This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json) Hash identifier: A+gjGeVj1jEsns2UipTYkTRGJxJt0bAgLYk5Pc1Dk7M= Subject key identifier: 10:06:65:48:29:A2:4C:A8:23:A9:BA:F1:AB:CB:25:28:EB:48:A7:43 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 37FEC8EED755222CAEE4A3418BF1D8F8E95496C7 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa Signing time: Sat 15 Nov 2025 06:50:47 +0000 ROA not before: Sat 15 Nov 2025 06:50:47 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 194.198.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:fe:c8:ee:d7:55:22:2c:ae:e4:a3:41:8b:f1:d8:f8:e9:54:96:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:47 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b6bc1f23feca404fb0813dd795694cf8e854b43f5d999c83d7047fa911301083, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:02:72:61:e3:0b:52:0a:e9:3c:b1:8a:14:a6: 8d:34:28:ec:f9:01:fb:43:35:80:b0:ff:6e:22:ad: ed:9a:2c:c3:69:b0:84:08:24:dc:52:c3:38:9e:22: 8c:29:23:fa:38:e8:dc:46:b4:9e:e0:fe:17:79:07: 71:65:c5:61:aa:c3:a4:63:19:5d:ec:0b:08:a0:eb: 63:c1:af:a7:34:15:35:f5:11:d8:4c:5f:a4:59:c6: 29:c8:68:b5:51:20:c9:cc:68:7b:9c:63:8d:64:41: db:47:cd:23:23:96:c9:9c:63:07:93:92:92:bb:12: ee:40:62:17:fe:fa:d2:90:f0:46:fb:81:7f:38:5f: 3f:7f:b7:71:1f:54:ae:65:2c:f0:5c:bf:f0:c8:41: 9a:07:7d:9b:9e:72:30:5f:67:7c:6b:6f:81:2a:e1: a7:00:39:50:e6:b4:32:b2:c0:db:a6:f1:97:a0:32: 2b:36:be:61:53:cf:e3:e4:7b:d1:93:df:0e:ee:6e: f9:c6:bd:c3:a7:d9:5a:34:04:6d:77:02:d6:fa:6c: 25:d4:99:88:ae:b1:ed:e9:07:07:00:97:48:04:47: 4c:37:d5:bd:70:6a:f5:ca:3b:70:8f:f0:b5:9b:2c: d5:02:02:b0:d7:3b:87:ef:21:52:49:21:d6:6b:5d: 7e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:06:65:48:29:A2:4C:A8:23:A9:BA:F1:AB:CB:25:28:EB:48:A7:43 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.198.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3f:f9:d0:3a:2a:7b:39:a7:e9:c9:bf:03:f8:c7:02:57:db:48: 1f:37:2c:1f:d2:4b:2b:a2:85:2d:7a:12:bb:5a:40:69:59:ba: 21:6e:ab:3c:31:8f:5c:b9:f9:75:39:a8:88:07:08:a5:1f:6e: 60:1c:13:4d:fb:9e:6d:11:87:a4:73:cc:b2:a6:45:29:67:14: 85:ef:91:d0:e2:13:d4:e1:74:9b:f0:12:ad:57:2d:0e:45:a2: 12:16:7c:d8:f8:4c:9d:c8:43:98:a5:d8:46:ea:8b:d5:99:16: 91:ca:0b:1a:f7:01:c5:2e:47:fd:c5:45:28:fb:e4:ed:5e:7b: 49:a4:ad:27:47:c6:ad:91:f9:c6:78:3f:3d:d1:de:47:14:ee: d8:00:54:a6:c7:9b:9f:3b:19:00:4c:d1:82:19:81:cd:53:08: c4:66:a5:92:c8:4e:8c:ee:d4:72:9e:02:d8:ea:b3:33:5c:32: d4:b7:1a:b1:ae:f9:d7:f6:75:bf:0e:a3:05:96:79:69:77:0b: 4c:ee:fb:16:75:a5:ea:01:c5:f2:ac:f8:35:00:c1:f3:0e:4c: 98:47:98:5d:1e:7d:82:b4:c5:8a:ac:30:75:6c:be:51:3d:67: 4a:d9:62:a9:9c:0a:f0:cb:75:7d:26:2a:85:17:19:38:72:04: 77:d9:3a:dc -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUN/7I7tdVIiyu5KNBi/HY+OlUlscwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGI2YmMxZjIzZmVjYTQwNGZiMDgxM2RkNzk1Njk0Y2Y4ZTg1NGI0M2Y1ZDk5 OWM4M2Q3MDQ3ZmE5MTEzMDEwODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYCcmHjC1IK6TyxihSmjTQo7PkB+0M1gLD/biKt7Zosw2mwhAgk3FLDOJ4i jCkj+jjo3Ea0nuD+F3kHcWXFYarDpGMZXewLCKDrY8GvpzQVNfUR2ExfpFnGKcho tVEgycxoe5xjjWRB20fNIyOWyZxjB5OSkrsS7kBiF/760pDwRvuBfzhfP3+3cR9U rmUs8Fy/8MhBmgd9m55yMF9nfGtvgSrhpwA5UOa0MrLA26bxl6AyKza+YVPP4+R7 0ZPfDu5u+ca9w6fZWjQEbXcC1vpsJdSZiK6x7ekHBwCXSARHTDfVvXBq9co7cI/w tZss1QICsNc7h+8hUkkh1mtdfjUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQBmVI KaJMqCOpuvGryyUo60inQzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G CSqGSIb3DQEBCwUAA4IBAQA/+dA6Kns5p+nJvwP4xwJX20gfNywf0ksrooUtehK7 WkBpWbohbqs8MY9cufl1OaiIBwilH25gHBNN+55tEYekc8yypkUpZxSF75HQ4hPU 4XSb8BKtVy0ORaISFnzY+EydyEOYpdhG6ovVmRaRygsa9wHFLkf9xUUo++TtXntJ pK0nR8atkfnGeD890d5HFO7YAFSmx5ufOxkATNGCGYHNUwjEZqWSyE6M7tRyngLY 6rMzXDLUtxqxrvnX9nW/DqMFlnlpdwtM7vsWdaXqAcXyrPg1AMHzDkyYR5hdHn2C tMWKrDB1bL5RPWdK2WKpnArwy3V9JiqFFxk4cgR32Trc -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:28 2025 by rpki-client