This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json) Hash identifier: EnnKYgLVlT085vw212eD3hoxUYcqcFMzy7WnUd0AxLU= Subject key identifier: CD:3A:35:34:1E:7F:D7:14:44:62:64:6A:B5:CC:19:46:8A:00:D0:CA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 341A4D54E960E14988173C828397152CE92FA931 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa Signing time: Sat 15 Nov 2025 06:40:09 +0000 ROA not before: Sat 15 Nov 2025 06:40:09 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.34.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:1a:4d:54:e9:60:e1:49:88:17:3c:82:83:97:15:2c:e9:2f:a9:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:09 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=51fee645176c199f2120faaf2fa057fc70cfce5a9e5a80c45c3d1af3b7bca01f, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:29:79:f7:f3:95:99:9f:73:45:48:88:81:0f: ec:22:1c:49:ff:54:b9:0b:5a:7f:08:82:da:e6:41: 0a:51:0d:1b:bd:d3:6e:b2:2e:2d:d8:a1:07:92:17: 1c:1d:42:be:4d:e6:67:4f:07:fe:b3:40:4e:b5:f3: d2:46:b7:3e:56:f1:9d:61:5c:8c:86:2a:2e:3d:5a: 05:f4:1a:e8:3e:6d:6a:50:49:24:6d:4d:6c:33:aa: ac:8e:30:6e:be:fd:08:64:96:f4:8d:80:89:e3:5a: 4b:66:8d:8b:b7:25:fb:9b:9d:b0:12:41:7d:aa:f5: 9d:1a:ca:08:f8:65:22:ff:3a:78:f0:f4:c6:a3:10: 73:76:c0:0b:86:46:a9:02:fb:60:e2:93:ba:13:cf: 87:32:4d:83:4d:bd:d6:95:16:97:ef:6c:eb:81:6d: 77:54:92:85:60:d9:b8:ff:61:cb:78:e2:94:bf:79: 58:b9:8e:9c:e2:f9:8b:8f:69:5b:e9:12:98:a4:7b: 6c:f3:1b:ff:ec:d8:b4:9c:39:cd:2a:63:28:bc:4d: f0:c7:d3:57:41:57:3d:b5:57:91:65:10:ad:4b:a8: e1:e5:28:d5:2a:b2:d1:40:c4:bd:f4:00:f8:3b:c7: b2:9c:b6:f9:f4:d2:cd:af:49:14:9f:0c:12:e5:41: 1b:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:3A:35:34:1E:7F:D7:14:44:62:64:6A:B5:CC:19:46:8A:00:D0:CA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.34.0.0/16 Signature Algorithm: sha256WithRSAEncryption 59:21:15:00:48:e5:75:65:0a:6d:3c:58:33:c1:62:c7:bf:4a: 8f:c4:49:f2:41:f6:bd:8f:7b:71:84:3c:5a:04:0a:74:e8:22: 3e:8e:85:0a:36:fb:65:98:a5:1c:d4:ab:16:21:62:66:e3:8a: af:a1:01:b7:f1:92:b9:4d:d5:b7:b2:9c:5d:cf:4f:80:d7:04: be:62:e2:5e:09:a7:1b:0e:81:61:fa:62:ba:6c:aa:1f:38:3f: 92:96:a0:03:87:9c:02:06:0e:86:fa:bf:ca:09:1c:6b:74:bf: a8:8e:79:6c:29:ce:6b:49:a2:cc:24:ea:ea:77:a9:ac:a2:37: e0:3e:52:24:5b:46:3d:b2:21:0f:64:d6:50:a3:97:2b:e3:53: 96:85:29:50:d5:88:9c:e2:6b:99:86:69:0a:2b:e7:e6:61:47: d2:25:ef:59:36:53:76:45:14:4e:bd:bc:32:d2:f9:3b:0c:a6: 96:8b:20:cf:9d:d6:10:ad:28:ff:0c:e3:95:5f:fd:ab:97:aa: fc:36:3a:d0:03:df:69:28:ab:26:75:85:43:56:9d:5c:da:8e: 7d:78:f1:b4:d9:a9:ca:4e:7e:8d:15:48:f3:ca:7d:8e:03:a7: 09:b2:92:30:7f:57:fd:da:b7:9b:cb:51:8a:9e:88:72:92:19: a6:80:2e:44 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUNBpNVOlg4UmIFzyCg5cVLOkvqTEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDUxZmVlNjQ1MTc2YzE5OWYyMTIwZmFhZjJmYTA1N2ZjNzBjZmNlNWE5ZTVh ODBjNDVjM2QxYWYzYjdiY2EwMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANcpeffzlZmfc0VIiIEP7CIcSf9UuQtafwiC2uZBClENG73TbrIuLdihB5IX HB1Cvk3mZ08H/rNATrXz0ka3PlbxnWFcjIYqLj1aBfQa6D5talBJJG1NbDOqrI4w br79CGSW9I2AieNaS2aNi7cl+5udsBJBfar1nRrKCPhlIv86ePD0xqMQc3bAC4ZG qQL7YOKTuhPPhzJNg0291pUWl+9s64Ftd1SShWDZuP9hy3jilL95WLmOnOL5i49p W+kSmKR7bPMb/+zYtJw5zSpjKLxN8MfTV0FXPbVXkWUQrUuo4eUo1Sqy0UDEvfQA +DvHspy2+fTSza9JFJ8MEuVBG9UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNOjU0 Hn/XFERiZGq1zBlGigDQyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G CSqGSIb3DQEBCwUAA4IBAQBZIRUASOV1ZQptPFgzwWLHv0qPxEnyQfa9j3txhDxa BAp06CI+joUKNvtlmKUc1KsWIWJm44qvoQG38ZK5TdW3spxdz0+A1wS+YuJeCacb DoFh+mK6bKofOD+SlqADh5wCBg6G+r/KCRxrdL+ojnlsKc5rSaLMJOrqd6msojfg PlIkW0Y9siEPZNZQo5cr41OWhSlQ1Yic4muZhmkKK+fmYUfSJe9ZNlN2RRROvbwy 0vk7DKaWiyDPndYQrSj/DOOVX/2rl6r8NjrQA99pKKsmdYVDVp1c2o59ePG02anK Tn6NFUjzyn2OA6cJspIwf1f92reby1GKnohykhmmgC5E -----END CERTIFICATE-----Generated at Sat Dec 6 12:50:12 2025 by rpki-client