This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json) Hash identifier: jfu2lLns2kp/LS2fh1F7hugKSTn0ceiHieRXxRsgzHg= Subject key identifier: E3:A6:3E:4D:1C:41:4F:24:97:C6:8B:1A:23:C7:91:E6:53:06:87:07 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6A55603A4E21734ECBA1F0155779AE5903B7952B Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa Signing time: Sun 16 Nov 2025 01:00:17 +0000 ROA not before: Sun 16 Nov 2025 01:00:17 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.17.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:55:60:3a:4e:21:73:4e:cb:a1:f0:15:57:79:ae:59:03:b7:95:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:17 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=25da1eee3e0158888375c90e3bfabf3f3f73d3e86d05488e2f2e9ed63a055177, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:20:5f:20:35:78:98:7c:51:b7:07:81:95:c6: f5:ed:0b:0f:65:0f:38:bc:8d:71:62:c0:5c:13:0d: d4:c1:e1:ba:f5:cc:12:4a:ee:14:d0:eb:cd:a8:b2: ee:38:32:8a:e4:12:15:f3:a4:a0:80:a2:1b:5a:27: fb:c2:1e:3f:3a:06:32:1c:37:05:da:94:1e:8f:ec: fc:dc:9d:2b:14:43:24:c5:77:fa:48:f1:02:a6:b8: 24:ba:2d:33:54:09:43:1e:02:a9:d4:f6:67:ad:b2: 20:cb:57:bb:4b:88:44:e5:ad:dc:5a:90:d8:bd:5c: 91:45:ef:3b:c8:f8:88:6c:57:94:c5:a3:67:92:55: bb:b1:6d:12:c2:c7:9b:e9:fa:15:8f:2d:de:ca:08: 43:7c:65:73:6e:ee:02:6f:f3:c2:87:b0:77:f2:c8: 2a:1f:71:6e:aa:f5:92:2b:c1:9f:77:d4:2f:c9:8e: ba:c8:bc:a6:73:96:26:04:01:78:44:8e:9b:4e:3d: b0:fe:79:ce:da:73:2c:8f:db:4a:82:72:37:9b:b8: ee:6d:07:0e:8a:24:c6:20:42:30:22:3c:6e:bb:30: 55:8c:be:9d:52:87:15:cb:29:49:44:23:1e:0a:8a: f0:4c:88:fe:ed:ec:7f:d5:30:fa:7f:b4:52:76:ba: 54:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A6:3E:4D:1C:41:4F:24:97:C6:8B:1A:23:C7:91:E6:53:06:87:07 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.17.0.0/24 Signature Algorithm: sha256WithRSAEncryption 78:aa:4e:7e:2a:df:0b:af:5a:3e:ba:30:1d:62:c4:98:7e:af: 84:0d:9b:7b:e8:07:0d:3b:29:47:db:cf:4c:0f:23:4c:d3:e4: e0:a9:b2:e6:2a:e4:d5:e0:d8:e4:41:b9:ff:68:f2:30:62:9a: cc:39:38:fe:12:ae:be:be:c3:59:24:87:a4:25:84:20:42:30: e2:d7:34:d0:03:a2:73:2f:13:99:9a:32:b8:2f:88:6f:48:2e: 87:3e:fd:1b:58:1f:b3:8b:61:31:68:9c:e6:b3:45:9f:3b:26: 8b:b6:da:ab:b7:83:3d:fe:34:49:43:f1:1e:c0:f5:31:eb:99: f2:8e:b5:1d:17:b4:e4:f9:54:cf:c2:bb:bd:e6:d7:7e:f7:79: 57:5f:ef:97:e2:de:cf:dc:94:df:c9:72:0c:de:9e:8c:5a:23: 77:0d:d5:fb:0a:92:34:7e:e4:77:34:f3:89:81:ff:1b:a4:46: c0:b3:3b:3d:be:58:9e:98:86:bc:65:cb:8f:43:ed:ca:32:e3: ff:b2:b8:f2:82:fe:18:d4:89:b7:9b:0b:cb:89:e9:9c:6e:ca: 05:6a:59:1b:0c:97:3b:90:8b:65:5d:f0:d5:6a:cd:fc:ea:4b: e6:8e:a1:cb:26:e7:00:f0:ca:03:fd:5a:60:cc:e6:a2:27:a9: 6d:35:69:25 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUalVgOk4hc07LofAVV3muWQO3lSswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMTdaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDI1ZGExZWVlM2UwMTU4ODg4Mzc1YzkwZTNiZmFiZjNmM2Y3M2QzZTg2ZDA1 NDg4ZTJmMmU5ZWQ2M2EwNTUxNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALogXyA1eJh8UbcHgZXG9e0LD2UPOLyNcWLAXBMN1MHhuvXMEkruFNDrzaiy 7jgyiuQSFfOkoICiG1on+8IePzoGMhw3BdqUHo/s/NydKxRDJMV3+kjxAqa4JLot M1QJQx4CqdT2Z62yIMtXu0uIROWt3FqQ2L1ckUXvO8j4iGxXlMWjZ5JVu7FtEsLH m+n6FY8t3soIQ3xlc27uAm/zwoewd/LIKh9xbqr1kivBn3fUL8mOusi8pnOWJgQB eESOm049sP55ztpzLI/bSoJyN5u47m0HDookxiBCMCI8brswVYy+nVKHFcspSUQj HgqK8EyI/u3sf9Uw+n+0Una6VOUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjpj5N HEFPJJfGixojx5HmUwaHBzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN BgkqhkiG9w0BAQsFAAOCAQEAeKpOfirfC69aProwHWLEmH6vhA2be+gHDTspR9vP TA8jTNPk4Kmy5irk1eDY5EG5/2jyMGKazDk4/hKuvr7DWSSHpCWEIEIw4tc00AOi cy8TmZoyuC+Ib0guhz79G1gfs4thMWic5rNFnzsmi7baq7eDPf40SUPxHsD1MeuZ 8o61HRe05PlUz8K7vebXfvd5V1/vl+Lez9yU38lyDN6ejFojdw3V+wqSNH7kdzTz iYH/G6RGwLM7Pb5YnpiGvGXLj0PtyjLj/7K48oL+GNSJt5sLy4npnG7KBWpZGwyX O5CLZV3w1WrN/OpL5o6hyybnAPDKA/1aYMzmoiepbTVpJQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:47:04 2025 by rpki-client