This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa File: 4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa (raw, json) Hash identifier: +2trfKfBh7+k8WPiiLto/ax1EO6tnA+9halej9UM+18= Subject key identifier: 54:B8:63:6D:94:1C:7F:C1:D8:F9:31:98:4E:22:66:DE:BB:0F:B5:8A Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 736CDEF3288515E3541719E14A2293A20C4C4A74 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa Signing time: Mon 08 Dec 2025 02:00:05 +0000 ROA not before: Mon 08 Dec 2025 02:00:05 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.224.182.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:6c:de:f3:28:85:15:e3:54:17:19:e1:4a:22:93:a2:0c:4c:4a:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:05 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=18d1c4871d5781794ec9822a1d0b0a33f7d12f1f73ecb4722f44d3cb354f835c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0f:cc:3b:9e:8e:0a:b1:b9:91:88:66:b0:02: 6d:8f:45:b2:c2:5a:24:3c:b2:e0:1f:b4:a7:ec:29: 0d:90:96:9c:b4:58:53:03:a3:99:6c:75:b1:b3:4e: b6:ad:2d:dd:fa:71:7f:f3:5a:bd:f0:19:07:2d:0e: 83:fc:67:f5:4b:c7:82:39:87:cd:f5:8e:dd:17:23: fa:0e:c0:ab:56:0a:3e:2c:dd:5f:f5:eb:27:f5:8b: 69:b9:0b:7f:20:66:4c:b0:58:f6:7e:15:ab:b5:e6: 87:f2:fc:9d:21:06:4a:e3:8a:fe:26:fd:8c:33:a1: f5:aa:88:c8:63:3d:19:25:e7:63:98:fc:48:f1:e2: 3c:2d:7d:bc:54:d6:7a:24:1e:e7:bb:a1:15:cc:73: e4:82:a6:37:a2:01:df:5e:f5:b2:30:2d:ba:c2:2c: 39:18:6d:cc:94:cf:89:a2:2c:0d:ee:e7:43:cd:8f: 63:70:b7:04:dc:f2:d0:18:1c:29:17:f6:2f:10:65: 51:58:e5:1b:63:87:54:56:ca:5a:26:72:8e:0d:56: 08:b1:d5:7f:a5:57:df:b2:9b:c6:41:4c:47:98:73: 5f:8d:da:cf:68:83:7c:23:a3:f4:46:1e:a7:a4:b1: 94:7c:8a:f5:91:ec:8e:3d:b3:e8:08:5f:ee:69:d8: 0e:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:B8:63:6D:94:1C:7F:C1:D8:F9:31:98:4E:22:66:DE:BB:0F:B5:8A X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.224.182.0/23 Signature Algorithm: sha256WithRSAEncryption aa:38:c7:e7:e1:20:6c:8f:5f:c6:03:b1:27:9b:4e:a2:c1:b5: 25:31:53:77:3a:e8:42:eb:5e:5b:62:4e:73:34:80:0b:53:6f: 3d:3f:4a:e2:8e:4a:76:12:ad:93:ac:98:1b:21:8e:c8:92:7c: 60:78:44:ec:95:01:b5:bb:bb:fd:2a:b3:d6:81:fe:7a:65:61: 56:e5:01:c1:42:38:6a:26:2a:8d:e6:b9:22:d5:e2:cb:e3:b6: 03:06:ce:22:2a:35:52:f0:19:72:b8:ee:41:48:56:00:ec:24: 00:a8:e4:f9:d4:4f:a0:94:38:a0:fa:72:b3:f7:3f:0d:93:ef: 95:fe:90:32:2c:ab:79:fe:1c:9a:5b:db:c4:d6:39:cd:52:c1: d2:e1:a4:5f:f3:b0:23:41:fd:97:26:e7:1a:a7:96:e8:ea:19: 8f:e0:4a:e7:a2:78:f5:8c:c6:60:49:2a:b7:a2:8a:41:3a:5f: b7:fa:cd:c2:3e:b7:db:64:05:8a:7a:db:ee:e2:1a:e3:5f:97: f2:a2:82:4e:da:f3:07:d0:ef:0a:80:6e:b5:7e:49:99:38:1a: 10:30:fb:58:03:83:6d:3f:72:e7:ca:db:b2:12:85:03:35:cd: 16:49:18:81:99:39:ee:b1:87:6c:76:7a:81:51:dc:dd:e4:28: c7:2d:af:da -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUc2ze8yiFFeNUFxnhSiKTogxMSnQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMDVaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDE4ZDFjNDg3MWQ1NzgxNzk0ZWM5ODIyYTFkMGIwYTMzZjdkMTJmMWY3M2Vj YjQ3MjJmNDRkM2NiMzU0ZjgzNWMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALgPzDuejgqxuZGIZrACbY9FssJaJDyy4B+0p+wpDZCWnLRYUwOjmWx1sbNO tq0t3fpxf/NavfAZBy0Og/xn9UvHgjmHzfWO3Rcj+g7Aq1YKPizdX/XrJ/WLabkL fyBmTLBY9n4Vq7Xmh/L8nSEGSuOK/ib9jDOh9aqIyGM9GSXnY5j8SPHiPC19vFTW eiQe57uhFcxz5IKmN6IB3171sjAtusIsORhtzJTPiaIsDe7nQ82PY3C3BNzy0Bgc KRf2LxBlUVjlG2OHVFbKWiZyjg1WCLHVf6VX37KbxkFMR5hzX43az2iDfCOj9EYe p6SxlHyK9ZHsjj2z6Ahf7mnYDgkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRUuGNt lBx/wdj5MZhOImbeuw+1ijAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NGJhMmU2MTMtMmYzOS00M2QwLWJkOTUtNWEyMWNlMjM5ZmYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgtjAN BgkqhkiG9w0BAQsFAAOCAQEAqjjH5+EgbI9fxgOxJ5tOosG1JTFTdzroQuteW2JO czSAC1NvPT9K4o5KdhKtk6yYGyGOyJJ8YHhE7JUBtbu7/Sqz1oH+emVhVuUBwUI4 aiYqjea5ItXiy+O2AwbOIio1UvAZcrjuQUhWAOwkAKjk+dRPoJQ4oPpys/c/DZPv lf6QMiyref4cmlvbxNY5zVLB0uGkX/OwI0H9lybnGqeW6OoZj+BK56J49YzGYEkq t6KKQTpft/rNwj6322QFinrb7uIa41+X8qKCTtrzB9DvCoButX5JmTgaEDD7WAOD bT9y58rbshKFAzXNFkkYgZk57rGHbHZ6gVHc3eQoxy2v2g== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:48 2025 by rpki-client