This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json) Hash identifier: WYqkTU4ymcFAtk91SgcigRqgaYkqeYpxm6dT26Hx/sY= Subject key identifier: 76:7E:63:D0:AF:6E:26:13:E6:4D:71:D9:6B:FA:4C:E6:CB:0F:C9:57 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4AD70329858362EE506DE430B85DBF574240D63E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa Signing time: Tue 25 Nov 2025 20:10:23 +0000 ROA not before: Tue 25 Nov 2025 20:10:23 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 8987 IP address blocks: 83.118.234.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 16:30:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:d7:03:29:85:83:62:ee:50:6d:e4:30:b8:5d:bf:57:42:40:d6:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:23 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=008505848c3b6a6c9143467c56439866c3b296e0d1d37c9019b5b2f453c745e9, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:47:73:e7:2c:ad:a5:6a:e4:a9:57:0a:bd:72: fe:81:6e:84:39:98:b7:d1:33:69:90:65:53:a2:82: 00:bb:cf:da:33:05:be:28:85:ef:ba:74:30:55:78: 64:87:62:68:4a:69:e9:a9:55:2f:68:8e:65:e1:83: c8:35:92:56:73:82:f8:e2:d4:0d:ad:5a:df:c1:2b: 41:e4:87:30:6a:6b:c0:66:c8:55:e5:be:17:58:1a: c5:17:1d:cc:4a:a0:af:e8:82:1d:9e:f7:d8:33:6c: 07:7c:75:44:f6:99:46:17:b9:89:4a:fb:df:77:3b: e9:c7:da:a5:02:28:f2:d7:28:8b:42:bc:62:94:be: d6:99:4b:93:b1:8a:98:6a:ca:9f:50:14:6c:ee:e1: 95:7c:6f:59:14:09:a9:af:96:1c:0e:52:0c:8d:4e: 21:85:c9:51:3b:51:3b:15:9d:1b:6f:1f:b4:c4:b2: 30:b0:7c:42:c1:fd:7c:e7:4b:65:3a:5d:6c:dd:d9: 45:ff:68:b4:fd:35:96:29:9f:b9:2a:59:19:b7:02: 05:3d:6b:57:72:d8:84:5a:47:4a:46:3e:d4:0f:b8: 91:1a:d8:3a:7c:da:f1:cb:03:97:82:e2:6a:7b:50: 15:77:c0:ba:bf:88:e8:98:ee:b2:be:d9:7f:98:04: f1:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:7E:63:D0:AF:6E:26:13:E6:4D:71:D9:6B:FA:4C:E6:CB:0F:C9:57 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.118.234.0/23 Signature Algorithm: sha256WithRSAEncryption bf:31:a0:61:14:42:6d:ce:59:37:bd:bb:08:cd:e5:08:98:15: bb:17:93:63:fc:7f:fe:42:3c:bf:bb:04:c1:e4:a1:40:7e:04: 82:22:17:78:8f:3c:84:14:d0:a1:ea:98:05:f2:81:f6:b6:44: af:ca:99:14:b9:80:f0:0c:d2:48:69:c9:00:d4:38:2b:88:14: d7:91:66:ad:b0:36:84:78:6a:7b:5d:c9:70:90:b0:0c:8c:e9: 3b:c9:9e:e7:20:0c:2f:4f:36:42:21:56:cc:16:12:4f:ef:f7: 6d:f8:d9:8f:58:38:44:78:aa:16:a3:d0:67:6f:dd:32:14:f7: 81:22:34:c3:b6:1d:44:3a:8d:2a:d6:8a:d9:ad:2c:c0:c5:ea: aa:d2:23:e6:3b:cc:7c:16:73:5d:b6:71:d0:73:f6:0f:43:01: 6a:48:2d:6a:ba:4d:c7:40:66:8b:06:d8:95:2f:e5:20:ba:4e: 0c:dd:c3:f7:40:f3:5e:0d:91:10:21:a1:b0:56:d1:aa:1c:a2: e7:64:61:22:a4:e7:91:a2:5c:e3:4e:14:e4:f6:e1:5c:d6:7d: 6c:d0:27:26:f9:bd:08:da:6d:df:73:a1:7c:b0:53:29:cf:72: 09:0c:ca:4f:9c:68:12:b6:4f:0a:5f:65:a5:e0:80:f1:1b:6a: 5d:43:18:61 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUStcDKYWDYu5QbeQwuF2/V0JA1j4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjNaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDAwODUwNTg0OGMzYjZhNmM5MTQzNDY3YzU2NDM5ODY2YzNiMjk2ZTBkMWQz N2M5MDE5YjViMmY0NTNjNzQ1ZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMJHc+csraVq5KlXCr1y/oFuhDmYt9EzaZBlU6KCALvP2jMFviiF77p0MFV4 ZIdiaEpp6alVL2iOZeGDyDWSVnOC+OLUDa1a38ErQeSHMGprwGbIVeW+F1gaxRcd zEqgr+iCHZ732DNsB3x1RPaZRhe5iUr733c76cfapQIo8tcoi0K8YpS+1plLk7GK mGrKn1AUbO7hlXxvWRQJqa+WHA5SDI1OIYXJUTtROxWdG28ftMSyMLB8QsH9fOdL ZTpdbN3ZRf9otP01limfuSpZGbcCBT1rV3LYhFpHSkY+1A+4kRrYOnza8csDl4Li antQFXfAur+I6Jjusr7Zf5gE8e0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR2fmPQ r24mE+ZNcdlr+kzmyw/JVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN BgkqhkiG9w0BAQsFAAOCAQEAvzGgYRRCbc5ZN727CM3lCJgVuxeTY/x//kI8v7sE weShQH4EgiIXeI88hBTQoeqYBfKB9rZEr8qZFLmA8AzSSGnJANQ4K4gU15FmrbA2 hHhqe13JcJCwDIzpO8me5yAML082QiFWzBYST+/3bfjZj1g4RHiqFqPQZ2/dMhT3 gSI0w7YdRDqNKtaK2a0swMXqqtIj5jvMfBZzXbZx0HP2D0MBakgtarpNx0BmiwbY lS/lILpODN3D90DzXg2RECGhsFbRqhyi52RhIqTnkaJc404U5PbhXNZ9bNAnJvm9 CNpt33OhfLBTKc9yCQzKT5xoErZPCl9lpeCA8RtqXUMYYQ== -----END CERTIFICATE-----Generated at Fri Dec 5 01:31:56 2025 by rpki-client