This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json) Hash identifier: Ey22kNKQ9RN4EwLbKeCdg74H/WbekKL6mpRkQDjdsOw= Subject key identifier: FF:2A:30:92:72:10:B5:A4:06:BF:F1:13:62:A7:F2:AF:B2:55:A4:6C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 31B4124C34E96A603ACC94A0898417EB429FB585 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa Signing time: Wed 10 Dec 2025 06:40:04 +0000 ROA not before: Wed 10 Dec 2025 06:40:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 212.167.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:b4:12:4c:34:e9:6a:60:3a:cc:94:a0:89:84:17:eb:42:9f:b5:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ed89f698677ad463bf44f7703ab64ac21b66ac5d1e43815ef97175a59a7de5e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a1:79:a5:57:3e:67:8a:20:4d:6f:46:d5:9d: 46:9f:88:97:44:43:8f:2e:28:7f:fd:16:0f:3a:a6: 6e:a6:71:44:4d:a6:86:d6:d5:81:d3:24:ce:58:b8: 9d:a0:74:6a:79:34:b3:1a:af:1f:3b:f8:18:22:bb: 69:0b:ed:11:83:a0:67:98:0f:50:ea:a7:80:37:35: 6d:e8:db:06:b4:5c:54:86:8d:54:33:42:89:b0:73: 9e:11:b8:08:7c:17:fc:92:a9:c6:ff:ea:43:e9:35: 20:7c:f2:bd:09:b4:f7:61:2c:9f:bc:11:e1:a9:20: 9d:cf:5f:c4:a6:39:d6:25:13:47:8c:97:9d:2f:ac: 9b:fe:64:ac:25:e8:52:f4:dd:de:78:ce:8c:fc:f6: e4:7c:d8:4b:df:7a:36:ea:56:74:b3:87:39:5e:db: 3f:09:8a:77:4a:98:e0:28:4d:1b:9c:cc:4e:25:9f: dd:b2:b3:99:c3:29:63:0b:52:7e:7c:62:0c:48:6e: 75:24:c7:df:af:70:94:8b:e9:d3:88:50:f3:f8:33: 70:bd:97:70:1d:41:11:ac:93:a9:0a:39:55:71:5a: 68:91:25:b2:b7:b8:59:a1:00:59:2f:cf:3c:73:97: 54:e0:de:b1:e0:ad:36:07:8f:90:f3:b4:88:f3:48: 3e:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:2A:30:92:72:10:B5:A4:06:BF:F1:13:62:A7:F2:AF:B2:55:A4:6C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.167.0.0/16 Signature Algorithm: sha256WithRSAEncryption b1:97:34:23:43:e1:ee:19:c1:bf:b5:f9:9f:83:43:be:89:d6: 60:0f:bf:6b:e2:4a:1c:0f:8c:c6:a3:bd:42:41:13:c5:f1:53: 54:a7:8f:66:b8:f8:67:4f:b5:fb:03:c7:b9:db:77:0e:74:38: f1:3b:7d:14:27:8f:41:47:c5:a4:e4:ce:8b:6a:ff:05:d0:ec: 13:c8:f8:e3:71:24:41:36:11:ab:e9:13:43:61:9d:3b:17:fa: d1:cd:9b:33:e7:d6:2e:f2:fd:d2:9c:64:7c:ee:1f:c6:f1:35: 81:8b:7d:14:cf:23:ad:bc:bb:17:21:09:0d:e3:6f:ce:a8:b2: d1:ec:c2:0d:e6:b2:0e:ee:e7:63:3e:93:62:df:2b:f2:52:7c: c1:9b:67:83:b1:06:1e:57:b8:55:ac:9c:32:20:be:42:f1:eb: 4e:3e:82:7d:ba:b9:ff:48:ab:a0:13:c6:af:23:ae:7e:58:70: 36:38:73:15:7d:5a:2a:d8:67:16:73:13:58:af:27:72:b8:d8: 39:21:f6:11:83:17:f1:aa:bd:6a:cf:1e:38:9c:31:9a:4a:ca: 3a:eb:55:9d:b6:9c:87:15:9a:72:5b:17:63:be:cb:d5:bb:32: 3d:96:6e:5f:20:d7:de:19:7c:9c:62:f1:14:06:27:af:10:01: 80:fd:d5:68 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMbQSTDTpamA6zJSgiYQX60KftYUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVkODlmNjk4Njc3YWQ0NjNiZjQ0Zjc3MDNhYjY0YWMyMWI2NmFjNWQxZTQz ODE1ZWY5NzE3NWE1OWE3ZGU1ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ+heaVXPmeKIE1vRtWdRp+Il0RDjy4of/0WDzqmbqZxRE2mhtbVgdMkzli4 naB0ank0sxqvHzv4GCK7aQvtEYOgZ5gPUOqngDc1bejbBrRcVIaNVDNCibBznhG4 CHwX/JKpxv/qQ+k1IHzyvQm092Esn7wR4akgnc9fxKY51iUTR4yXnS+sm/5krCXo UvTd3njOjPz25HzYS996NupWdLOHOV7bPwmKd0qY4ChNG5zMTiWf3bKzmcMpYwtS fnxiDEhudSTH369wlIvp04hQ8/gzcL2XcB1BEayTqQo5VXFaaJElsre4WaEAWS/P PHOXVODeseCtNgePkPO0iPNIPlsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/KjCS chC1pAa/8RNip/KvslWkbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G CSqGSIb3DQEBCwUAA4IBAQCxlzQjQ+HuGcG/tfmfg0O+idZgD79r4kocD4zGo71C QRPF8VNUp49muPhnT7X7A8e523cOdDjxO30UJ49BR8Wk5M6Lav8F0OwTyPjjcSRB NhGr6RNDYZ07F/rRzZsz59Yu8v3SnGR87h/G8TWBi30UzyOtvLsXIQkN42/OqLLR 7MIN5rIO7udjPpNi3yvyUnzBm2eDsQYeV7hVrJwyIL5C8etOPoJ9urn/SKugE8av I65+WHA2OHMVfVoq2GcWcxNYrydyuNg5IfYRgxfxqr1qzx44nDGaSso661WdtpyH FZpyWxdjvsvVuzI9lm5fINfeGXycYvEUBievEAGA/dVo -----END CERTIFICATE-----Generated at Thu Jan 22 22:17:01 2026 by rpki-client