This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json) Hash identifier: mwDmyfZSUe4u5A12Nf/ZCiFY/Jh9by2euZJoluIfA/M= Subject key identifier: 58:BF:0B:FF:6F:F0:B7:4F:16:82:89:D0:E5:A7:7E:39:1E:6B:E1:2E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5B22B200BE7613CE5C7884B1424F7F9463AA3151 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa Signing time: Tue 25 Nov 2025 20:10:07 +0000 ROA not before: Tue 25 Nov 2025 20:10:07 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.102.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:22:b2:00:be:76:13:ce:5c:78:84:b1:42:4f:7f:94:63:aa:31:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:07 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=1f2e6ff9a111e7658ed0d17f93cb3e4e27c63aaca118299ccd7b61dfac2d53bf, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:d1:32:14:30:55:33:bf:43:b9:45:6d:62:2d: 67:1e:b6:ff:29:67:a5:0e:80:71:6a:11:ab:ba:25: ed:22:de:09:1b:c0:d3:a2:93:71:2a:1b:5f:95:3f: 47:9b:a6:4c:34:99:c8:04:e0:1c:7b:de:59:1c:d5: 98:36:9d:67:65:87:fa:74:a0:a8:a8:f3:47:65:74: 96:db:b9:47:1d:b1:92:aa:6f:ee:21:ad:15:84:d3: 2d:68:9d:53:0c:b9:dc:af:19:2b:1b:a5:6c:27:8e: 10:72:23:00:93:68:03:ff:f4:fb:90:e9:f1:bf:14: 54:e9:cc:4f:09:7f:f0:9e:c7:40:56:4c:db:8b:70: e9:05:43:a0:b0:89:56:2d:0d:b6:b6:23:ff:d2:d3: 0b:06:ae:12:4b:8f:4e:d8:e3:7d:93:1e:4e:46:0c: 54:fa:e4:55:c8:95:a2:03:e6:15:3a:21:03:0e:46: 58:45:5f:a0:ad:4f:6a:73:c2:af:42:5e:33:89:1b: 0a:60:c4:9d:f4:d7:6c:c6:66:33:11:d7:75:0c:31: a5:28:93:ec:4c:c3:78:fb:f2:6b:3c:ec:60:fa:d7: f6:3f:88:78:0a:df:eb:e1:19:f3:fc:f4:c7:13:19: 98:42:79:52:fe:f6:1d:f3:fd:84:78:07:8b:86:02: 24:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:BF:0B:FF:6F:F0:B7:4F:16:82:89:D0:E5:A7:7E:39:1E:6B:E1:2E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.102.0.0/16 Signature Algorithm: sha256WithRSAEncryption 6a:1f:0a:ac:9d:37:90:8a:0c:04:ac:ff:a8:b3:1f:9c:5e:1b: 0a:9f:52:b7:da:ae:b5:c2:33:f0:9c:27:a2:41:59:17:0d:f2: 7b:7b:1f:ee:23:cf:e3:55:79:07:53:d8:3d:fd:05:a8:1d:b8: b2:27:8f:4b:84:01:1e:3b:03:42:ad:83:2d:70:70:4a:c4:49: f7:c8:ee:a3:f1:b9:40:d0:56:a7:d0:b3:33:2d:76:f5:c0:6a: 4b:4a:93:14:ef:a2:ac:5d:43:66:f1:ef:98:03:43:de:f3:d5: bf:9e:40:4f:97:72:11:40:7b:d4:b6:20:18:f7:10:f6:78:bd: b4:ec:43:3a:12:ef:82:dd:00:d9:22:43:f8:62:e1:62:70:82: 6b:8e:29:8e:aa:4b:b0:9e:75:a6:20:92:85:1d:d7:f3:1b:bf: b3:e7:92:e4:09:75:0f:c4:96:9f:d1:6a:ea:2e:27:a8:88:19: d9:97:cf:db:c4:83:1d:66:36:29:d7:11:93:48:37:51:5d:43: 5a:f4:6f:5f:b8:3c:60:76:36:54:dc:f2:6d:c0:3b:f8:08:86: e3:76:59:35:92:30:13:b8:d2:28:d7:eb:ec:02:cb:4d:60:69: ec:7b:09:cd:86:a7:81:f4:10:5e:4d:11:0c:f0:33:2b:15:32: 38:06:ec:8c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUWyKyAL52E85ceISxQk9/lGOqMVEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDdaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDFmMmU2ZmY5YTExMWU3NjU4ZWQwZDE3ZjkzY2IzZTRlMjdjNjNhYWNhMTE4 Mjk5Y2NkN2I2MWRmYWMyZDUzYmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3RMhQwVTO/Q7lFbWItZx62/ylnpQ6AcWoRq7ol7SLeCRvA06KTcSobX5U/ R5umTDSZyATgHHveWRzVmDadZ2WH+nSgqKjzR2V0ltu5Rx2xkqpv7iGtFYTTLWid Uwy53K8ZKxulbCeOEHIjAJNoA//0+5Dp8b8UVOnMTwl/8J7HQFZM24tw6QVDoLCJ Vi0NtrYj/9LTCwauEkuPTtjjfZMeTkYMVPrkVciVogPmFTohAw5GWEVfoK1PanPC r0JeM4kbCmDEnfTXbMZmMxHXdQwxpSiT7EzDePvyazzsYPrX9j+IeArf6+EZ8/z0 xxMZmEJ5Uv72HfP9hHgHi4YCJF0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYvwv/ b/C3TxaCidDlp345HmvhLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G CSqGSIb3DQEBCwUAA4IBAQBqHwqsnTeQigwErP+osx+cXhsKn1K32q61wjPwnCei QVkXDfJ7ex/uI8/jVXkHU9g9/QWoHbiyJ49LhAEeOwNCrYMtcHBKxEn3yO6j8blA 0Fan0LMzLXb1wGpLSpMU76KsXUNm8e+YA0Pe89W/nkBPl3IRQHvUtiAY9xD2eL20 7EM6Eu+C3QDZIkP4YuFicIJrjimOqkuwnnWmIJKFHdfzG7+z55LkCXUPxJaf0Wrq LieoiBnZl8/bxIMdZjYp1xGTSDdRXUNa9G9fuDxgdjZU3PJtwDv4CIbjdlk1kjAT uNIo1+vsAstNYGnsewnNhqeB9BBeTREM8DMrFTI4BuyM -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:24 2025 by rpki-client