This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json) Hash identifier: erq6lswCeNSFsl1pAVDopoHNexYgyO1W2DCjwn4xrIY= Subject key identifier: 49:D1:8C:2B:90:FD:27:64:BD:AA:ED:3B:CB:49:7C:6B:2D:0E:F5:93 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 43819C26F631F10B5B78B5CBFCDCD28977BE2E04 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa Signing time: Sat 15 Nov 2025 06:50:22 +0000 ROA not before: Sat 15 Nov 2025 06:50:22 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 200.197.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 11:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:81:9c:26:f6:31:f1:0b:5b:78:b5:cb:fc:dc:d2:89:77:be:2e:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:22 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=efbf456173d4092aa473187bab16977572711b995af0bbea6b71ef30c13fa65f, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1b:a5:d9:a3:47:da:18:b7:56:98:02:cc:d4: d1:be:fe:4b:a8:9f:81:e4:ff:7c:d3:83:59:82:c3: 5e:54:7f:f1:39:a0:d0:77:05:02:f1:b9:b9:f8:46: 00:ae:93:90:c0:4c:3f:ee:ad:c2:4b:ea:24:7a:ce: 94:e9:69:91:bf:6f:5e:e8:19:44:03:91:fb:9a:54: 3e:3b:90:a6:53:6d:8f:f2:69:7d:56:c1:d9:e6:08: b9:3b:d1:5b:1e:92:63:3f:3d:84:b8:11:24:64:68: e1:90:24:90:db:8b:dc:95:0e:0c:61:d1:ec:b0:d4: 68:9e:a9:7a:d0:e7:2a:66:3c:84:dd:51:00:03:52: 9f:5b:95:c6:ba:06:33:98:82:11:65:06:6e:e1:57: c1:2f:20:38:0f:8e:94:18:f9:51:b9:e9:06:62:f1: d3:c5:71:07:fe:2e:7f:2f:66:17:72:d9:50:74:89: 0e:56:61:a5:ec:d1:12:5a:6c:9f:ce:79:0e:94:eb: 36:d8:24:e6:9f:01:07:97:8f:09:21:3a:84:09:19: 26:80:c8:3b:a9:7c:92:45:63:51:33:c7:9d:b6:6c: d3:9d:2a:6e:d3:e7:23:f3:b8:57:97:80:4d:c8:3a: ea:4b:20:eb:13:fc:90:6d:41:85:d8:fd:af:ed:1b: d7:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:D1:8C:2B:90:FD:27:64:BD:AA:ED:3B:CB:49:7C:6B:2D:0E:F5:93 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 200.197.0.0/16 Signature Algorithm: sha256WithRSAEncryption d2:2f:a8:df:00:53:60:09:aa:a5:49:9c:4c:03:ba:95:33:1f: 37:e7:da:a3:72:62:ed:e5:05:4f:73:32:2c:cf:c4:db:eb:a2: 76:73:8c:27:72:74:58:8f:0d:51:06:f4:54:30:24:7a:1c:53: b5:10:58:6d:67:d1:b3:2d:cc:58:0e:da:11:3f:67:5a:47:cc: 34:c5:1e:73:28:f6:76:de:2a:89:71:c4:ad:4a:36:ff:53:b0: 13:a9:bf:d8:8f:fc:28:0d:bf:65:8b:52:32:8d:13:04:83:ce: 77:c6:12:50:b1:5a:40:06:59:59:ad:42:e2:dd:26:f3:90:d3: c7:98:15:6b:21:1c:54:67:3f:41:39:35:8b:3f:72:51:99:ad: 67:8b:3d:c7:5f:71:f6:ad:e2:20:a4:45:02:58:be:a8:56:64: f8:23:80:ef:35:ff:32:bc:3e:08:1e:af:1a:96:16:9b:b5:88: d9:5e:c4:25:e2:9e:7e:32:5e:35:70:10:3a:33:18:04:88:df: d9:6d:26:2a:42:2e:1e:43:63:b3:1e:39:8f:67:85:c1:a6:e2: e6:8d:b1:fb:60:5a:89:d4:af:9f:3a:9d:8c:9b:a8:aa:f6:be: ba:ef:73:d2:39:c7:33:c0:7d:64:a4:a9:df:48:37:95:28:62: 17:9b:96:0c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUQ4GcJvYx8QtbeLXL/NzSiXe+LgQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGVmYmY0NTYxNzNkNDA5MmFhNDczMTg3YmFiMTY5Nzc1NzI3MTFiOTk1YWYw YmJlYTZiNzFlZjMwYzEzZmE2NWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0bpdmjR9oYt1aYAszU0b7+S6ifgeT/fNODWYLDXlR/8Tmg0HcFAvG5ufhG AK6TkMBMP+6twkvqJHrOlOlpkb9vXugZRAOR+5pUPjuQplNtj/JpfVbB2eYIuTvR Wx6SYz89hLgRJGRo4ZAkkNuL3JUODGHR7LDUaJ6petDnKmY8hN1RAANSn1uVxroG M5iCEWUGbuFXwS8gOA+OlBj5UbnpBmLx08VxB/4ufy9mF3LZUHSJDlZhpezRElps n855DpTrNtgk5p8BB5ePCSE6hAkZJoDIO6l8kkVjUTPHnbZs050qbtPnI/O4V5eA Tcg66ksg6xP8kG1Bhdj9r+0b198CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRJ0Ywr kP0nZL2q7TvLSXxrLQ71kzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G CSqGSIb3DQEBCwUAA4IBAQDSL6jfAFNgCaqlSZxMA7qVMx8359qjcmLt5QVPczIs z8Tb66J2c4wncnRYjw1RBvRUMCR6HFO1EFhtZ9GzLcxYDtoRP2daR8w0xR5zKPZ2 3iqJccStSjb/U7ATqb/Yj/woDb9li1IyjRMEg853xhJQsVpABllZrULi3SbzkNPH mBVrIRxUZz9BOTWLP3JRma1niz3HX3H2reIgpEUCWL6oVmT4I4DvNf8yvD4IHq8a lhabtYjZXsQl4p5+Ml41cBA6MxgEiN/ZbSYqQi4eQ2OzHjmPZ4XBpuLmjbH7YFqJ 1K+fOp2Mm6iq9r6673PSOcczwH1kpKnfSDeVKGIXm5YM -----END CERTIFICATE-----Generated at Thu Nov 27 16:07:10 2025 by rpki-client