This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa File: 55e704e8-470f-4c3e-82e8-03868da744a2.roa (raw, json) Hash identifier: wRFOTd+/uwMYztl82L5Ogu+TR0bNS+e9qwIxQCQTR4Q= Subject key identifier: ED:0F:B5:E7:61:13:7F:2A:96:E4:B2:7B:F5:92:1E:01:31:84:9C:6D Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 01B91DB28805C6891598D367B1285D21A38CBE5B Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa Signing time: Tue 11 Nov 2025 21:21:55 +0000 ROA not before: Tue 11 Nov 2025 21:21:55 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 51.74.0.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:b9:1d:b2:88:05:c6:89:15:98:d3:67:b1:28:5d:21:a3:8c:be:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Nov 11 21:21:55 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=eff07683b0e0cdba31a75c7ca7263c99305f3692367d93b993f9661fd6fbf455, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:05:57:0b:0b:72:b8:36:70:1e:87:d1:39:95: e5:ae:9e:d5:c2:35:42:7c:fb:93:c8:37:dd:80:08: 58:26:b7:88:d0:2e:2c:9e:a8:7f:11:84:dd:28:df: 18:8a:92:31:95:6c:58:7b:33:af:3f:9d:87:bc:53: 25:d4:02:ac:58:c2:27:e8:4f:03:a0:4d:ca:11:33: 37:e6:3a:f9:93:84:08:1c:fe:45:24:41:7d:a7:1a: 09:34:4b:0c:5e:d8:1f:af:72:49:03:64:c1:41:9c: 84:4c:43:1f:c4:42:37:43:8f:ae:f3:9b:c4:c8:14: ad:e6:83:d9:1e:eb:8f:04:19:0a:0f:f6:38:3f:68: 54:0d:9f:72:b0:7c:e5:1b:d2:4c:82:1f:32:b2:71: 64:ec:c5:94:54:be:90:bf:f4:b4:c7:42:34:93:77: a4:b2:34:c1:70:05:fd:48:30:00:1f:91:8b:96:1b: 0f:93:39:3d:6a:ad:99:54:dd:e2:7f:b8:69:dc:31: 8f:93:29:11:f8:d4:f6:97:f9:1a:af:eb:e2:b6:64: 51:b7:85:9e:c7:6f:40:ff:60:a3:97:88:de:7e:e0: 6a:4e:d8:20:ac:73:21:ee:2e:88:02:7d:e3:91:ce: 7c:92:68:12:cd:4a:e3:38:65:bb:50:eb:f1:0a:b9: 1d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:0F:B5:E7:61:13:7F:2A:96:E4:B2:7B:F5:92:1E:01:31:84:9C:6D X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.74.0.0/20 Signature Algorithm: sha256WithRSAEncryption 21:9a:60:67:54:30:49:cb:07:84:25:51:97:fd:83:d8:71:f5: 95:27:6f:1a:a4:04:43:33:00:1b:31:0c:fe:ba:98:01:f3:6d: 0c:9e:c9:a7:4c:dc:1c:b7:72:24:ab:d3:97:5b:5e:25:7f:63: ab:09:9f:c9:f5:a4:17:d3:37:63:7e:e2:23:5a:52:1b:27:17: a8:86:7d:72:6d:e1:17:a2:cb:79:14:d7:c0:79:a4:f6:1c:37: 34:62:fd:58:0e:66:8a:bc:be:73:69:3a:2e:6d:7a:14:40:3f: 40:bc:e6:a0:5c:ef:57:53:27:de:d8:2d:4d:ad:32:c1:aa:fe: cc:c5:41:32:c0:ff:60:c9:73:38:ba:e8:e7:23:cc:ce:bf:b5: 57:5d:e3:cf:97:09:18:63:6a:29:ab:94:9e:cc:cc:99:1e:4f: a1:fb:93:71:9b:0c:80:80:ed:16:9f:d3:51:9d:40:5c:9e:f4: 28:30:51:e6:fa:ff:46:6f:f9:2e:0c:84:ec:c1:c0:d7:2d:f7: 47:04:c7:61:51:c7:61:d9:80:1d:aa:ef:18:30:53:37:9a:1e: 96:0d:22:49:ed:b2:f9:62:a3:ff:cf:d9:68:27:3f:4b:66:6a: f5:47:ec:94:1c:4a:f2:b2:24:8f:2d:46:7d:56:f8:41:d2:da: 18:93:58:03 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUAbkdsogFxokVmNNnsShdIaOMvlswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTExMTEyMTIxNTVaFw0yNTEyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGVmZjA3NjgzYjBlMGNkYmEzMWE3NWM3Y2E3MjYzYzk5MzA1ZjM2OTIzNjdk OTNiOTkzZjk2NjFmZDZmYmY0NTUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKwFVwsLcrg2cB6H0TmV5a6e1cI1Qnz7k8g33YAIWCa3iNAuLJ6ofxGE3Sjf GIqSMZVsWHszrz+dh7xTJdQCrFjCJ+hPA6BNyhEzN+Y6+ZOECBz+RSRBfacaCTRL DF7YH69ySQNkwUGchExDH8RCN0OPrvObxMgUreaD2R7rjwQZCg/2OD9oVA2fcrB8 5RvSTIIfMrJxZOzFlFS+kL/0tMdCNJN3pLI0wXAF/UgwAB+Ri5YbD5M5PWqtmVTd 4n+4adwxj5MpEfjU9pf5Gq/r4rZkUbeFnsdvQP9go5eI3n7gak7YIKxzIe4uiAJ9 45HOfJJoEs1K4zhlu1Dr8Qq5He0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTtD7Xn YRN/Kpbksnv1kh4BMYScbTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NTVlNzA0ZTgtNDcwZi00YzNlLTgyZTgtMDM4NjhkYTc0NGEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDNKADAN BgkqhkiG9w0BAQsFAAOCAQEAIZpgZ1QwScsHhCVRl/2D2HH1lSdvGqQEQzMAGzEM /rqYAfNtDJ7Jp0zcHLdyJKvTl1teJX9jqwmfyfWkF9M3Y37iI1pSGycXqIZ9cm3h F6LLeRTXwHmk9hw3NGL9WA5miry+c2k6Lm16FEA/QLzmoFzvV1Mn3tgtTa0ywar+ zMVBMsD/YMlzOLro5yPMzr+1V13jz5cJGGNqKauUnszMmR5PofuTcZsMgIDtFp/T UZ1AXJ70KDBR5vr/Rm/5LgyE7MHA1y33RwTHYVHHYdmAHarvGDBTN5oelg0iSe2y +WKj/8/ZaCc/S2Zq9UfslBxK8rIkjy1GfVb4QdLaGJNYAw== -----END CERTIFICATE-----Generated at Sat Nov 22 21:34:54 2025 by rpki-client