This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json) Hash identifier: 35Ln/jZ6Bwi3nb0FQH3KufVC6lBFzgQmni3RfznT/1w= Subject key identifier: 28:EE:D0:DD:BC:EB:E8:15:D9:B7:F2:7F:C4:FB:8D:B9:0F:EA:D9:86 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7674A381BF8CB653E93BBCA95F35C1D2840E5AE9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa Signing time: Tue 18 Nov 2025 00:40:29 +0000 ROA not before: Tue 18 Nov 2025 00:40:29 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.44.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:74:a3:81:bf:8c:b6:53:e9:3b:bc:a9:5f:35:c1:d2:84:0e:5a:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:29 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=0ea2924232f879f0d1472e17579ccbf0b76271e567b59f6831eff5e41f124ac0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ad:c0:00:3c:60:3a:a1:19:2c:0f:76:9f:02: 00:70:e1:cd:70:be:a8:50:7c:04:83:fa:7f:00:36: c8:76:36:e2:9b:ac:4b:d4:60:fd:2f:96:bf:b8:30: 78:dc:ad:6b:99:0a:94:7b:fe:d4:5f:d3:ac:01:86: 73:21:b1:5c:59:9a:eb:c3:6f:96:34:cd:2d:37:04: af:e9:a6:f3:1b:85:00:ab:f6:71:e3:fd:07:c9:a2: f4:97:86:6b:2e:fd:37:0e:3f:ab:3c:fe:b8:b3:4b: 90:9f:71:cf:af:cd:e7:40:b2:52:e2:09:55:44:f6: b5:3d:36:d3:6f:e6:99:d6:2f:d9:95:1b:2e:d7:0f: 36:ea:dc:1d:77:82:54:99:aa:81:cf:c0:a5:0a:f0: ad:70:94:1a:73:18:69:2c:2e:ce:da:7c:7f:23:b5: 9e:07:e1:53:7b:06:48:4f:9c:45:5d:70:54:60:1b: 6b:a7:53:97:3a:62:d8:30:9f:30:4c:ab:84:49:b8: 3e:82:0c:97:72:08:fd:25:ef:42:fc:12:c5:5b:d2: 45:3d:71:6b:29:43:44:55:ae:f7:7d:94:f5:f2:95: 50:3c:06:c9:e3:ef:ec:85:d8:f4:81:ff:c0:f6:9c: 31:30:ea:c3:5c:87:22:12:a3:c2:5c:c4:45:54:7c: c1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:EE:D0:DD:BC:EB:E8:15:D9:B7:F2:7F:C4:FB:8D:B9:0F:EA:D9:86 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.44.0.0/16 Signature Algorithm: sha256WithRSAEncryption 25:37:f9:31:8e:32:17:34:ae:c9:fb:2b:01:cf:56:5a:07:a0: 5f:ac:d0:3a:17:ca:a2:82:4f:ca:c0:9b:64:59:77:2d:e1:12: d6:08:3a:2f:03:0f:4a:96:da:e2:71:da:17:33:28:46:00:8a: 8a:6b:74:a1:46:e7:d6:4f:2c:73:7f:36:52:18:37:ee:4c:f8: 3e:03:56:ff:d9:71:47:f0:94:96:31:c7:94:e6:37:b0:e1:04: 92:f0:14:a1:d9:cf:9a:50:b5:e8:1b:5d:c3:7d:b0:22:81:1c: 47:3e:97:16:3f:a3:9b:8b:e0:08:f6:7f:86:69:d4:e7:73:b3: bd:fc:a7:56:fa:b8:50:6d:dc:a7:eb:78:77:ed:ab:ef:47:ff: f2:db:82:eb:30:33:3c:33:96:73:22:af:d7:a9:90:cd:a6:07: 50:aa:47:8a:20:57:5a:72:81:85:58:67:19:67:17:e0:69:80: af:60:82:55:74:26:dd:a3:bb:b5:df:45:09:fd:c9:78:6d:93: f9:b2:73:81:9f:83:57:23:cc:99:dd:35:87:5b:5a:d7:25:c8: 55:fe:ea:4f:b3:c3:c7:0a:cc:f4:93:2e:fe:96:21:89:47:3a: d5:bd:06:12:7a:1c:3d:46:30:a1:5f:48:89:f6:13:42:5c:d3: 4b:4e:ff:ea -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUdnSjgb+MtlPpO7ypXzXB0oQOWukwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMjlaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDBlYTI5MjQyMzJmODc5ZjBkMTQ3MmUxNzU3OWNjYmYwYjc2MjcxZTU2N2I1 OWY2ODMxZWZmNWU0MWYxMjRhYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6twAA8YDqhGSwPdp8CAHDhzXC+qFB8BIP6fwA2yHY24pusS9Rg/S+Wv7gw eNyta5kKlHv+1F/TrAGGcyGxXFma68NvljTNLTcEr+mm8xuFAKv2ceP9B8mi9JeG ay79Nw4/qzz+uLNLkJ9xz6/N50CyUuIJVUT2tT0202/mmdYv2ZUbLtcPNurcHXeC VJmqgc/ApQrwrXCUGnMYaSwuztp8fyO1ngfhU3sGSE+cRV1wVGAba6dTlzpi2DCf MEyrhEm4PoIMl3II/SXvQvwSxVvSRT1xaylDRFWu932U9fKVUDwGyePv7IXY9IH/ wPacMTDqw1yHIhKjwlzERVR8wYECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQo7tDd vOvoFdm38n/E+425D+rZhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G CSqGSIb3DQEBCwUAA4IBAQAlN/kxjjIXNK7J+ysBz1ZaB6BfrNA6F8qigk/KwJtk WXct4RLWCDovAw9KltricdoXMyhGAIqKa3ShRufWTyxzfzZSGDfuTPg+A1b/2XFH 8JSWMceU5jew4QSS8BSh2c+aULXoG13DfbAigRxHPpcWP6Obi+AI9n+GadTnc7O9 /KdW+rhQbdyn63h37avvR//y24LrMDM8M5ZzIq/XqZDNpgdQqkeKIFdacoGFWGcZ ZxfgaYCvYIJVdCbdo7u130UJ/cl4bZP5snOBn4NXI8yZ3TWHW1rXJchV/upPs8PH Csz0ky7+liGJRzrVvQYSehw9RjChX0iJ9hNCXNNLTv/q -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:55 2025 by rpki-client