This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json) Hash identifier: C4kcSGRBvB8+tgbnh8rHXeNct9mdN7Wjgov4hdbsnPM= Subject key identifier: 4E:18:35:B2:39:E0:14:C9:EF:0C:89:D7:2A:5F:A8:1F:B6:37:73:CB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 58E74741B0D05B4B49CF003779A066B62CC38707 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa Signing time: Sat 15 Nov 2025 06:50:11 +0000 ROA not before: Sat 15 Nov 2025 06:50:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.82.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 22 Nov 2025 00:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:e7:47:41:b0:d0:5b:4b:49:cf:00:37:79:a0:66:b6:2c:c3:87:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e87ad2a1d1126191460483f84c674ab3937bee3d66705ca5e2627084aaa0db0d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:55:51:0e:ed:43:69:66:da:9d:41:4a:4d:86: d6:95:b1:50:ab:4f:98:82:9d:37:00:18:08:d4:a1: b1:b1:59:79:44:85:48:c2:20:9e:b5:c1:7c:f7:51: 44:03:7d:9f:58:61:4a:b8:3d:93:7e:80:33:b0:59: 20:9e:86:5c:cc:13:2f:ec:0e:1e:90:ed:d9:ef:0d: de:52:2e:0a:86:5e:25:6b:d4:93:5f:16:c6:88:8f: 79:fd:de:e9:d5:d6:63:29:64:2e:73:42:6d:f0:c8: 74:43:c6:c7:65:6f:fd:f5:37:1d:30:84:7b:66:ad: bd:0f:e9:4e:f0:33:0d:10:cc:77:55:47:76:10:47: 1c:24:0b:3c:6d:08:56:ac:83:bc:28:ca:70:b1:5e: 4a:84:a5:00:c4:53:9a:41:13:c9:d0:4c:ab:0a:d0: 20:35:f2:ef:fc:fc:e9:40:1f:d8:68:78:fc:ad:85: cb:bc:80:44:38:37:3e:42:78:24:59:80:b9:83:78: 4f:00:86:94:3a:eb:78:c1:26:92:b9:d0:9c:0b:74: 6f:f0:a9:24:7f:05:b6:82:dd:3f:10:5c:7d:a4:d7: ae:0a:4c:98:c5:e2:2d:75:21:e1:55:6e:53:49:54: 28:1f:1a:e9:e2:7c:8e:86:51:cc:b2:a5:c5:52:ca: d8:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:18:35:B2:39:E0:14:C9:EF:0C:89:D7:2A:5F:A8:1F:B6:37:73:CB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.82.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1e:96:07:12:d0:64:4a:e6:30:96:07:36:c9:5a:0c:6f:35:63: 3d:8f:33:67:fa:80:4f:44:cb:f7:1a:99:d3:64:7e:93:20:b8: 1a:01:12:9f:93:2a:d5:79:6f:4c:3b:67:19:2b:87:ed:b3:cf: 67:cb:56:7f:83:7b:28:67:41:77:39:19:fd:09:34:1e:2a:d9: 8f:e1:02:5b:ac:47:c7:ab:c0:3c:3e:de:87:ee:44:18:38:fd: 52:14:82:8e:b3:d2:49:4f:2c:ad:0b:ff:64:c0:27:ad:bc:df: 45:62:d8:58:ad:54:a4:42:76:e7:fc:ff:09:5c:e0:af:3d:a7: 91:13:8a:88:67:65:3b:50:f7:a4:35:24:15:99:0a:a5:d5:b6: 59:f9:98:7e:2c:8b:42:f8:0e:43:a5:18:c2:53:69:3b:8c:73: 2c:a9:e1:75:fa:2d:11:63:41:f1:b7:44:39:6c:62:3f:41:c2: dc:12:6b:a6:4f:bb:cb:1b:4d:26:2a:c2:3d:8d:2a:2e:64:e6: 3f:50:c4:19:85:29:92:3b:82:92:c1:69:c4:f3:19:5b:15:00: aa:b2:7d:31:60:b6:ef:91:c3:62:48:f1:ab:3e:75:06:93:3a: 4a:f6:18:40:f8:78:e7:02:e1:71:cb:4c:f1:4d:10:f1:d9:64: 1a:64:e2:6a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUWOdHQbDQW0tJzwA3eaBmtizDhwcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGU4N2FkMmExZDExMjYxOTE0NjA0ODNmODRjNjc0YWIzOTM3YmVlM2Q2Njcw NWNhNWUyNjI3MDg0YWFhMGRiMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIZVUQ7tQ2lm2p1BSk2G1pWxUKtPmIKdNwAYCNShsbFZeUSFSMIgnrXBfPdR RAN9n1hhSrg9k36AM7BZIJ6GXMwTL+wOHpDt2e8N3lIuCoZeJWvUk18WxoiPef3e 6dXWYylkLnNCbfDIdEPGx2Vv/fU3HTCEe2atvQ/pTvAzDRDMd1VHdhBHHCQLPG0I VqyDvCjKcLFeSoSlAMRTmkETydBMqwrQIDXy7/z86UAf2Gh4/K2Fy7yARDg3PkJ4 JFmAuYN4TwCGlDrreMEmkrnQnAt0b/CpJH8FtoLdPxBcfaTXrgpMmMXiLXUh4VVu U0lUKB8a6eJ8joZRzLKlxVLK2BUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROGDWy OeAUye8MidcqX6gftjdzyzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G CSqGSIb3DQEBCwUAA4IBAQAelgcS0GRK5jCWBzbJWgxvNWM9jzNn+oBPRMv3GpnT ZH6TILgaARKfkyrVeW9MO2cZK4fts89ny1Z/g3soZ0F3ORn9CTQeKtmP4QJbrEfH q8A8Pt6H7kQYOP1SFIKOs9JJTyytC/9kwCetvN9FYthYrVSkQnbn/P8JXOCvPaeR E4qIZ2U7UPekNSQVmQql1bZZ+Zh+LItC+A5DpRjCU2k7jHMsqeF1+i0RY0Hxt0Q5 bGI/QcLcEmumT7vLG00mKsI9jSouZOY/UMQZhSmSO4KSwWnE8xlbFQCqsn0xYLbv kcNiSPGrPnUGkzpK9hhA+HjnAuFxy0zxTRDx2WQaZOJq -----END CERTIFICATE-----Generated at Fri Nov 21 08:25:18 2025 by rpki-client