This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json) Hash identifier: TTRGCKD/gngcNAxRBCH83re/lJ737aZYHJqIbrg84Ds= Subject key identifier: 01:73:2F:7C:08:3C:D7:84:1D:84:20:E4:31:76:92:BE:9C:56:E2:28 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 65BF663AC209BD1DAFECB85E3371BA7B475F0BD6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa Signing time: Sat 15 Nov 2025 06:50:07 +0000 ROA not before: Sat 15 Nov 2025 06:50:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.50.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:bf:66:3a:c2:09:bd:1d:af:ec:b8:5e:33:71:ba:7b:47:5f:0b:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=34c922a349c76ebba8bdc392185cf69acee45c3021b8eac5a865104b1d039392, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6c:71:a9:92:0c:f6:e6:3d:56:b9:30:f0:7e: 2d:95:ee:be:6b:d6:ac:cf:c7:15:1a:78:0d:bd:0c: 42:44:0e:98:c6:4e:a0:31:aa:8b:80:5d:84:42:ab: 6b:62:34:21:e4:3f:10:76:97:ca:28:e3:1d:ac:51: 05:e4:47:2a:be:c4:04:2d:68:df:c1:a1:a6:38:48: 56:79:94:a8:57:04:17:45:ab:31:94:34:8b:69:5a: cc:25:8b:87:d0:38:e3:b4:8b:74:0a:b1:f2:7c:f7: 69:6c:b7:20:ad:b3:73:5b:4c:35:c8:bf:c1:5a:ee: 97:fa:74:14:b3:20:71:78:3b:c4:79:a4:43:82:7b: 07:eb:0f:b5:80:26:58:47:d5:9b:0e:ed:37:24:17: 1c:a8:43:15:15:55:94:2b:be:d9:fa:c2:ff:3d:a6: 2b:06:a1:2b:a3:68:10:91:7f:b5:70:05:4c:07:c3: 58:0c:76:f8:19:dc:84:03:f4:2f:ca:7f:98:12:be: 4e:c4:81:fc:03:1f:11:b1:b5:79:ab:17:d5:3a:20: b0:d9:49:1d:b8:46:00:be:65:47:7a:5b:10:4c:e0: 40:93:61:d3:75:9b:e3:2a:35:ca:3e:9c:23:ec:41: 93:a2:35:26:3b:bd:3d:3f:9c:9a:de:24:b7:98:fb: fb:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:73:2F:7C:08:3C:D7:84:1D:84:20:E4:31:76:92:BE:9C:56:E2:28 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.50.0.0/16 Signature Algorithm: sha256WithRSAEncryption d4:65:9d:2b:98:d5:2b:3f:21:de:1b:5c:68:62:ed:c1:1e:84: ed:f6:fa:65:ef:86:1b:04:02:30:1d:24:0e:36:fb:a7:46:93: da:59:00:b4:92:b2:cd:e8:b7:e0:e9:c9:26:b5:90:0d:cd:44: 00:bf:41:c3:08:45:0d:5b:60:49:41:44:11:fd:fc:88:c7:9d: 06:d3:d1:21:cb:7c:d0:95:27:45:fc:6b:ca:b7:a8:59:14:9a: 6f:cc:cc:65:a6:f9:ed:3e:c5:b4:54:89:63:b1:a8:24:5e:3f: 23:b5:db:a7:0b:f1:eb:18:5b:7b:66:33:b2:c4:a9:06:03:8c: c5:f6:76:49:3d:04:f4:36:68:02:4e:38:bb:5f:8f:46:f6:1a: 8c:b5:57:5e:4a:59:4b:f9:7f:92:e7:98:52:54:38:40:21:af: 78:63:52:e1:9a:59:c2:89:30:2f:9c:54:c7:a7:76:db:75:a5: 22:86:33:62:e8:dc:25:54:cf:4d:2b:3c:8a:51:b7:9c:bb:36: 6a:54:5e:58:f9:e9:e6:c1:5c:fa:3c:5c:c7:01:ec:75:10:f3: 4e:fa:e6:2e:88:a0:e9:b2:ce:11:d6:03:2b:6e:86:4f:0b:75: 1b:e0:9b:a4:15:8c:a5:8e:3d:fb:27:43:f4:7f:23:6b:9b:fe: e8:de:68:83 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUZb9mOsIJvR2v7LheM3G6e0dfC9YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM0YzkyMmEzNDljNzZlYmJhOGJkYzM5MjE4NWNmNjlhY2VlNDVjMzAyMWI4 ZWFjNWE4NjUxMDRiMWQwMzkzOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtscamSDPbmPVa5MPB+LZXuvmvWrM/HFRp4Db0MQkQOmMZOoDGqi4BdhEKr a2I0IeQ/EHaXyijjHaxRBeRHKr7EBC1o38GhpjhIVnmUqFcEF0WrMZQ0i2lazCWL h9A447SLdAqx8nz3aWy3IK2zc1tMNci/wVrul/p0FLMgcXg7xHmkQ4J7B+sPtYAm WEfVmw7tNyQXHKhDFRVVlCu+2frC/z2mKwahK6NoEJF/tXAFTAfDWAx2+BnchAP0 L8p/mBK+TsSB/AMfEbG1easX1TogsNlJHbhGAL5lR3pbEEzgQJNh03Wb4yo1yj6c I+xBk6I1Jju9PT+cmt4kt5j7+5sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQBcy98 CDzXhB2EIOQxdpK+nFbiKDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G CSqGSIb3DQEBCwUAA4IBAQDUZZ0rmNUrPyHeG1xoYu3BHoTt9vpl74YbBAIwHSQO NvunRpPaWQC0krLN6Lfg6ckmtZANzUQAv0HDCEUNW2BJQUQR/fyIx50G09Ehy3zQ lSdF/GvKt6hZFJpvzMxlpvntPsW0VIljsagkXj8jtdunC/HrGFt7ZjOyxKkGA4zF 9nZJPQT0NmgCTji7X49G9hqMtVdeSllL+X+S55hSVDhAIa94Y1LhmlnCiTAvnFTH p3bbdaUihjNi6NwlVM9NKzyKUbecuzZqVF5Y+enmwVz6PFzHAex1EPNO+uYuiKDp ss4R1gMrboZPC3Ub4JukFYyljj37J0P0fyNrm/7o3miD -----END CERTIFICATE-----Generated at Sat Dec 6 11:01:05 2025 by rpki-client