This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa File: 4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa (raw, json) Hash identifier: 08t0RmJey2mvwog3QqIZMMwRxH6Yfx3IrWhKEU0OKEI= Subject key identifier: 85:7C:8D:06:BD:5D:0F:AC:B8:52:7C:74:6D:05:B5:30:AF:57:8B:5E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 375A8FC8C36BA85E8BD5C4E22AD05F555CCE3BC3 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa Signing time: Thu 11 Dec 2025 01:00:23 +0000 ROA not before: Thu 11 Dec 2025 01:00:23 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:5a:8f:c8:c3:6b:a8:5e:8b:d5:c4:e2:2a:d0:5f:55:5c:ce:3b:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:23 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=5d3c4cd2286f1d5c5e271b4d9a13dd713ff12c3e895ce5011097663b45797d76, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4d:f2:49:1b:4c:4d:03:6a:fa:1f:b4:12:e5: 00:d9:e4:68:36:dc:48:f3:8b:ca:4c:6c:e4:44:3d: 17:0a:ac:04:5e:07:49:98:5e:32:20:38:ed:45:0d: ff:9b:c1:89:a3:43:9b:82:e0:f0:6c:a0:e7:e1:af: f8:d2:21:a5:ce:2e:a8:eb:7f:e6:b2:2d:99:11:4f: e7:83:a9:1c:f9:85:7c:7a:26:30:8b:33:99:29:82: 6e:33:57:55:b1:b9:d1:53:66:36:c7:5f:5a:c3:c5: 88:79:25:66:d7:31:e0:6e:3c:a6:0a:d7:4b:ca:5c: 37:0c:01:89:e1:0b:32:a9:71:19:c6:5e:ff:0f:bc: f6:75:f9:a5:33:a4:2e:61:2d:ed:a5:6a:ff:45:60: 5b:e7:29:ba:de:f2:48:a3:0e:86:91:6a:83:b7:b6: 0b:98:5e:cb:cd:8f:2a:0a:6e:bd:c3:20:da:7a:ae: 76:33:c7:e1:60:21:e5:22:b1:b1:33:11:86:c7:c4: 6c:0a:f6:e9:8a:3c:33:12:c8:74:93:9b:37:ae:45: 77:d1:76:1c:2c:e5:b8:bb:4f:f9:87:ad:f4:4d:ba: 7b:60:aa:d4:18:81:5b:a9:6c:cc:55:83:23:69:b5: 81:8d:ee:98:98:85:9d:48:e1:e0:13:64:bd:ed:15: d9:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7C:8D:06:BD:5D:0F:AC:B8:52:7C:74:6D:05:B5:30:AF:57:8B:5E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.88.0/21 Signature Algorithm: sha256WithRSAEncryption b8:19:2c:90:c5:7e:eb:23:85:7e:7a:08:7e:c0:3c:dd:86:fc: af:11:69:ed:01:1a:fd:14:0a:a0:2d:44:2e:93:a1:a3:f7:35: e1:7b:31:91:22:40:c6:84:63:cc:21:dd:3f:70:12:a9:6b:eb: 0f:27:05:e3:ed:0e:5a:c0:8c:41:cd:9c:a8:34:52:30:d1:dd: 66:1d:13:3c:9a:0f:a1:53:5a:9c:d2:4d:38:a7:4a:49:04:6f: 3d:77:7d:44:4f:44:e4:0d:dc:6b:6b:24:ef:52:c2:ea:83:ab: d0:9b:95:dd:5c:e6:c0:0a:e4:26:96:c9:96:60:bd:18:26:6e: c4:33:4b:a0:37:79:45:8f:64:21:42:53:d8:fb:5a:db:39:7c: 26:bf:62:11:b8:2d:c8:e8:3f:fa:e4:65:8a:60:1d:7b:61:de: 58:b0:e0:73:f5:69:f2:2e:ee:ae:33:56:b4:66:63:19:86:23: 42:72:61:a1:58:2e:13:54:b0:f2:27:32:07:23:12:74:33:65: 1b:38:c9:04:05:1f:92:b1:c3:ed:33:8e:38:5c:dd:f7:14:b9: 21:4e:ce:ef:75:e7:61:f8:28:98:f8:d4:a4:2b:74:e2:e8:02: a1:30:0e:5d:00:82:f6:30:9c:f3:69:aa:91:c2:ae:13:ab:0f: 99:da:41:61 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUN1qPyMNrqF6L1cTiKtBfVVzOO8MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjNaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDVkM2M0Y2QyMjg2ZjFkNWM1ZTI3MWI0ZDlhMTNkZDcxM2ZmMTJjM2U4OTVj ZTUwMTEwOTc2NjNiNDU3OTdkNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9N8kkbTE0DavoftBLlANnkaDbcSPOLykxs5EQ9FwqsBF4HSZheMiA47UUN /5vBiaNDm4Lg8Gyg5+Gv+NIhpc4uqOt/5rItmRFP54OpHPmFfHomMIszmSmCbjNX VbG50VNmNsdfWsPFiHklZtcx4G48pgrXS8pcNwwBieELMqlxGcZe/w+89nX5pTOk LmEt7aVq/0VgW+cput7ySKMOhpFqg7e2C5hey82PKgpuvcMg2nqudjPH4WAh5SKx sTMRhsfEbAr26Yo8MxLIdJObN65Fd9F2HCzluLtP+Yet9E26e2Cq1BiBW6lszFWD I2m1gY3umJiFnUjh4BNkve0V2eMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSFfI0G vV0PrLhSfHRtBbUwr1eLXjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NGY5ZDNjMzktYWU3Ni00ZjIyLTlkZjktYzY1MDFhY2JjYzg0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN BgkqhkiG9w0BAQsFAAOCAQEAuBkskMV+6yOFfnoIfsA83Yb8rxFp7QEa/RQKoC1E LpOho/c14XsxkSJAxoRjzCHdP3ASqWvrDycF4+0OWsCMQc2cqDRSMNHdZh0TPJoP oVNanNJNOKdKSQRvPXd9RE9E5A3ca2sk71LC6oOr0JuV3VzmwArkJpbJlmC9GCZu xDNLoDd5RY9kIUJT2Pta2zl8Jr9iEbgtyOg/+uRlimAde2HeWLDgc/Vp8i7urjNW tGZjGYYjQnJhoVguE1Sw8icyByMSdDNlGzjJBAUfkrHD7TOOOFzd9xS5IU7O73Xn YfgomPjUpCt04ugCoTAOXQCC9jCc82mqkcKuE6sPmdpBYQ== -----END CERTIFICATE-----Generated at Tue Dec 16 00:26:54 2025 by rpki-client