This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json) Hash identifier: gDrpp/XZzZPNu6NbSoa4XpIVDqfSPlMqDyxjKx5Znkg= Subject key identifier: 4B:B5:AE:F0:03:BE:E4:F4:59:52:07:E0:2C:78:CB:3A:DB:B4:3C:30 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 48FE406565921632E08866740B289545A10D3597 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa Signing time: Tue 25 Nov 2025 20:10:06 +0000 ROA not before: Tue 25 Nov 2025 20:10:06 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.70.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:fe:40:65:65:92:16:32:e0:88:66:74:0b:28:95:45:a1:0d:35:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:06 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=14276b4cf77f4a4baa15b92ab8c4c6fcb0985eb0bde3a9654b4539b9eb229205, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6c:0f:0f:bb:f1:97:55:63:dc:73:bd:b5:72: 19:f3:b6:18:67:43:20:24:bb:73:d6:03:d2:83:ee: ab:e6:24:51:db:61:91:92:35:23:b1:2a:23:0f:2b: 0c:d5:a4:53:fb:d9:b1:ad:12:5c:6c:69:07:5a:13: d0:5b:5f:bb:e8:9d:81:c5:5e:bf:a2:c5:b3:fe:88: 28:a0:dc:fd:ed:65:e1:49:28:1e:90:37:2a:da:f6: a5:b8:88:5b:e7:f6:f7:b5:1b:65:ee:56:e6:79:45: 18:d6:9f:05:4a:8c:5c:fd:62:6c:64:fc:75:80:0f: 17:df:6d:05:22:eb:7c:49:ae:df:1b:8f:cd:ae:9f: 25:a2:ec:76:27:65:8d:54:be:25:00:d6:db:07:5f: 5d:bb:fa:5a:62:c2:12:8d:e8:b9:db:99:31:cd:f0: c9:7d:6a:25:b2:7a:3e:a2:43:bd:fb:b6:ee:e5:f3: 7b:76:e1:98:e3:70:4c:b5:fc:73:03:be:4c:b6:c6: dd:97:09:85:26:c9:ae:7f:c8:5a:5f:d4:8c:42:7b: 02:7a:ce:b2:75:7c:92:34:df:58:4d:ee:2c:e1:b7: 8e:d2:46:fa:2a:db:79:0f:90:40:88:09:cf:2e:94: 5a:ef:45:54:58:4f:a5:54:1f:b3:5a:f6:72:19:81: 9c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B5:AE:F0:03:BE:E4:F4:59:52:07:E0:2C:78:CB:3A:DB:B4:3C:30 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.70.0.0/16 Signature Algorithm: sha256WithRSAEncryption 68:c4:64:1d:54:52:70:c7:0c:a5:f5:01:97:7b:98:0b:e6:71: 7b:56:0d:fb:09:52:e0:e7:cf:7c:d5:3f:f8:63:4d:cc:54:8c: 31:6d:8e:b9:57:74:f2:a3:6a:7b:1c:8e:54:05:59:51:74:2e: f3:05:89:63:35:cc:a4:31:f4:6b:ef:75:51:02:a9:86:8b:1f: 59:52:fb:89:17:a4:7f:bb:07:bc:99:5c:6f:15:db:09:4d:50: 40:08:90:e4:56:15:97:5a:5d:fc:ac:01:4c:fd:d3:8c:67:6d: 3f:69:d5:fd:9e:7a:73:cf:35:f5:6f:3d:53:f1:59:11:36:e3: 4e:ba:1c:79:1b:b4:5f:e8:46:1c:dd:f8:29:0e:f6:fe:ab:3a: 0e:32:11:44:35:e6:ed:78:d9:21:72:65:2d:fd:53:4e:0b:cd: 05:a7:ac:e8:7e:b5:c3:f9:ef:86:90:95:99:fc:3b:0f:ba:d8: 87:88:65:4e:65:7b:9c:4b:88:15:86:b7:98:31:6a:42:28:e3: ed:b6:e9:cf:3d:72:eb:2b:21:18:c7:a6:ab:c1:71:14:a6:f1: 69:53:85:73:58:45:5d:ad:dd:d3:e0:9e:fc:dc:27:94:ce:77: ff:04:1c:dc:28:43:ab:8d:f1:ed:1f:79:8b:71:28:64:d2:ee: 7e:8d:fa:dd -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSP5AZWWSFjLgiGZ0CyiVRaENNZcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDZaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDE0Mjc2YjRjZjc3ZjRhNGJhYTE1YjkyYWI4YzRjNmZjYjA5ODVlYjBiZGUz YTk2NTRiNDUzOWI5ZWIyMjkyMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1sDw+78ZdVY9xzvbVyGfO2GGdDICS7c9YD0oPuq+YkUdthkZI1I7EqIw8r DNWkU/vZsa0SXGxpB1oT0Ftfu+idgcVev6LFs/6IKKDc/e1l4UkoHpA3Ktr2pbiI W+f297UbZe5W5nlFGNafBUqMXP1ibGT8dYAPF99tBSLrfEmu3xuPza6fJaLsdidl jVS+JQDW2wdfXbv6WmLCEo3ouduZMc3wyX1qJbJ6PqJDvfu27uXze3bhmONwTLX8 cwO+TLbG3ZcJhSbJrn/IWl/UjEJ7AnrOsnV8kjTfWE3uLOG3jtJG+irbeQ+QQIgJ zy6UWu9FVFhPpVQfs1r2chmBnAMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRLta7w A77k9FlSB+AseMs627Q8MDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G CSqGSIb3DQEBCwUAA4IBAQBoxGQdVFJwxwyl9QGXe5gL5nF7Vg37CVLg58981T/4 Y03MVIwxbY65V3Tyo2p7HI5UBVlRdC7zBYljNcykMfRr73VRAqmGix9ZUvuJF6R/ uwe8mVxvFdsJTVBACJDkVhWXWl38rAFM/dOMZ20/adX9nnpzzzX1bz1T8VkRNuNO uhx5G7Rf6EYc3fgpDvb+qzoOMhFENebteNkhcmUt/VNOC80Fp6zofrXD+e+GkJWZ /DsPutiHiGVOZXucS4gVhreYMWpCKOPttunPPXLrKyEYx6arwXEUpvFpU4VzWEVd rd3T4J783CeUznf/BBzcKEOrjfHtH3mLcShk0u5+jfrd -----END CERTIFICATE-----Generated at Sat Dec 6 10:53:51 2025 by rpki-client