This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/615d3e86-4d7a-49e4-8e47-2075cfdb3c69.roa File: 615d3e86-4d7a-49e4-8e47-2075cfdb3c69.roa (raw, json) Hash identifier: ZMC4Yj8B3UMSkgLHUWdmOJianDTwmgjXsSQM4XDW8HQ= Subject key identifier: B0:22:13:7A:17:51:4E:97:49:2D:05:59:6C:15:83:01:46:2C:62:18 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 3A529DB2335BEC53987E332B941BDB6495D9DEE1 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/615d3e86-4d7a-49e4-8e47-2075cfdb3c69.roa Signing time: Tue 20 Jan 2026 18:51:50 +0000 ROA not before: Tue 20 Jan 2026 18:51:50 +0000 ROA not after: Mon 20 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.172.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:52:9d:b2:33:5b:ec:53:98:7e:33:2b:94:1b:db:64:95:d9:de:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Jan 20 18:51:50 2026 GMT Not After : Apr 20 23:59:59 2026 GMT Subject: serialNumber=4bcbfeefea20063d61ede714bf3840a2899a7810a41f2f539821e1004f95a263, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:1e:63:fc:80:2d:6c:fe:15:82:3d:24:2e:c0: 15:a8:60:74:da:bc:80:f0:20:95:bd:a7:32:c8:8d: 2c:37:7d:b4:cf:7f:de:1e:6a:15:52:a9:0e:b8:c8: d4:8c:dc:cb:40:4c:09:92:29:0f:ae:1b:6d:2d:2a: 3c:a7:c2:82:ae:d3:6c:73:96:84:86:30:14:97:7a: 72:be:6e:f2:73:ed:da:45:d0:21:47:20:1c:48:bc: f5:b4:03:87:a2:45:fb:b2:17:48:01:82:f3:18:70: c7:3d:b9:ff:74:22:40:df:d5:5b:4f:7b:e3:b9:ae: a5:53:04:61:d4:2e:ea:13:a1:1b:30:6a:ea:1b:e4: 12:42:ea:36:54:09:8b:6d:2a:00:1d:a7:79:01:85: 5d:b9:9f:fa:d2:fb:87:a5:24:51:d7:17:b4:60:c4: db:e8:3c:f0:c6:45:9a:fe:c3:73:7f:5c:4d:e8:ae: bc:b6:48:b9:70:6d:8b:f4:9e:ac:14:81:d3:67:13: 3d:d2:ef:f8:55:87:f2:9c:8a:94:d3:2b:ae:a5:95: 0f:d6:26:0a:db:af:9f:b0:7c:41:17:9d:cb:e7:c6: 90:56:aa:5d:a2:4b:87:35:2b:a8:fd:b2:dd:8c:37: ba:e8:4f:31:80:38:73:f1:03:d3:99:2f:16:8f:f5: 40:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:22:13:7A:17:51:4E:97:49:2D:05:59:6C:15:83:01:46:2C:62:18 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/615d3e86-4d7a-49e4-8e47-2075cfdb3c69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.172.0.0/15 Signature Algorithm: sha256WithRSAEncryption 97:75:f0:3f:32:71:f7:b0:5b:d6:ad:68:63:15:95:be:87:84: c2:28:42:fb:95:33:77:65:dd:47:49:30:dc:8b:c6:1f:16:cf: 12:7c:71:f2:3d:7b:7f:ee:ac:48:ab:af:87:4f:c6:46:eb:8d: 11:74:54:7b:d8:d8:04:34:d9:e7:1c:5e:7f:de:48:b8:68:fa: c4:84:71:0c:14:2e:89:32:97:b5:a8:d0:00:a3:2b:7a:41:4d: 0f:73:4c:66:e7:b6:63:15:87:1f:7c:84:b3:26:b0:4e:a7:6a: ff:94:c6:5a:0a:e1:78:c7:78:f9:06:18:fa:4f:7c:99:98:9c: 89:82:67:cc:0d:8a:e6:e3:91:20:f5:bf:27:94:e6:fc:28:62: 10:43:a0:62:de:0e:ec:2b:1e:4b:3b:35:d5:cc:19:45:3d:9e: 8b:aa:28:4d:07:4f:a8:8f:77:12:03:ff:ec:a1:b4:08:89:b0: b2:17:4e:88:fe:e1:d5:b4:e1:51:dc:0d:23:a4:23:dc:a8:a3: e2:65:16:5c:f9:fb:32:3a:b0:ab:5d:e6:9e:c2:cd:27:49:6a: b1:85:69:7f:a9:f4:d5:6c:7c:17:3f:bd:d9:82:35:52:f9:16: 87:8c:f7:6d:40:2d:36:a6:1c:57:a6:58:83:6e:d7:76:c8:99: bb:b7:1d:ea -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUOlKdsjNb7FOYfjMrlBvbZJXZ3uEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNjAxMjAxODUxNTBaFw0yNjA0MjAyMzU5NTlaMHoxSTBHBgNV BAUTQDRiY2JmZWVmZWEyMDA2M2Q2MWVkZTcxNGJmMzg0MGEyODk5YTc4MTBhNDFm MmY1Mzk4MjFlMTAwNGY5NWEyNjMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMEeY/yALWz+FYI9JC7AFahgdNq8gPAglb2nMsiNLDd9tM9/3h5qFVKpDrjI 1Izcy0BMCZIpD64bbS0qPKfCgq7TbHOWhIYwFJd6cr5u8nPt2kXQIUcgHEi89bQD h6JF+7IXSAGC8xhwxz25/3QiQN/VW09747mupVMEYdQu6hOhGzBq6hvkEkLqNlQJ i20qAB2neQGFXbmf+tL7h6UkUdcXtGDE2+g88MZFmv7Dc39cTeiuvLZIuXBti/Se rBSB02cTPdLv+FWH8pyKlNMrrqWVD9YmCtuvn7B8QRedy+fGkFaqXaJLhzUrqP2y 3Yw3uuhPMYA4c/ED05kvFo/1QKcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSwIhN6 F1FOl0ktBVlsFYMBRixiGDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NjE1ZDNlODYtNGQ3YS00OWU0LThlNDctMjA3NWNmZGIzYzY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G CSqGSIb3DQEBCwUAA4IBAQCXdfA/MnH3sFvWrWhjFZW+h4TCKEL7lTN3Zd1HSTDc i8YfFs8SfHHyPXt/7qxIq6+HT8ZG640RdFR72NgENNnnHF5/3ki4aPrEhHEMFC6J Mpe1qNAAoyt6QU0Pc0xm57ZjFYcffISzJrBOp2r/lMZaCuF4x3j5Bhj6T3yZmJyJ gmfMDYrm45Eg9b8nlOb8KGIQQ6Bi3g7sKx5LOzXVzBlFPZ6LqihNB0+oj3cSA//s obQIibCyF06I/uHVtOFR3A0jpCPcqKPiZRZc+fsyOrCrXeaews0nSWqxhWl/qfTV bHwXP73ZgjVS+RaHjPdtQC02phxXpliDbtd2yJm7tx3q -----END CERTIFICATE-----Generated at Sun Jan 25 05:54:26 2026 by rpki-client