This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json) Hash identifier: Ra8C4T5+UjhsClXtmuGtC168+MHZLLvoq6jzj+dhCps= Subject key identifier: 0F:EE:C2:39:E2:CD:26:DC:72:25:A2:65:DA:D7:B1:88:28:92:9A:41 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0DCC071979010763BDFFA211B9DA237DF3DE3D42 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa Signing time: Tue 25 Nov 2025 20:10:27 +0000 ROA not before: Tue 25 Nov 2025 20:10:27 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 83.129.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:cc:07:19:79:01:07:63:bd:ff:a2:11:b9:da:23:7d:f3:de:3d:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:27 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=37254cdc1615ebe51491b69587c12bf15e86d470104ee6da12611e8de5e7a1b0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:59:a1:c7:26:21:f8:28:50:3d:3d:2a:e1:a0: af:4e:e2:65:af:7d:6b:e9:c4:e5:53:f5:24:d0:0e: 70:8d:c8:59:c4:00:ac:0e:e8:52:4d:19:ba:64:8f: c0:e4:e1:94:1d:41:fb:a3:73:20:50:10:79:2d:e5: 44:ac:d6:3d:9a:9b:2f:2d:75:d8:5a:a3:29:65:a7: 86:9d:0d:5e:af:5e:cc:51:b6:55:ff:48:0e:ef:6f: b5:03:32:9b:57:92:cc:37:6d:f8:5f:fe:c0:b2:e1: 72:c9:ec:4d:48:28:9e:7b:36:98:ff:b5:45:41:81: c2:54:c4:0f:09:e2:62:35:e1:52:7b:28:ba:1b:a4: f1:f5:ac:7b:3d:07:d8:9b:9a:d9:62:5b:8f:69:19: 63:af:0c:5d:a9:bc:a8:9e:3e:eb:18:2c:6d:69:92: 16:8e:12:aa:39:34:9f:75:71:48:9f:7d:f1:03:a4: 1a:c7:70:ce:4b:dd:40:e5:fe:d0:9c:6d:c6:76:ce: 74:36:6d:c4:14:85:7b:fb:df:64:aa:7f:80:e3:c7: d6:6f:7a:3d:d2:a0:2e:ac:aa:cf:58:52:fc:d7:66: a2:3b:cb:46:51:10:e0:d0:cb:62:40:cb:b0:49:0c: c7:11:cc:3a:68:74:fe:43:6b:b1:40:71:13:14:72: 9e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:EE:C2:39:E2:CD:26:DC:72:25:A2:65:DA:D7:B1:88:28:92:9A:41 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.129.0.0/16 Signature Algorithm: sha256WithRSAEncryption b0:13:ac:5b:f1:3d:dd:92:d5:a8:f2:ad:cc:63:95:2b:30:07: 73:8f:88:b8:4a:28:77:c5:f1:23:4d:da:88:ca:79:a3:0c:cc: b7:8c:2c:14:60:16:c8:25:7b:5e:15:3b:3d:63:ff:a8:0e:7d: c1:36:d2:7a:00:2d:0d:70:d5:f4:36:13:1d:05:4d:01:c4:b8: c3:0f:b0:22:92:d8:c8:01:0d:c8:ec:bb:b3:67:b2:60:2a:8e: c0:64:a9:d7:61:35:e4:6a:4f:4e:2a:8a:cf:98:f2:9f:db:d3: 92:5d:79:b1:34:38:df:05:f6:1d:2a:d4:2c:4e:42:ae:e9:9e: cf:c4:ff:8e:fb:48:fc:fe:a2:93:67:93:71:ae:31:f1:62:cb: c4:63:db:23:45:22:11:81:75:51:d0:98:e9:79:08:a7:57:31: 92:04:57:c0:52:a5:ea:a9:81:03:8f:93:27:b2:33:ef:0b:ef: 26:e5:42:0f:72:35:16:b0:e6:e8:08:32:31:4d:c4:08:e4:0c: e9:11:68:1e:cd:e6:75:93:af:59:21:80:ee:01:e8:01:40:f0: eb:28:45:c7:48:51:3e:e5:f8:30:21:b4:e6:e6:d3:49:a1:8c: b9:37:e2:94:5e:24:a4:d8:98:26:3f:1f:d0:1d:ef:c5:ce:ad: 30:59:d9:7d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUDcwHGXkBB2O9/6IRudojffPePUIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjdaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDM3MjU0Y2RjMTYxNWViZTUxNDkxYjY5NTg3YzEyYmYxNWU4NmQ0NzAxMDRl ZTZkYTEyNjExZThkZTVlN2ExYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9ZoccmIfgoUD09KuGgr07iZa99a+nE5VP1JNAOcI3IWcQArA7oUk0ZumSP wOThlB1B+6NzIFAQeS3lRKzWPZqbLy112FqjKWWnhp0NXq9ezFG2Vf9IDu9vtQMy m1eSzDdt+F/+wLLhcsnsTUgonns2mP+1RUGBwlTEDwniYjXhUnsouhuk8fWsez0H 2Jua2WJbj2kZY68MXam8qJ4+6xgsbWmSFo4Sqjk0n3VxSJ998QOkGsdwzkvdQOX+ 0JxtxnbOdDZtxBSFe/vfZKp/gOPH1m96PdKgLqyqz1hS/NdmojvLRlEQ4NDLYkDL sEkMxxHMOmh0/kNrsUBxExRyntMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQP7sI5 4s0m3HIlomXa17GIKJKaQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G CSqGSIb3DQEBCwUAA4IBAQCwE6xb8T3dktWo8q3MY5UrMAdzj4i4Sih3xfEjTdqI ynmjDMy3jCwUYBbIJXteFTs9Y/+oDn3BNtJ6AC0NcNX0NhMdBU0BxLjDD7AiktjI AQ3I7LuzZ7JgKo7AZKnXYTXkak9OKorPmPKf29OSXXmxNDjfBfYdKtQsTkKu6Z7P xP+O+0j8/qKTZ5NxrjHxYsvEY9sjRSIRgXVR0JjpeQinVzGSBFfAUqXqqYEDj5Mn sjPvC+8m5UIPcjUWsOboCDIxTcQI5AzpEWgezeZ1k69ZIYDuAegBQPDrKEXHSFE+ 5fgwIbTm5tNJoYy5N+KUXiSk2JgmPx/QHe/Fzq0wWdl9 -----END CERTIFICATE-----Generated at Sat Dec 6 14:56:08 2025 by rpki-client