0c2c3d2b879df55590fc576981022bd5f425d119b26, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:a8:7e:fc:2c:58:8d:fa:c8:e0:66:90:53:38: dc:a5:cb:9f:3b:2b:bd:b4:6e:c7:ab:6a:df:f4:53: 31:7a:9f:7e:52:ad:40:1f:75:92:f4:e8:44:3b:f7: 12:f9:22:9d:a6:fb:03:30:9a:29:2b:5b:f4:98:80: d3:e0:01:14:84:8c:be:7c:70:b0:78:76:b3:9f:22: 07:8e:16:e0:24:06:ca:7e:63:8f:9c:34:36:a4:95: ec:d6:7c:77:10:e0:85:5a:5f:50:7b:b2:38:74:1c: 2f:4f:69:ab:f0:cc:08:84:57:7d:ce:ca:c0:ff:60: 2a:d3:2e:63:52:af:44:03:b8:c7:5b:c2:2e:d2:d4: 9e:e4:72:3a:f5:43:86:a0:e3:aa:10:3b:09:c6:27: f3:76:89:cc:fe:00:ea:52:aa:b8:58:86:2d:4a:23: c8:38:36:a4:1e:cf:3d:82:2a:f3:eb:2f:92:74:1d: ae:62:19:11:3c:dc:37:e1:3d:3d:36:b4:f8:42:1e: 64:7e:1a:25:ea:e3:ab:fc:9c:2a:3a:67:32:89:c4: bb:15:e1:2b:ad:45:42:24:09:31:08:95:18:3d:8c: 7e:ec:63:1e:32:de:fe:af:04:15:b8:d7:c9:5a:11: 65:39:23:f0:e2:85:08:38:39:d3:24:23:f5:2e:a7: 65:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:0B:C7:81:83:99:31:B0:A4:B6:8D:9F:9C:FF:75:25:38:3D:7F:CE X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.255.0.0/16 Signature Algorithm: sha256WithRSAEncryption 14:20:6e:e7:1c:61:3f:93:25:01:36:55:5f:a0:0f:20:b0:72: 99:11:97:35:56:03:c7:ca:f7:b2:e9:e7:61:b0:db:9b:3a:8e: 99:ea:e0:84:fa:57:da:47:ee:3d:a0:1a:cf:1a:ac:d9:71:00: 0f:1b:46:b7:13:08:1f:4d:c4:42:86:f3:00:90:5f:79:2e:7d: 17:ae:90:57:3e:ec:f3:3c:04:aa:e8:5d:1b:8d:4c:32:a6:ff: ce:ed:a0:cd:8f:fc:56:95:1f:34:a0:f6:97:e4:ee:b2:b4:3d: 37:c2:43:d3:b6:1c:53:53:2a:f5:f0:f1:4e:09:a9:75:af:fd: 09:77:2a:a8:cf:79:d6:7d:fe:77:90:18:55:71:83:14:74:75: 00:d7:07:40:da:1e:ed:2e:3f:0e:54:18:56:59:71:69:74:f2: d4:12:43:03:c0:92:07:ee:fa:e7:0c:41:2a:79:8a:80:02:46: 23:c2:ba:af:4c:0d:7a:17:d5:20:a5:a7:9a:8d:37:df:be:fa: 8f:ab:77:33:93:d8:fb:e8:e8:e9:39:c8:8f:a9:e0:7c:c0:73: 60:28:07:9c:55:c8:db:60:59:26:44:1e:6e:bc:b2:63:8f:d6: 13:f7:b4:b9:f4:f9:bf:df:f9:d4:4b:aa:cd:71:3a:bb:12:3d: 36:1a:76:0e -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUa+2cOOev/Nkjjh6YtcGNtSONuUYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVmNzNkODMxZmMyZGFiOWZiZjllZjBjMmMzZDJiODc5ZGY1NTU5MGZjNTc2 OTgxMDIyYmQ1ZjQyNWQxMTliMjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuofvwsWI36yOBmkFM43KXLnzsrvbRux6tq3/RTMXqfflKtQB91kvToRDv3 Evkinab7AzCaKStb9JiA0+ABFISMvnxwsHh2s58iB44W4CQGyn5jj5w0NqSV7NZ8 dxDghVpfUHuyOHQcL09pq/DMCIRXfc7KwP9gKtMuY1KvRAO4x1vCLtLUnuRyOvVD hqDjqhA7CcYn83aJzP4A6lKquFiGLUojyDg2pB7PPYIq8+svknQdrmIZETzcN+E9 PTa0+EIeZH4aJerjq/ycKjpnMonEuxXhK61FQiQJMQiVGD2MfuxjHjLe/q8EFbjX yVoRZTkj8OKFCDg50yQj9S6nZZcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRC8eB g5kxsKS2jZ+c/3UlOD1/zjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G CSqGSIb3DQEBCwUAA4IBAQAUIG7nHGE/kyUBNlVfoA8gsHKZEZc1VgPHyvey6edh sNubOo6Z6uCE+lfaR+49oBrPGqzZcQAPG0a3EwgfTcRChvMAkF95Ln0XrpBXPuzz PASq6F0bjUwypv/O7aDNj/xWlR80oPaX5O6ytD03wkPTthxTUyr18PFOCal1r/0J dyqoz3nWff53kBhVcYMUdHUA1wdA2h7tLj8OVBhWWXFpdPLUEkMDwJIH7vrnDEEq eYqAAkYjwrqvTA16F9UgpaeajTffvvqPq3czk9j76OjpOciPqeB8wHNgKAecVcjb YFkmRB5uvLJjj9YT97S59Pm/3/nUS6rNcTq7Ej02GnYO -----END CERTIFICATE-----Generated at Fri Dec 19 21:50:34 2025 by rpki-client