This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json) Hash identifier: Jp8MUADiEnsD7WwznAT6M1Y5nbACM63DT8uRyD1y4bY= Subject key identifier: 94:FB:49:87:C4:C3:D7:6D:0C:04:6B:AC:56:30:A9:31:57:88:14:64 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5ADC9B549DFA6C3499D36433570EE0FC2B279B82 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa Signing time: Wed 10 Dec 2025 06:40:04 +0000 ROA not before: Wed 10 Dec 2025 06:40:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 194.234.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:dc:9b:54:9d:fa:6c:34:99:d3:64:33:57:0e:e0:fc:2b:27:9b:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e7f2a4b5ea63d8f9e6eb6293c6d6a9b4ae0b43826ca6ba86b1687b8c63706ce2, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:61:3e:2b:36:9f:08:74:97:9e:78:32:0e:d3: ab:50:dc:52:94:c9:b0:0b:e1:e5:76:a3:ce:79:08: 51:25:ea:59:34:7b:70:a2:83:69:5a:67:ca:7c:d6: b0:43:c5:48:37:21:25:73:01:27:f5:a5:2d:69:36: a4:f9:3f:94:7d:69:4d:85:0c:fb:2c:ae:92:75:9e: ff:4f:75:a7:6a:9c:6c:e6:40:31:2d:39:f5:2b:05: af:b1:18:64:48:60:e7:b4:14:53:56:9d:c8:59:9f: d4:11:2e:8e:49:06:eb:23:f4:30:7b:04:63:d9:fe: ea:4b:c4:b2:db:40:e8:57:1c:08:d5:84:bf:60:64: 87:fd:5e:0d:ac:05:74:52:12:d2:34:c5:08:17:58: 51:ba:4f:5e:6a:e5:bb:50:6d:7c:e0:21:3d:1a:db: 31:3f:94:f1:c1:15:41:a3:1b:04:71:b1:f9:8d:3b: fc:6c:bd:d5:60:d1:6f:da:2b:d8:49:c4:48:b3:67: 11:d0:9b:05:9e:e2:7f:7f:a0:35:a2:14:87:6e:8d: 2a:5c:fe:ca:be:c2:d9:fd:90:98:36:ae:b9:73:e7: 51:c4:04:14:90:24:85:d8:d2:31:bc:a1:cf:90:bd: 90:3c:c6:b5:d8:0c:04:b4:ba:d3:14:42:a9:01:ca: 71:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:FB:49:87:C4:C3:D7:6D:0C:04:6B:AC:56:30:A9:31:57:88:14:64 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.234.0.0/15 Signature Algorithm: sha256WithRSAEncryption 0b:2f:6f:0a:1f:e9:72:38:b9:61:a0:21:1c:40:f6:c0:4f:c1: 56:b7:47:0f:3b:ff:85:ee:35:c9:0a:52:5e:b2:8b:ee:78:ba: 30:4c:7e:64:ea:73:90:f3:0a:da:3c:5f:c1:fb:7f:2a:93:dd: d2:ad:a4:de:5a:42:54:49:f0:99:52:95:f2:f6:28:db:7b:6b: 0d:8a:d2:fb:14:5d:25:5b:8c:9a:7c:3c:96:f2:c8:0a:eb:22: 60:92:d2:a2:72:83:cf:b8:91:3d:fa:db:87:c9:bd:8f:e3:b5: 1f:41:2a:d1:ba:27:a1:02:c2:d6:3f:3a:74:53:ef:15:25:bc: 52:f5:17:4e:7f:94:3f:a5:32:17:1f:26:96:27:48:0e:cb:60: 16:a0:ec:ec:12:7f:ad:a0:dd:a0:dc:62:bd:97:e4:66:2b:f0: 43:bb:08:be:aa:f7:0b:c8:33:c5:63:27:12:ce:63:31:22:52: 79:3b:25:34:bf:55:7d:4d:f1:32:00:79:fc:c6:d2:70:7a:4a: c6:53:9f:26:ff:03:95:cb:f7:30:57:17:98:a2:e5:a0:13:e3: 9f:b7:d0:d3:f9:d3:02:22:db:0a:26:4d:48:b0:de:57:ed:81: f2:90:67:35:f5:c1:75:4c:c3:ff:d5:16:20:a9:be:ab:71:ef: 72:33:93:6a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUWtybVJ36bDSZ02QzVw7g/Csnm4IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU3ZjJhNGI1ZWE2M2Q4ZjllNmViNjI5M2M2ZDZhOWI0YWUwYjQzODI2Y2E2 YmE4NmIxNjg3YjhjNjM3MDZjZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVhPis2nwh0l554Mg7Tq1DcUpTJsAvh5XajznkIUSXqWTR7cKKDaVpnynzW sEPFSDchJXMBJ/WlLWk2pPk/lH1pTYUM+yyuknWe/091p2qcbOZAMS059SsFr7EY ZEhg57QUU1adyFmf1BEujkkG6yP0MHsEY9n+6kvEsttA6FccCNWEv2Bkh/1eDawF dFIS0jTFCBdYUbpPXmrlu1BtfOAhPRrbMT+U8cEVQaMbBHGx+Y07/Gy91WDRb9or 2EnESLNnEdCbBZ7if3+gNaIUh26NKlz+yr7C2f2QmDauuXPnUcQEFJAkhdjSMbyh z5C9kDzGtdgMBLS60xRCqQHKcZkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSU+0mH xMPXbQwEa6xWMKkxV4gUZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G CSqGSIb3DQEBCwUAA4IBAQALL28KH+lyOLlhoCEcQPbAT8FWt0cPO/+F7jXJClJe sovueLowTH5k6nOQ8wraPF/B+38qk93SraTeWkJUSfCZUpXy9ijbe2sNitL7FF0l W4yafDyW8sgK6yJgktKicoPPuJE9+tuHyb2P47UfQSrRuiehAsLWPzp0U+8VJbxS 9RdOf5Q/pTIXHyaWJ0gOy2AWoOzsEn+toN2g3GK9l+RmK/BDuwi+qvcLyDPFYycS zmMxIlJ5OyU0v1V9TfEyAHn8xtJwekrGU58m/wOVy/cwVxeYouWgE+Oft9DT+dMC ItsKJk1IsN5X7YHykGc19cF1TMP/1RYgqb6rce9yM5Nq -----END CERTIFICATE-----Generated at Mon Dec 15 17:08:08 2025 by rpki-client