This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json) Hash identifier: sO9J62O/xUNmV0jN4xqlbq0uATej8tT6cekTjce5Zfk= Subject key identifier: 22:7E:DF:88:D9:4F:EF:72:9F:4F:B5:25:C6:F6:5B:25:40:56:CA:CA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5260EFAB5E3A688755BEDD927F0A49E5B9FBBC8C Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa Signing time: Tue 18 Nov 2025 00:40:05 +0000 ROA not before: Tue 18 Nov 2025 00:40:05 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.85.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:60:ef:ab:5e:3a:68:87:55:be:dd:92:7f:0a:49:e5:b9:fb:bc:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:05 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=f7ea3adf4cf64304765820831fa974f3834b7eab9ddffbdca55252669158acd6, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:26:4c:7e:f6:51:29:cb:7c:6d:35:6b:32:f5: 73:2e:f7:b4:8f:f9:79:86:d6:28:4d:c6:34:1f:05: 2c:4a:3d:09:b3:e9:3c:ed:33:17:b0:a7:08:f6:95: a6:5c:c1:1a:0f:77:98:08:a3:6b:c3:e0:24:df:40: c5:19:8f:03:a6:23:ad:b9:70:f6:19:97:d3:58:f3: 43:b6:11:db:24:43:22:5f:30:00:c0:d5:ce:fa:ef: 50:c0:9e:70:2f:f1:88:0f:c6:5b:12:18:54:cf:61: a3:87:46:3d:4a:51:f9:8e:07:32:f9:90:a0:3e:c3: e8:e3:41:68:e9:9b:f9:87:30:07:d3:76:9d:25:62: b4:b4:59:42:30:8b:f1:d0:c8:c2:45:10:c6:44:de: 74:32:de:b7:8a:e9:14:83:7a:2f:84:4c:65:f0:12: d6:e9:8a:f9:43:ef:7e:d2:6a:4a:5e:95:7a:19:54: 1e:bd:f3:5a:32:f2:17:b9:00:c3:4d:ed:a7:f5:dc: f7:68:79:47:5f:f9:79:54:43:cc:d1:95:d6:1d:30: d4:cf:39:08:9e:d5:e9:6e:96:83:a1:84:ad:b8:6d: 1a:2b:a5:4d:65:8c:fd:d6:cd:20:7a:de:28:a2:57: 59:70:e8:19:6b:d4:9c:ad:a6:cc:f3:dc:df:8d:88: 61:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:7E:DF:88:D9:4F:EF:72:9F:4F:B5:25:C6:F6:5B:25:40:56:CA:CA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.85.0.0/16 Signature Algorithm: sha256WithRSAEncryption a3:d7:c7:f5:84:8e:12:6c:47:80:9b:5f:8f:54:6e:94:e8:d5: 56:57:42:e6:d5:33:5a:70:c7:5b:5c:9c:81:56:70:44:97:69: 99:26:58:5f:78:fa:65:3e:5a:19:7a:a6:5d:ca:b2:7d:75:de: 37:2c:1e:9b:86:53:16:4f:96:4c:70:ce:df:df:83:b7:a7:52: af:10:b3:46:b0:17:bb:4a:ae:f2:f8:f4:4b:5b:7d:15:09:11: 09:0a:f2:bd:2b:a6:91:03:b1:1f:44:15:c3:6b:21:37:5c:59: 00:3f:a1:43:e2:fd:0b:1e:8d:c6:23:f4:37:bf:b9:91:fb:35: b5:d0:88:f2:7b:bb:16:63:9a:c3:6c:88:fe:cf:2b:78:65:e9: 76:70:fb:e9:be:b5:52:6d:ee:78:7f:ab:33:2b:22:92:78:24: 2a:5f:28:59:8c:8c:0d:4c:97:94:56:de:9e:46:ef:6a:95:52: 1e:6a:8e:94:e4:20:9a:35:57:d6:35:b6:45:6c:2e:7f:35:d1: 26:bf:6e:91:6c:4f:dd:3e:b7:a0:8b:65:67:cc:32:56:64:77: 9d:d3:fb:7f:71:45:ac:84:68:1a:cb:48:b2:b0:58:1e:ac:e3: 55:93:de:bb:e5:f8:17:a9:57:5e:2e:a6:6f:bd:b8:38:6f:08: d5:13:b2:16 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUUmDvq146aIdVvt2SfwpJ5bn7vIwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDVaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGY3ZWEzYWRmNGNmNjQzMDQ3NjU4MjA4MzFmYTk3NGYzODM0YjdlYWI5ZGRm ZmJkY2E1NTI1MjY2OTE1OGFjZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALEmTH72USnLfG01azL1cy73tI/5eYbWKE3GNB8FLEo9CbPpPO0zF7CnCPaV plzBGg93mAija8PgJN9AxRmPA6Yjrblw9hmX01jzQ7YR2yRDIl8wAMDVzvrvUMCe cC/xiA/GWxIYVM9ho4dGPUpR+Y4HMvmQoD7D6ONBaOmb+YcwB9N2nSVitLRZQjCL 8dDIwkUQxkTedDLet4rpFIN6L4RMZfAS1umK+UPvftJqSl6VehlUHr3zWjLyF7kA w03tp/Xc92h5R1/5eVRDzNGV1h0w1M85CJ7V6W6Wg6GErbhtGiulTWWM/dbNIHre KKJXWXDoGWvUnK2mzPPc342IYRcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQift+I 2U/vcp9PtSXG9lslQFbKyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G CSqGSIb3DQEBCwUAA4IBAQCj18f1hI4SbEeAm1+PVG6U6NVWV0Lm1TNacMdbXJyB VnBEl2mZJlhfePplPloZeqZdyrJ9dd43LB6bhlMWT5ZMcM7f34O3p1KvELNGsBe7 Sq7y+PRLW30VCREJCvK9K6aRA7EfRBXDayE3XFkAP6FD4v0LHo3GI/Q3v7mR+zW1 0Ijye7sWY5rDbIj+zyt4Zel2cPvpvrVSbe54f6szKyKSeCQqXyhZjIwNTJeUVt6e Ru9qlVIeao6U5CCaNVfWNbZFbC5/NdEmv26RbE/dPregi2VnzDJWZHed0/t/cUWs hGgay0iysFgerONVk9675fgXqVdeLqZvvbg4bwjVE7IW -----END CERTIFICATE-----Generated at Sat Dec 6 11:50:59 2025 by rpki-client