This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json) Hash identifier: iSSH+DAUnfwZAn8Y7HSh6xOjV2+BH6ZJ3yW71WNWXBM= Subject key identifier: E2:EE:7C:D2:43:D0:04:C1:97:8A:A6:F5:72:2F:33:4A:17:A0:53:80 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 306F33B8572B9C9148B95B5E1B756A85D09E0AD0 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa Signing time: Tue 25 Nov 2025 20:10:07 +0000 ROA not before: Tue 25 Nov 2025 20:10:07 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a01:578::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:6f:33:b8:57:2b:9c:91:48:b9:5b:5e:1b:75:6a:85:d0:9e:0a:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:07 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=a15fff75123439626f0fc615694a4b4ecb0c5933b3131d7e6354dca87c901353, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:00:0d:42:aa:16:c2:34:64:11:b6:d1:f9:3d: 2d:4d:0c:11:2b:99:14:1b:8b:68:e5:30:5b:fc:a7: f7:c2:11:2d:ff:f3:1d:71:52:26:83:ae:6b:24:87: 08:19:e3:57:bf:d8:2d:1b:ce:e6:ea:d1:89:ca:9c: 19:e7:17:6a:81:36:51:fa:da:8a:2e:06:47:fe:97: a2:c4:3f:ca:aa:d1:e0:3f:49:74:40:29:34:c7:a6: b9:57:85:c8:f6:1b:fe:1f:94:b7:f9:fa:ab:86:ee: 6c:1f:9b:a4:24:c3:40:7c:04:46:bc:2d:d3:01:7a: a6:34:f5:e1:52:a0:ec:da:f8:06:b5:23:2c:51:1f: 1e:53:dd:49:94:fa:1b:35:8d:73:0e:7b:f2:d1:fd: 39:81:9f:42:3e:8b:ed:eb:e4:b7:bd:f9:9e:dd:17: 00:7e:94:4a:c7:11:16:d9:cd:cd:d6:3b:99:dd:cf: 60:48:8c:3c:a0:dd:d0:37:d4:fe:a9:a5:2e:ba:c5: fd:dc:08:a4:be:54:bf:88:18:3c:cb:39:39:97:9e: 77:c6:be:cb:64:40:e4:95:02:3d:3e:79:52:e4:2c: ba:bf:01:23:f7:a1:a8:14:06:58:35:72:b4:5f:39: 9e:e7:e6:22:90:58:1a:0a:9d:66:03:74:ec:be:ac: 03:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:EE:7C:D2:43:D0:04:C1:97:8A:A6:F5:72:2F:33:4A:17:A0:53:80 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:578::/32 Signature Algorithm: sha256WithRSAEncryption 16:27:dd:12:c9:9a:bd:7e:dc:c1:20:14:70:83:de:02:fb:b7: 43:cf:02:be:54:a8:3c:39:f1:21:4c:cf:d8:12:9b:d3:65:06: 02:d0:54:98:70:d8:57:7d:7c:07:94:96:5e:d8:3f:d5:b7:71: 13:a4:69:f2:69:44:dd:2b:3c:fb:11:c8:1d:cd:97:ce:db:a7: e7:9c:eb:3f:a4:83:5e:08:e5:3d:f4:7e:03:fa:af:e8:a5:e7: a6:05:eb:c4:b6:49:c7:0f:9f:70:a0:d8:e3:5d:ae:c2:97:8e: 16:11:07:56:2c:bc:fb:d3:a8:01:01:ab:b6:04:4b:ad:ec:2d: e4:71:53:90:d3:b3:bd:aa:16:e1:d0:a6:95:7c:84:76:c4:17: 23:a5:7b:69:6b:6f:35:ea:01:b8:fa:df:fe:74:37:3b:48:26: 85:e0:38:14:be:a5:b8:e2:d9:62:86:7d:68:ed:b2:57:e4:c8: 3d:69:4b:8f:6e:99:c6:ee:9d:46:92:1b:f8:c4:ad:f1:81:72: be:89:03:36:b4:b9:a0:35:7d:6c:e8:29:d4:b6:22:0b:12:ba: aa:fc:f9:19:e0:6a:76:bd:57:60:68:b1:72:63:40:55:e6:f1: 72:43:ac:48:6a:05:5d:6e:13:43:9c:b5:8f:44:92:7c:68:3b: bf:16:41:18 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUMG8zuFcrnJFIuVteG3VqhdCeCtAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDdaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGExNWZmZjc1MTIzNDM5NjI2ZjBmYzYxNTY5NGE0YjRlY2IwYzU5MzNiMzEz MWQ3ZTYzNTRkY2E4N2M5MDEzNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ4ADUKqFsI0ZBG20fk9LU0MESuZFBuLaOUwW/yn98IRLf/zHXFSJoOuaySH CBnjV7/YLRvO5urRicqcGecXaoE2Ufraii4GR/6XosQ/yqrR4D9JdEApNMemuVeF yPYb/h+Ut/n6q4bubB+bpCTDQHwERrwt0wF6pjT14VKg7Nr4BrUjLFEfHlPdSZT6 GzWNcw578tH9OYGfQj6L7evkt735nt0XAH6USscRFtnNzdY7md3PYEiMPKDd0DfU /qmlLrrF/dwIpL5Uv4gYPMs5OZeed8a+y2RA5JUCPT55UuQsur8BI/ehqBQGWDVy tF85nufmIpBYGgqdZgN07L6sAx0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTi7nzS Q9AEwZeKpvVyLzNKF6BTgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw DQYJKoZIhvcNAQELBQADggEBABYn3RLJmr1+3MEgFHCD3gL7t0PPAr5UqDw58SFM z9gSm9NlBgLQVJhw2Fd9fAeUll7YP9W3cROkafJpRN0rPPsRyB3Nl87bp+ec6z+k g14I5T30fgP6r+il56YF68S2SccPn3Cg2ONdrsKXjhYRB1YsvPvTqAEBq7YES63s LeRxU5DTs72qFuHQppV8hHbEFyOle2lrbzXqAbj63/50NztIJoXgOBS+pbji2WKG fWjtslfkyD1pS49umcbunUaSG/jErfGBcr6JAza0uaA1fWzoKdS2IgsSuqr8+Rng ana9V2BosXJjQFXm8XJDrEhqBV1uE0OctY9EknxoO78WQRg= -----END CERTIFICATE-----Generated at Sat Dec 6 11:50:23 2025 by rpki-client