This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/98c39c27-f261-4d67-a85e-ec7479538084.roa File: 98c39c27-f261-4d67-a85e-ec7479538084.roa (raw, json) Hash identifier: OBoV06Ko+HuwOkSvW0oL62MKJ7jUtRg6v3iYfvP8Ds8= Subject key identifier: 0F:25:06:81:1F:D9:66:9F:57:31:1C:A2:19:E8:01:5F:63:A6:B1:84 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 57B8E6171CE27CA6EEACB0091B9FA9F5CEAA2D11 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/98c39c27-f261-4d67-a85e-ec7479538084.roa Signing time: Mon 08 Dec 2025 02:00:25 +0000 ROA not before: Mon 08 Dec 2025 02:00:25 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:b8:e6:17:1c:e2:7c:a6:ee:ac:b0:09:1b:9f:a9:f5:ce:aa:2d:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:25 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=342fdca1bad74bb95173f47c87a6f38b25a36f4cc26d9cb5dc5ddfdfecdefe3e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7c:a7:7f:dc:0e:19:99:49:a4:c2:72:13:67: fe:01:e9:07:c4:56:02:75:97:82:1d:a4:29:31:4a: 61:ed:41:4d:61:03:67:50:ac:ac:71:34:fe:36:e2: 4c:3e:db:6a:28:fa:e4:8c:e7:53:32:ec:77:19:c0: 54:12:56:a1:ed:fe:fa:4a:8c:0b:9b:f6:6f:53:50: 05:e8:a2:4a:e6:8b:2c:c3:fd:c1:02:bb:2c:d0:0b: f8:d3:56:4a:db:96:9d:be:5f:7b:5e:42:18:f1:47: 7c:33:96:91:e8:1d:9b:60:77:a2:7a:27:a0:39:48: 55:40:38:78:8a:94:23:a6:10:52:a4:af:ad:9c:8d: 1a:a2:ee:40:96:cc:d2:f4:c0:ae:f0:4e:0e:ca:1f: c4:3e:23:9a:33:b9:03:18:78:7a:06:b1:16:e9:cf: ce:5b:90:22:b6:76:8d:e8:2b:12:bd:bb:b3:aa:ec: 47:6a:f7:f6:ef:15:ed:d9:6c:e8:d3:e5:5b:b8:c9: 26:24:84:18:5a:c9:24:b1:7c:c6:3b:b4:e6:a1:9e: bb:e0:3c:0b:64:05:83:7c:e1:18:7d:82:a7:f6:ce: 39:79:bd:98:0c:34:7a:a4:15:ee:a4:75:42:55:07: c0:ee:a6:33:13:64:09:9f:4c:4d:5b:06:9a:f6:6c: 12:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:25:06:81:1F:D9:66:9F:57:31:1C:A2:19:E8:01:5F:63:A6:B1:84 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/98c39c27-f261-4d67-a85e-ec7479538084.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.132.0/24 Signature Algorithm: sha256WithRSAEncryption b6:15:b5:b4:3c:26:37:b4:24:33:24:67:e6:b6:79:52:1c:11: 27:18:2c:e6:58:ae:09:63:a8:9e:a4:89:3b:56:33:0b:79:f7: d7:7d:60:c1:d8:e1:a8:5e:10:b6:12:4f:0a:6c:81:4f:00:52: ea:5b:28:7f:4d:21:55:0b:d8:f3:fb:5a:7a:27:cd:f1:ed:2f: 8d:2a:32:de:b4:39:0d:c8:a8:c6:0b:07:66:88:4f:ab:b4:79: a5:1d:1e:4a:62:b2:5e:3b:ce:00:21:66:65:4d:61:01:37:ff: 4e:57:91:46:55:96:99:2a:81:6b:16:95:17:df:b1:7f:ca:4b: 3b:05:49:44:11:b6:a3:e1:02:d6:f4:97:49:58:df:78:ff:2e: 8f:21:9c:1e:ee:2d:88:fd:79:d0:fd:ba:79:31:f0:f5:d2:3e: 64:96:4e:b4:d6:4f:e6:eb:86:10:f2:e7:1f:56:cf:6e:14:d3: b2:0f:06:a6:b4:fd:b5:06:1e:66:c2:af:46:bc:de:29:c2:7f: 61:84:21:4d:c3:be:16:0f:bf:3c:46:f0:7e:ad:b2:9b:36:29: 18:8b:65:1c:15:26:46:1c:05:90:1a:7e:b4:9a:2b:1b:13:cf: ae:b2:95:b5:b3:04:1a:90:9d:d0:5a:e9:18:65:ff:c8:dd:a5: 33:cd:13:ab -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUV7jmFxzifKburLAJG5+p9c6qLREwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjVaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDM0MmZkY2ExYmFkNzRiYjk1MTczZjQ3Yzg3YTZmMzhiMjVhMzZmNGNjMjZk OWNiNWRjNWRkZmRmZWNkZWZlM2UxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL98p3/cDhmZSaTCchNn/gHpB8RWAnWXgh2kKTFKYe1BTWEDZ1CsrHE0/jbi TD7baij65IznUzLsdxnAVBJWoe3++kqMC5v2b1NQBeiiSuaLLMP9wQK7LNAL+NNW StuWnb5fe15CGPFHfDOWkegdm2B3ononoDlIVUA4eIqUI6YQUqSvrZyNGqLuQJbM 0vTArvBODsofxD4jmjO5Axh4egaxFunPzluQIrZ2jegrEr27s6rsR2r39u8V7dls 6NPlW7jJJiSEGFrJJLF8xju05qGeu+A8C2QFg3zhGH2Cp/bOOXm9mAw0eqQV7qR1 QlUHwO6mMxNkCZ9MTVsGmvZsEscCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPJQaB H9lmn1cxHKIZ6AFfY6axhDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OThjMzljMjctZjI2MS00ZDY3LWE4NWUtZWM3NDc5NTM4MDg0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAhDAN BgkqhkiG9w0BAQsFAAOCAQEAthW1tDwmN7QkMyRn5rZ5UhwRJxgs5liuCWOonqSJ O1YzC3n3131gwdjhqF4QthJPCmyBTwBS6lsof00hVQvY8/taeifN8e0vjSoy3rQ5 DcioxgsHZohPq7R5pR0eSmKyXjvOACFmZU1hATf/TleRRlWWmSqBaxaVF9+xf8pL OwVJRBG2o+EC1vSXSVjfeP8ujyGcHu4tiP150P26eTHw9dI+ZJZOtNZP5uuGEPLn H1bPbhTTsg8GprT9tQYeZsKvRrzeKcJ/YYQhTcO+Fg+/PEbwfq2ymzYpGItlHBUm RhwFkBp+tJorGxPPrrKVtbMEGpCd0FrpGGX/yN2lM80Tqw== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:46 2025 by rpki-client