This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json) Hash identifier: JBk22AP9SrJ3Ij3umJRUFjxurfghrZ6wwMQBlEJgCIk= Subject key identifier: 4F:5A:76:AE:99:A0:D5:E4:70:F1:C4:37:92:C8:AB:52:DF:F4:5A:B6 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6E58FFD47440E83C17F72A0ECC730351388EF30D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa Signing time: Sat 15 Nov 2025 06:50:32 +0000 ROA not before: Sat 15 Nov 2025 06:50:32 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.151.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:58:ff:d4:74:40:e8:3c:17:f7:2a:0e:cc:73:03:51:38:8e:f3:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:32 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b2941bc0b6c6ec5ea980e5392d8edec0f889b789c0ad7c9f3831a710e9e94333, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:f2:a4:68:d7:b2:31:7d:ab:33:54:dd:6f:26: 07:70:ee:eb:f8:bf:76:19:60:0d:03:8d:ad:dd:18: f9:d0:0a:dd:25:d7:ea:00:98:a0:2c:b0:84:5f:f6: d0:bf:52:53:81:cb:e5:ef:b8:c9:f5:06:f1:07:0b: c3:40:46:f1:0b:ba:8a:49:1d:e0:db:a4:12:0d:f6: 83:10:63:70:8b:cc:fe:5b:97:b5:3c:6b:46:ee:09: 5e:e4:0e:44:c1:0c:1c:25:7b:f2:4c:ee:97:3a:bb: 64:f6:6f:3c:38:e2:3e:47:3c:35:ff:fd:82:eb:6d: 8e:a4:8b:0e:20:14:e1:94:82:62:f2:f1:6a:d1:af: 65:99:4f:59:53:57:2e:2b:12:5d:83:c3:0a:93:3f: b1:ee:31:c6:50:08:2e:d7:c0:1b:8b:72:e1:df:c6: 27:89:dd:06:78:7b:e7:31:92:9b:ff:cc:0e:91:1e: 93:5f:f7:ac:57:2e:29:e4:86:de:1b:77:ce:79:29: 41:fe:00:ce:cf:1e:83:be:a4:b9:bb:a1:b9:c9:b2: 2a:60:16:92:00:7d:12:bb:74:8d:f5:c9:1a:7c:39: 98:26:1b:c2:e7:50:1c:17:55:5d:bd:00:55:a3:0e: 1d:53:23:da:da:44:a1:d3:2e:1c:51:ac:da:9c:08: d2:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:5A:76:AE:99:A0:D5:E4:70:F1:C4:37:92:C8:AB:52:DF:F4:5A:B6 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.151.0.0/16 Signature Algorithm: sha256WithRSAEncryption bd:f7:cf:0b:74:c9:dd:7d:68:70:46:1c:63:ae:b1:b0:36:bd: db:87:9e:40:27:62:92:40:e2:0c:d8:a9:04:8f:8b:d2:ff:16: bf:45:72:9a:27:ac:80:5d:cf:e3:cd:a7:fd:18:25:83:d7:67: f8:c1:d0:9b:3e:ec:a3:f6:9b:91:98:3d:02:c4:15:8e:32:e2: 70:58:2b:68:2a:aa:94:a1:a2:44:7d:30:f4:d8:3a:67:7a:e4: c7:f8:5e:bd:48:f1:c4:48:3b:c0:91:a1:90:7c:91:aa:8e:32: 63:21:48:40:cd:3f:09:89:3f:57:fc:05:64:1a:c3:b8:14:8e: 08:16:0b:3f:31:dd:18:10:10:1c:96:29:c2:47:0d:2e:9d:91: 4d:a7:99:bc:db:23:84:0b:ad:e4:cb:92:6e:48:d8:ef:93:d5: 35:70:71:91:eb:94:f3:20:92:51:9a:88:a4:86:c6:ef:44:ff: 0d:92:26:bc:1e:8f:59:23:c4:e0:e4:9f:a2:02:3a:7a:fa:4f: 10:28:b1:1a:38:a5:7e:a1:d0:72:3d:b6:26:d6:e9:8b:10:10: 8c:57:ec:86:0f:8b:f3:2d:87:a2:99:e1:ff:34:26:32:f2:5d: 8c:6c:e1:f5:2a:44:51:94:5d:76:6d:4b:2c:24:f1:31:06:aa: 50:8a:70:6d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUblj/1HRA6DwX9yoOzHMDUTiO8w0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMzJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGIyOTQxYmMwYjZjNmVjNWVhOTgwZTUzOTJkOGVkZWMwZjg4OWI3ODljMGFk N2M5ZjM4MzFhNzEwZTllOTQzMzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIbypGjXsjF9qzNU3W8mB3Du6/i/dhlgDQONrd0Y+dAK3SXX6gCYoCywhF/2 0L9SU4HL5e+4yfUG8QcLw0BG8Qu6ikkd4NukEg32gxBjcIvM/luXtTxrRu4JXuQO RMEMHCV78kzulzq7ZPZvPDjiPkc8Nf/9guttjqSLDiAU4ZSCYvLxatGvZZlPWVNX LisSXYPDCpM/se4xxlAILtfAG4ty4d/GJ4ndBnh75zGSm//MDpEek1/3rFcuKeSG 3ht3znkpQf4Azs8eg76kubuhucmyKmAWkgB9Ert0jfXJGnw5mCYbwudQHBdVXb0A VaMOHVMj2tpEodMuHFGs2pwI0uECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRPWnau maDV5HDxxDeSyKtS3/RatjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G CSqGSIb3DQEBCwUAA4IBAQC9988LdMndfWhwRhxjrrGwNr3bh55AJ2KSQOIM2KkE j4vS/xa/RXKaJ6yAXc/jzaf9GCWD12f4wdCbPuyj9puRmD0CxBWOMuJwWCtoKqqU oaJEfTD02DpneuTH+F69SPHESDvAkaGQfJGqjjJjIUhAzT8JiT9X/AVkGsO4FI4I Fgs/Md0YEBAclinCRw0unZFNp5m82yOEC63ky5JuSNjvk9U1cHGR65TzIJJRmoik hsbvRP8Nkia8Ho9ZI8Tg5J+iAjp6+k8QKLEaOKV+odByPbYm1umLEBCMV+yGD4vz LYeimeH/NCYy8l2MbOH1KkRRlF12bUssJPExBqpQinBt -----END CERTIFICATE-----Generated at Sun Nov 23 15:40:09 2025 by rpki-client