This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json) Hash identifier: OEdQudD/BtSmhuRgGB9Cvy6fFhaTf98OkWUhocjGd2k= Subject key identifier: 93:23:C3:D4:E4:00:61:64:4D:FD:E4:D5:6F:19:FF:1B:6A:CC:C6:B4 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 18CDAAB2605C049E4FD03DAB70D7477AE426EA77 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa Signing time: Sat 15 Nov 2025 06:40:36 +0000 ROA not before: Sat 15 Nov 2025 06:40:36 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 145.17.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 20 Nov 2025 07:56:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:cd:aa:b2:60:5c:04:9e:4f:d0:3d:ab:70:d7:47:7a:e4:26:ea:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:36 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4b6deb849f1f518d3ff768ff6e9b9ed39bc01ff3dd8128cb9fabac371d64de1c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:51:02:db:1e:30:9f:a7:9b:cd:03:b2:47:3f: fd:c2:38:ed:cb:e7:79:03:66:15:ba:d6:ff:bb:b6: 1a:5a:d1:f7:fa:5a:a1:b2:ab:91:58:42:83:fa:10: bb:c1:19:a3:ee:d1:af:3b:78:90:96:33:ff:90:50: 9f:b8:e4:97:48:36:df:94:cf:25:cd:83:4d:a2:a7: c9:b3:fc:56:d9:3b:7c:a0:42:fc:a6:2f:3c:1f:91: 5d:58:7c:d0:70:33:ce:a4:36:93:a9:09:95:41:5c: 57:28:db:06:bb:cd:00:99:0a:65:4d:91:2c:67:a3: 1b:05:bd:f3:d1:72:7a:46:ff:e1:6e:de:a6:73:f7: 10:40:0b:25:11:e7:b2:63:78:b7:d3:13:f7:13:ce: 74:2b:4d:3d:46:eb:2e:c3:d0:cd:95:5b:0d:95:c7: 85:e0:16:0b:ac:94:8d:fd:0e:1f:c0:c6:fd:93:bd: c0:b8:60:73:a8:ce:0c:81:49:ec:84:10:d5:d6:16: b6:e8:59:b2:08:72:9e:8d:85:2c:4c:e8:61:3c:23: a7:24:a9:06:be:2f:9d:0a:4c:47:8b:2e:4f:9a:4c: 15:5b:65:f3:a4:91:94:60:0c:6c:7a:03:c6:86:da: 81:6b:a3:60:0c:f8:72:94:97:2a:e4:00:ad:41:90: be:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:23:C3:D4:E4:00:61:64:4D:FD:E4:D5:6F:19:FF:1B:6A:CC:C6:B4 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 145.17.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3b:3c:90:a0:5b:bf:0e:c9:68:b8:f0:b4:1b:b4:89:a8:21:ed: b9:26:7c:b8:af:15:92:b1:44:c9:81:ef:26:af:d4:96:28:2b: f9:d7:1c:18:9e:ba:fb:cb:4c:2e:7f:15:15:e5:72:5f:39:44: 5f:99:e7:29:a7:48:5f:bc:fa:0e:b7:fe:27:bc:6e:6a:33:19: 4b:3e:25:12:db:f9:12:fb:ea:58:45:e8:58:e4:0a:39:74:44: 6a:d4:40:1f:68:af:62:69:a9:fe:b0:3a:d4:a7:4f:2b:e8:62: 3c:66:c9:db:a5:c8:0d:08:1f:ba:6f:b7:c6:88:30:9f:8d:e9: 5d:68:aa:b9:03:ca:4d:df:06:b8:3f:07:52:8e:ae:76:06:7b: 8b:d7:71:c9:58:18:a2:75:67:6d:a8:e2:1e:84:1d:24:e9:2d: dc:21:9e:84:52:2d:dc:c3:be:1e:4f:63:40:3b:04:53:ec:b6: be:1c:bf:1d:99:ad:30:df:3d:7f:57:30:6c:f9:d2:b1:e0:ee: e3:96:2a:41:8c:2a:91:6e:6c:61:9e:c3:ce:6f:12:9b:e8:7e: 9d:51:6c:65:ce:2b:4c:8b:eb:05:00:1a:86:a1:e1:f7:3d:4d: c9:a5:33:97:75:5f:62:b4:2f:28:aa:c6:a3:34:0d:f0:94:46: c1:f6:62:d1 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUGM2qsmBcBJ5P0D2rcNdHeuQm6ncwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMzZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDRiNmRlYjg0OWYxZjUxOGQzZmY3NjhmZjZlOWI5ZWQzOWJjMDFmZjNkZDgx MjhjYjlmYWJhYzM3MWQ2NGRlMWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIZRAtseMJ+nm80Dskc//cI47cvneQNmFbrW/7u2GlrR9/paobKrkVhCg/oQ u8EZo+7Rrzt4kJYz/5BQn7jkl0g235TPJc2DTaKnybP8Vtk7fKBC/KYvPB+RXVh8 0HAzzqQ2k6kJlUFcVyjbBrvNAJkKZU2RLGejGwW989Fyekb/4W7epnP3EEALJRHn smN4t9MT9xPOdCtNPUbrLsPQzZVbDZXHheAWC6yUjf0OH8DG/ZO9wLhgc6jODIFJ 7IQQ1dYWtuhZsghyno2FLEzoYTwjpySpBr4vnQpMR4suT5pMFVtl86SRlGAMbHoD xobagWujYAz4cpSXKuQArUGQvlUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTI8PU 5ABhZE395NVvGf8baszGtDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G CSqGSIb3DQEBCwUAA4IBAQA7PJCgW78OyWi48LQbtImoIe25Jny4rxWSsUTJge8m r9SWKCv51xwYnrr7y0wufxUV5XJfOURfmecpp0hfvPoOt/4nvG5qMxlLPiUS2/kS ++pYRehY5Ao5dERq1EAfaK9iaan+sDrUp08r6GI8ZsnbpcgNCB+6b7fGiDCfjeld aKq5A8pN3wa4PwdSjq52BnuL13HJWBiidWdtqOIehB0k6S3cIZ6EUi3cw74eT2NA OwRT7La+HL8dma0w3z1/VzBs+dKx4O7jlipBjCqRbmxhnsPObxKb6H6dUWxlzitM i+sFABqGoeH3PU3JpTOXdV9itC8oqsajNA3wlEbB9mLR -----END CERTIFICATE-----Generated at Wed Nov 19 11:31:15 2025 by rpki-client