This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json) Hash identifier: DAv5G/TvJLa3tdZ44lAV2MSjc87jkEK7BCD/s7MRfeM= Subject key identifier: 1F:4F:D2:2C:8E:F3:DD:14:54:A0:C1:C9:44:61:AD:79:AA:A9:95:6F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 033631848BDCEDE601A0E58F26C3B9435A58BBC9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa Signing time: Wed 10 Dec 2025 06:40:40 +0000 ROA not before: Wed 10 Dec 2025 06:40:40 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 193.218.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:36:31:84:8b:dc:ed:e6:01:a0:e5:8f:26:c3:b9:43:5a:58:bb:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:40 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1a1633fb0b29e44c3178cee0077f5dd7d49ff2cdcc5e4337d7a7513808e464d3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:bd:91:21:e7:40:1a:91:be:49:23:b1:d0:d2: 97:87:77:74:e0:2b:35:d3:92:bd:85:aa:53:50:41: d2:1b:e3:44:6e:2c:2e:bc:9b:ed:23:42:95:33:f5: c9:7c:d0:ff:85:74:a5:42:6e:44:5d:f5:6c:1d:86: 0a:3c:cb:d0:27:41:4f:81:2d:6c:b6:d6:4b:ac:39: d7:10:8b:b9:77:40:a6:c0:31:15:24:b3:ee:7b:53: 04:09:d3:90:ef:ac:8d:6f:d2:97:2f:88:cb:d1:34: 2c:fc:6a:9d:46:29:b8:13:db:fc:28:1e:60:cb:8d: 5e:51:02:5b:05:5c:40:a7:4b:d5:60:3c:87:92:4c: 8e:9e:39:e3:ce:c7:e3:bf:ac:1a:b6:49:e0:06:8a: 8c:98:0c:6e:0e:4e:d3:32:cf:83:ab:fd:3e:49:cb: 6c:0f:27:be:d3:1d:ac:22:e4:81:b1:81:af:7e:3b: ca:f5:4d:4a:f6:37:9f:1e:e9:c8:a9:ee:57:96:17: 9f:2b:36:4c:8c:24:ca:0e:29:de:ac:94:7c:90:2f: 32:54:d5:c4:a6:76:d9:cf:46:d7:a2:1e:6d:d9:4b: c8:1a:5d:ab:b3:3f:43:dc:db:60:74:a5:76:d5:44: 11:ad:bd:31:d4:d4:cc:d4:18:8a:e4:63:22:b5:e6: 98:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:4F:D2:2C:8E:F3:DD:14:54:A0:C1:C9:44:61:AD:79:AA:A9:95:6F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.218.122.0/24 Signature Algorithm: sha256WithRSAEncryption a0:ce:4e:0a:9f:ae:f6:21:98:f4:17:7f:c8:51:ae:ba:5c:36: f0:6f:f1:ff:df:72:e5:8e:5a:1f:53:a6:91:0f:74:1d:ad:ab: 7d:f2:dd:ae:4c:e2:ca:19:85:a2:ec:a8:45:3f:6d:58:71:8d: 18:10:c9:f4:ae:98:36:42:14:ad:28:4e:e2:37:4e:7f:98:97: 57:91:2e:3b:52:ec:dc:8c:7a:35:92:35:b4:a7:1a:86:e8:19: 97:42:b3:c9:63:fc:8e:36:24:8d:37:0e:38:67:f5:cc:99:3a: 8a:4a:4d:3f:7f:86:57:8f:fd:da:2b:8d:df:30:be:8d:50:ea: f5:f7:2a:32:8c:6f:6a:6e:0b:0a:61:3d:3a:38:48:80:05:87: a0:75:db:08:de:c7:7c:b7:8e:53:2f:c6:b1:98:14:ad:80:a8: 65:c7:f6:b0:a0:f2:b7:56:35:58:fb:6b:e6:1b:77:b0:cf:99: d7:7d:ab:2c:86:4a:39:8a:06:3c:fa:00:d7:3b:48:a8:90:38: 35:73:be:b1:6a:01:50:8d:08:4d:6f:4a:65:5f:80:1e:7c:76: 9c:60:e1:f1:0e:45:ea:90:35:fe:dd:8e:00:8a:a8:fa:f5:f5: ba:94:a9:b3:52:1c:7c:3d:12:5b:82:f0:08:01:2c:45:b4:be: e1:ac:60:c3 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUAzYxhIvc7eYBoOWPJsO5Q1pYu8kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwNDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFhMTYzM2ZiMGIyOWU0NGMzMTc4Y2VlMDA3N2Y1ZGQ3ZDQ5ZmYyY2RjYzVl NDMzN2Q3YTc1MTM4MDhlNDY0ZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+9kSHnQBqRvkkjsdDSl4d3dOArNdOSvYWqU1BB0hvjRG4sLryb7SNClTP1 yXzQ/4V0pUJuRF31bB2GCjzL0CdBT4EtbLbWS6w51xCLuXdApsAxFSSz7ntTBAnT kO+sjW/Sly+Iy9E0LPxqnUYpuBPb/CgeYMuNXlECWwVcQKdL1WA8h5JMjp45487H 47+sGrZJ4AaKjJgMbg5O0zLPg6v9PknLbA8nvtMdrCLkgbGBr347yvVNSvY3nx7p yKnuV5YXnys2TIwkyg4p3qyUfJAvMlTVxKZ22c9G16IebdlLyBpdq7M/Q9zbYHSl dtVEEa29MdTUzNQYiuRjIrXmmOECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfT9Is jvPdFFSgwclEYa15qqmVbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN BgkqhkiG9w0BAQsFAAOCAQEAoM5OCp+u9iGY9Bd/yFGuulw28G/x/99y5Y5aH1Om kQ90Ha2rffLdrkziyhmFouyoRT9tWHGNGBDJ9K6YNkIUrShO4jdOf5iXV5EuO1Ls 3Ix6NZI1tKcahugZl0KzyWP8jjYkjTcOOGf1zJk6ikpNP3+GV4/92iuN3zC+jVDq 9fcqMoxvam4LCmE9OjhIgAWHoHXbCN7HfLeOUy/GsZgUrYCoZcf2sKDyt1Y1WPtr 5ht3sM+Z132rLIZKOYoGPPoA1ztIqJA4NXO+sWoBUI0ITW9KZV+AHnx2nGDh8Q5F 6pA1/t2OAIqo+vX1upSps1IcfD0SW4LwCAEsRbS+4axgww== -----END CERTIFICATE-----Generated at Thu Jan 22 22:18:59 2026 by rpki-client