This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json) Hash identifier: JDWxg0qvCms7b8wVLWV8HUmuomBg9Fcy2+kqXDR/KNQ= Subject key identifier: C0:0C:44:E4:F6:0D:80:61:81:F9:6C:AC:F3:6C:9E:01:B8:77:16:BF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3709A3133513E8197D1C347123E19DE44B2630A6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa Signing time: Sat 29 Nov 2025 00:00:30 +0000 ROA not before: Sat 29 Nov 2025 00:00:30 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 83.119.128.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:09:a3:13:35:13:e8:19:7d:1c:34:71:23:e1:9d:e4:4b:26:30:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 29 00:00:30 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=6e0c1cc6b098b37bb32a8f1ac0b4cfa00857b40c23f881f6770deb8ebb75e3c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4b:d8:33:40:00:22:3f:e0:b9:05:a3:64:d4: 68:4d:00:0b:ab:a5:e7:8b:6b:04:bf:49:03:d5:2e: 2b:8c:f5:95:8d:8a:60:54:23:46:64:cc:65:f1:24: 54:79:6b:c1:97:b5:d5:79:07:38:87:1f:64:d3:d1: 36:09:0f:dc:bc:ee:87:1b:1e:e9:04:d7:1e:cc:ec: 3e:e3:bd:de:9f:85:43:df:6f:ae:47:ff:41:53:17: 8a:2c:49:75:67:da:d5:f9:56:e5:16:96:e7:2f:f6: 9a:80:0e:71:38:fa:d4:da:ec:b5:97:4a:f1:46:9a: b2:1a:16:75:88:ad:07:83:39:2c:ab:22:dc:c8:f1: fc:fa:19:2f:08:94:fa:90:45:f4:45:39:5b:71:3e: 41:71:10:31:a5:de:f0:dc:ca:b0:98:ed:b5:10:0d: a4:5f:12:23:d3:15:ed:0d:ea:4f:99:2a:71:9d:0e: 77:ea:ba:98:cb:3c:8d:9b:e5:72:2f:03:27:16:f8: 1d:36:46:ea:18:27:93:c7:59:e9:3e:64:ae:fe:06: 4a:19:b4:68:0e:85:18:8e:98:f8:05:fb:8c:ee:5f: d3:7a:f9:9d:d5:bc:c4:98:58:d6:6f:9c:a5:26:3b: 03:57:6b:66:c9:6a:93:c1:6f:47:c5:32:d8:6e:cf: b6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:0C:44:E4:F6:0D:80:61:81:F9:6C:AC:F3:6C:9E:01:B8:77:16:BF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.119.128.0/18 Signature Algorithm: sha256WithRSAEncryption af:65:d0:5b:63:7f:52:d2:06:60:71:2e:da:70:d8:ba:8d:ed: c4:ef:00:1e:eb:95:54:5e:f3:64:64:88:93:e5:8b:65:68:c3: 4f:60:21:b6:fa:b8:fa:25:45:06:75:f4:4d:f6:e6:73:22:cb: 28:95:f9:fa:9a:b7:7b:66:f0:6b:c5:a4:b2:28:41:6d:cc:ea: aa:e6:48:67:d7:8a:12:12:70:73:e9:08:84:70:e3:db:e7:ce: 8e:03:ba:a2:cf:95:20:cc:06:b1:eb:16:97:cf:a1:11:3a:1b: 36:97:77:da:f6:bf:ab:c5:9e:65:64:48:12:52:31:55:ee:e8: 93:d4:cc:5f:e4:2f:a6:54:49:de:e9:d7:88:6e:7f:8c:36:8a: 85:0e:94:71:c8:2b:1d:32:23:10:31:36:0f:9b:62:46:1e:5c: 5e:7a:cc:99:b5:41:6d:1d:8c:24:1b:84:fd:62:42:ae:77:c2: 4d:00:c1:5b:cf:f3:d1:62:77:1b:52:cb:51:a2:c6:2c:fe:fd: 32:2e:08:7b:a3:ae:40:a7:93:0b:53:f5:34:7e:1c:a8:06:39: 26:55:5d:04:14:45:06:0b:db:4a:00:07:db:88:f4:fd:9c:4b: 26:51:7a:5c:2b:75:da:8c:80:e0:a2:f7:76:31:d7:67:74:b2: 47:59:61:92 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUNwmjEzUT6Bl9HDRxI+Gd5EsmMKYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjkwMDAwMzBaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDZlMGMxY2M2YjA5OGIzN2JiMzJhOGYxYWMwYjRjZmEwMDg1N2I0MGMyM2Y4 ODFmNjc3MGRlYjhlYmI3NWUzYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9L2DNAACI/4LkFo2TUaE0AC6ul54trBL9JA9UuK4z1lY2KYFQjRmTMZfEk VHlrwZe11XkHOIcfZNPRNgkP3Lzuhxse6QTXHszsPuO93p+FQ99vrkf/QVMXiixJ dWfa1flW5RaW5y/2moAOcTj61NrstZdK8UaashoWdYitB4M5LKsi3Mjx/PoZLwiU +pBF9EU5W3E+QXEQMaXe8NzKsJjttRANpF8SI9MV7Q3qT5kqcZ0Od+q6mMs8jZvl ci8DJxb4HTZG6hgnk8dZ6T5krv4GShm0aA6FGI6Y+AX7jO5f03r5ndW8xJhY1m+c pSY7A1drZslqk8FvR8Uy2G7PtmsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTADETk 9g2AYYH5bKzzbJ4BuHcWvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN BgkqhkiG9w0BAQsFAAOCAQEAr2XQW2N/UtIGYHEu2nDYuo3txO8AHuuVVF7zZGSI k+WLZWjDT2Ahtvq4+iVFBnX0TfbmcyLLKJX5+pq3e2bwa8WksihBbczqquZIZ9eK EhJwc+kIhHDj2+fOjgO6os+VIMwGsesWl8+hETobNpd32va/q8WeZWRIElIxVe7o k9TMX+QvplRJ3unXiG5/jDaKhQ6UccgrHTIjEDE2D5tiRh5cXnrMmbVBbR2MJBuE /WJCrnfCTQDBW8/z0WJ3G1LLUaLGLP79Mi4Ie6OuQKeTC1P1NH4cqAY5JlVdBBRF BgvbSgAH24j0/ZxLJlF6XCt12oyA4KL3djHXZ3SyR1lhkg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:50:36 2025 by rpki-client