This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa File: 55e704e8-470f-4c3e-82e8-03868da744a2.roa (raw, json) Hash identifier: C2ir0cR08YcIPZi7Kny4Gdw7/QeOxxRVlTJ4wbHQ6v0= Subject key identifier: FD:2C:1C:A8:58:02:9A:D2:38:DA:51:8F:6D:FB:B8:C2:49:17:5D:3F Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 098C8053D20EB1853833B831A7899C27E70735A4 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa Signing time: Sat 06 Dec 2025 00:30:11 +0000 ROA not before: Sat 06 Dec 2025 00:30:11 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.74.0.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:8c:80:53:d2:0e:b1:85:38:33:b8:31:a7:89:9c:27:e7:07:35:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 6 00:30:11 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=5e79eecf6759ac604474d56926e64752c8feb2e3cfd11557b6c90011941b8b84, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:da:b6:ec:cf:21:18:05:1c:a8:5f:34:8f:50: 57:a6:5f:5c:5a:9a:50:35:71:3f:7c:9a:dc:f3:d8: dc:d4:11:90:67:74:4b:ab:09:f4:ed:6d:36:71:24: 30:af:6b:9b:6d:4f:97:ca:7a:fc:ab:db:0b:36:2a: 35:7c:2a:8f:ee:16:a8:21:4a:a4:27:5b:1e:73:8f: e9:3c:f0:06:b3:0e:d5:ef:7a:b0:de:ea:30:b2:b9: 9d:d5:6d:87:40:d5:23:2d:82:b1:c0:98:6c:5e:1b: 42:41:49:fb:bb:71:26:20:c6:3a:da:ec:38:5a:63: 74:65:21:bf:e6:c3:9c:3c:f4:f3:e2:21:be:94:d4: 9a:ae:df:51:fd:e3:91:92:13:1a:62:d2:35:80:e6: f8:7f:1f:d6:38:55:d4:60:8d:b0:9f:c8:7e:1c:6d: c4:5a:19:50:e0:6c:2d:62:cb:22:34:bc:70:6a:9d: 9c:67:d2:3a:08:27:ab:80:cd:72:02:fa:36:c7:36: 34:c1:3d:2c:e5:6b:a6:14:f4:92:c2:de:f9:27:4f: a2:b5:a8:79:be:38:78:c7:ad:66:95:51:de:63:e1: 32:29:7c:c2:6d:5e:a5:03:47:30:88:5a:8e:64:b7: 26:5a:67:b5:88:f5:c6:08:2b:fa:de:44:2c:f6:1f: f0:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:2C:1C:A8:58:02:9A:D2:38:DA:51:8F:6D:FB:B8:C2:49:17:5D:3F X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.74.0.0/20 Signature Algorithm: sha256WithRSAEncryption a6:2d:17:e1:ad:f9:23:e1:c1:e6:e8:f6:24:3a:65:c1:22:eb: e8:f1:35:4a:17:08:98:0e:62:49:70:95:ce:3d:d2:65:54:00: 82:7a:a3:db:00:d9:66:1e:93:58:e5:b5:04:5f:cf:03:44:3a: ae:4b:71:d4:57:21:66:fa:7d:b6:b9:db:00:d3:00:ef:13:86: d8:d2:81:e2:8d:21:bb:e4:98:7a:eb:82:0e:64:f9:ec:bf:70: 24:67:dc:4d:ca:75:d4:98:c8:47:0e:26:71:71:61:62:db:20: 25:0f:e6:81:39:c3:7b:dc:83:4f:05:77:51:ed:36:e1:b4:3f: 52:5a:13:72:16:2b:8f:b7:b0:f1:aa:31:3d:5c:f1:99:6c:75: 6d:c1:63:4e:b9:00:f9:09:7a:89:fd:90:33:66:33:da:73:c1: 05:54:0b:6a:64:29:16:e1:45:b3:d7:9a:29:81:dc:95:fb:32: d5:ac:47:f0:fc:a0:59:8e:29:d3:32:02:03:33:76:00:e3:d3: b9:9f:df:b4:92:17:b8:b4:75:cd:0b:5e:f5:04:20:ef:40:02: 49:73:73:f6:8e:3e:32:3e:75:57:2e:92:05:30:45:2f:41:68: 40:31:1b:89:1a:bb:fa:d0:b3:b6:11:d4:c4:a3:03:f4:e0:1a: 43:f6:39:70 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUCYyAU9IOsYU4M7gxp4mcJ+cHNaQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDYwMDMwMTFaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDVlNzllZWNmNjc1OWFjNjA0NDc0ZDU2OTI2ZTY0NzUyYzhmZWIyZTNjZmQx MTU1N2I2YzkwMDExOTQxYjhiODQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJvatuzPIRgFHKhfNI9QV6ZfXFqaUDVxP3ya3PPY3NQRkGd0S6sJ9O1tNnEk MK9rm21Pl8p6/KvbCzYqNXwqj+4WqCFKpCdbHnOP6TzwBrMO1e96sN7qMLK5ndVt h0DVIy2CscCYbF4bQkFJ+7txJiDGOtrsOFpjdGUhv+bDnDz08+IhvpTUmq7fUf3j kZITGmLSNYDm+H8f1jhV1GCNsJ/IfhxtxFoZUOBsLWLLIjS8cGqdnGfSOggnq4DN cgL6Nsc2NME9LOVrphT0ksLe+SdPorWoeb44eMetZpVR3mPhMil8wm1epQNHMIha jmS3JlpntYj1xggr+t5ELPYf8M8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9LByo WAKa0jjaUY9t+7jCSRddPzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NTVlNzA0ZTgtNDcwZi00YzNlLTgyZTgtMDM4NjhkYTc0NGEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDNKADAN BgkqhkiG9w0BAQsFAAOCAQEApi0X4a35I+HB5uj2JDplwSLr6PE1ShcImA5iSXCV zj3SZVQAgnqj2wDZZh6TWOW1BF/PA0Q6rktx1FchZvp9trnbANMA7xOG2NKB4o0h u+SYeuuCDmT57L9wJGfcTcp11JjIRw4mcXFhYtsgJQ/mgTnDe9yDTwV3Ue024bQ/ UloTchYrj7ew8aoxPVzxmWx1bcFjTrkA+Ql6if2QM2Yz2nPBBVQLamQpFuFFs9ea KYHclfsy1axH8PygWY4p0zICAzN2AOPTuZ/ftJIXuLR1zQte9QQg70ACSXNz9o4+ Mj51Vy6SBTBFL0FoQDEbiRq7+tCzthHUxKMD9OAaQ/Y5cA== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:09 2025 by rpki-client