This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa File: e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa (raw, json) Hash identifier: dixGvf5RiXnDeNcswC2Xktg1YoRuMQN8V7gDsyNmOwY= Subject key identifier: 8C:30:22:30:A0:F5:81:17:52:29:E4:E3:EA:55:37:07:53:2D:02:0E Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 18043942730432E9C5666249C1EB271AF8C1D98A Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa Signing time: Mon 08 Dec 2025 02:00:06 +0000 ROA not before: Mon 08 Dec 2025 02:00:06 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.252.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:04:39:42:73:04:32:e9:c5:66:62:49:c1:eb:27:1a:f8:c1:d9:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:06 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=8673f19da6a8392298314d04538e66275317161725e21d72849f0c7f564ef868, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cc:50:b9:bd:64:97:af:74:37:b5:4f:c6:44: 79:e5:33:8d:ed:36:27:06:98:bd:52:02:ff:fa:b9: f3:c3:7a:6b:b1:e5:b7:71:c8:71:3e:f0:6f:47:65: 24:6d:42:92:e1:1e:53:f4:fe:95:24:83:08:7e:1f: 4e:d0:ef:0d:71:01:fc:89:bd:99:6c:eb:bc:f3:70: e1:25:e1:64:16:99:25:b5:51:71:60:b6:17:cd:b9: f9:c6:59:b7:8d:60:8d:73:57:a7:86:23:af:38:3a: d9:98:7e:1a:f3:07:d0:fb:18:93:a3:ea:2f:55:2f: ce:6e:0f:94:e6:74:1b:79:ea:0c:be:86:9f:17:8c: 91:92:8b:01:8c:4b:2b:c9:37:3e:37:46:5e:bb:96: 02:4d:2c:73:cb:2f:21:b6:24:83:2c:87:4a:76:1b: 2e:d0:89:71:c2:e5:4e:57:a6:bc:8e:f9:3a:2d:fb: 50:74:97:ed:a9:f9:fa:42:1d:b3:bd:0f:c7:85:4b: ce:58:12:9e:f9:b4:7a:13:cb:80:fd:0a:32:93:ee: 74:46:c2:97:0e:4b:dc:74:39:f2:1c:f9:80:64:16: d5:61:96:5b:bd:30:df:33:9a:af:cf:a8:5f:cf:4f: 20:86:63:ed:fb:10:a8:8d:fb:f1:2f:37:84:52:4d: 90:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:30:22:30:A0:F5:81:17:52:29:E4:E3:EA:55:37:07:53:2D:02:0E X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.252.0/22 Signature Algorithm: sha256WithRSAEncryption 53:d6:5a:ca:90:35:93:09:8d:bf:88:6e:4c:d6:7c:64:23:57: 58:94:f4:ab:c7:62:51:c7:89:81:6b:f7:4b:7f:65:a0:44:5d: f9:9c:8f:60:ea:18:30:e3:3c:0b:b2:83:05:80:c4:ce:66:ec: 8b:19:9f:4a:87:a5:88:5b:c6:31:86:dd:d2:03:44:3f:93:e2: 30:66:4d:c3:40:b6:6a:e6:ef:0c:da:57:c8:ec:9a:0d:6d:c2: 14:4a:1b:58:8f:f5:a8:13:68:80:c8:1c:fb:7b:91:e8:1f:43: af:24:f5:94:a5:b8:d9:7b:d9:19:14:5c:c6:fb:5b:e2:7c:0a: 92:1f:d5:e1:f7:cc:47:2d:2d:ef:ca:a5:a6:fd:d3:a0:36:34: 30:bb:36:ad:ff:c4:7b:cb:1a:e8:8a:ed:d6:7c:b9:45:e3:0a: 90:3c:3b:7d:f1:a2:9e:55:8f:3e:9e:13:8c:52:6c:6c:cb:36: 91:37:17:3b:81:d9:74:04:45:32:f1:40:3c:10:4e:17:16:82: 6e:12:3d:c5:f7:9c:fa:46:a8:18:49:cf:22:b6:7f:43:59:63: 61:cf:f3:e9:06:22:b7:ae:72:24:a8:eb:ba:5f:d2:e4:1c:12: b2:0b:e4:f4:1d:ff:be:d6:49:6b:22:f0:58:95:73:45:ee:a8: bb:c7:42:6b -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUGAQ5QnMEMunFZmJJwesnGvjB2YowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMDZaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDg2NzNmMTlkYTZhODM5MjI5ODMxNGQwNDUzOGU2NjI3NTMxNzE2MTcyNWUy MWQ3Mjg0OWYwYzdmNTY0ZWY4NjgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjMULm9ZJevdDe1T8ZEeeUzje02JwaYvVIC//q588N6a7Hlt3HIcT7wb0dl JG1CkuEeU/T+lSSDCH4fTtDvDXEB/Im9mWzrvPNw4SXhZBaZJbVRcWC2F825+cZZ t41gjXNXp4Yjrzg62Zh+GvMH0PsYk6PqL1Uvzm4PlOZ0G3nqDL6GnxeMkZKLAYxL K8k3PjdGXruWAk0sc8svIbYkgyyHSnYbLtCJccLlTlemvI75Oi37UHSX7an5+kId s70Px4VLzlgSnvm0ehPLgP0KMpPudEbClw5L3HQ58hz5gGQW1WGWW70w3zOar8+o X89PIIZj7fsQqI378S83hFJNkK8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSMMCIw oPWBF1Ip5OPqVTcHUy0CDjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZTQ2ZmE2YzEtOWZhOS00NWIyLWE2NjEtZmExNDEzNmFjNDA3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMA/DAN BgkqhkiG9w0BAQsFAAOCAQEAU9ZaypA1kwmNv4huTNZ8ZCNXWJT0q8diUceJgWv3 S39loERd+ZyPYOoYMOM8C7KDBYDEzmbsixmfSoeliFvGMYbd0gNEP5PiMGZNw0C2 aubvDNpXyOyaDW3CFEobWI/1qBNogMgc+3uR6B9DryT1lKW42XvZGRRcxvtb4nwK kh/V4ffMRy0t78qlpv3ToDY0MLs2rf/Ee8sa6Irt1ny5ReMKkDw7ffGinlWPPp4T jFJsbMs2kTcXO4HZdARFMvFAPBBOFxaCbhI9xfec+kaoGEnPIrZ/Q1ljYc/z6QYi t65yJKjrul/S5BwSsgvk9B3/vtZJayLwWJVzRe6ou8dCaw== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:43 2025 by rpki-client