This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json) Hash identifier: VT1KFefrgZ+/DzhMZc/cqy2aWFC2QF1Bq4D3fdvYqxY= Subject key identifier: F1:F5:0E:EF:50:8C:09:FB:7E:B8:25:60:B0:E6:ED:16:02:68:29:EB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 56635E268461C6D290BAB9AEB73990FF430FA30D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa Signing time: Tue 25 Nov 2025 20:10:03 +0000 ROA not before: Tue 25 Nov 2025 20:10:03 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.239.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:63:5e:26:84:61:c6:d2:90:ba:b9:ae:b7:39:90:ff:43:0f:a3:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:03 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=e1ee1af0f6c5772f17414234fab3f3aa6bb7ed4f46429139d11673f2f3ee74a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:8c:8d:a2:5d:75:88:08:64:0a:8c:29:81:25: e9:1c:8f:11:31:78:a5:b1:6d:34:0e:56:71:83:aa: e5:58:63:5d:18:85:a8:4e:1d:21:27:50:b9:58:a9: b3:fe:60:65:d9:5c:04:92:a9:15:7e:ac:88:bc:90: 5e:75:ed:ed:f5:68:3c:26:40:5b:4d:23:df:73:9d: 5e:e2:8e:e2:be:6a:ad:73:61:a3:e1:98:41:47:28: 73:64:12:6f:69:f5:4c:5c:88:5e:75:7a:23:6c:45: 08:1e:41:5a:64:3d:81:ff:b5:3e:4d:3a:43:03:4f: 8e:bc:26:1b:80:3f:00:be:8b:c0:ae:a7:56:4e:ad: 7e:eb:4e:f1:ab:d1:b5:17:3f:08:d0:0c:e6:16:b5: 06:26:dd:11:53:02:0a:62:1d:b1:b6:77:60:14:9f: 14:d9:ee:c9:e0:8c:86:b7:7d:d6:89:cf:ed:89:3e: 64:a3:03:75:69:9f:db:7e:a4:78:b7:08:ef:4b:63: 29:b2:97:46:92:11:84:48:2d:99:50:41:b6:b7:fd: 5e:f0:63:53:db:dd:e7:cc:72:37:eb:00:f1:2e:09: 37:06:9c:ba:5b:29:8a:07:5e:a3:ab:82:13:12:32: 57:32:1b:bb:38:0b:df:58:8a:07:92:14:70:ab:1b: a3:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:F5:0E:EF:50:8C:09:FB:7E:B8:25:60:B0:E6:ED:16:02:68:29:EB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.239.0.0/16 Signature Algorithm: sha256WithRSAEncryption 41:94:48:80:01:1a:ad:8c:8a:9f:35:dc:cc:1b:e3:b2:0b:9e: 2e:64:07:2c:76:a2:4d:a1:54:4b:5c:35:b2:0b:9e:04:4a:09: f0:02:5a:39:9f:d9:39:40:3e:1e:f0:a2:8e:72:59:f4:64:e9: a9:13:53:57:18:ec:c6:1c:80:25:d6:ae:52:aa:57:09:fd:02: 96:9a:31:cd:72:e6:90:a2:22:4f:1e:8f:d8:69:fd:34:24:d9: 92:3c:df:b3:2e:b5:e9:bc:b9:d0:7f:75:d6:b0:d0:95:46:5d: a1:cb:fa:7a:82:d0:68:b1:62:32:ea:75:ff:58:93:4c:aa:27: 69:21:2a:f1:ef:c5:66:97:9b:2e:8d:10:f2:d3:c4:c5:96:17: f6:57:7f:fb:73:70:87:4c:8d:2b:3b:3b:4e:8e:30:c2:85:99: 11:5c:77:79:89:85:d1:aa:d6:83:bd:57:7d:5f:36:65:49:e0: 05:1f:6f:41:c1:6a:0a:fd:53:58:7b:2e:94:ee:2a:22:93:06: 05:f5:fc:aa:91:ea:6a:a4:fc:fc:08:92:63:79:65:a6:08:be: 9e:52:09:04:5e:51:cc:37:a7:9e:80:4c:9e:24:b8:dd:36:fb: 70:fc:54:a7:90:81:58:89:f3:51:0a:6e:ad:87:fd:68:45:7b: 72:e6:8f:b5 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUVmNeJoRhxtKQurmutzmQ/0MPow0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDNaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGUxZWUxYWYwZjZjNTc3MmYxNzQxNDIzNGZhYjNmM2FhNmJiN2VkNGY0NjQy OTEzOWQxMTY3M2YyZjNlZTc0YTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIiMjaJddYgIZAqMKYEl6RyPETF4pbFtNA5WcYOq5VhjXRiFqE4dISdQuVip s/5gZdlcBJKpFX6siLyQXnXt7fVoPCZAW00j33OdXuKO4r5qrXNho+GYQUcoc2QS b2n1TFyIXnV6I2xFCB5BWmQ9gf+1Pk06QwNPjrwmG4A/AL6LwK6nVk6tfutO8avR tRc/CNAM5ha1BibdEVMCCmIdsbZ3YBSfFNnuyeCMhrd91onP7Yk+ZKMDdWmf236k eLcI70tjKbKXRpIRhEgtmVBBtrf9XvBjU9vd58xyN+sA8S4JNwaculspigdeo6uC ExIyVzIbuzgL31iKB5IUcKsbo2kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTx9Q7v UIwJ+364JWCw5u0WAmgp6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G CSqGSIb3DQEBCwUAA4IBAQBBlEiAARqtjIqfNdzMG+OyC54uZAcsdqJNoVRLXDWy C54ESgnwAlo5n9k5QD4e8KKOcln0ZOmpE1NXGOzGHIAl1q5SqlcJ/QKWmjHNcuaQ oiJPHo/Yaf00JNmSPN+zLrXpvLnQf3XWsNCVRl2hy/p6gtBosWIy6nX/WJNMqidp ISrx78Vml5sujRDy08TFlhf2V3/7c3CHTI0rOztOjjDChZkRXHd5iYXRqtaDvVd9 XzZlSeAFH29BwWoK/VNYey6U7ioikwYF9fyqkepqpPz8CJJjeWWmCL6eUgkEXlHM N6eegEyeJLjdNvtw/FSnkIFYifNRCm6th/1oRXty5o+1 -----END CERTIFICATE-----Generated at Sat Dec 6 11:59:17 2025 by rpki-client