This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json) Hash identifier: SZE93Xz1lEgSaN6fZVx1QH+n7zoKGAQBrQo6cZa1i5I= Subject key identifier: 85:84:5A:BB:C2:6B:EC:DE:B5:52:A8:DC:9A:97:45:51:71:37:D5:F4 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4A50E5C12C4584F014BD241F626806056DBFF440 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa Signing time: Tue 25 Nov 2025 20:10:05 +0000 ROA not before: Tue 25 Nov 2025 20:10:05 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.104.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:50:e5:c1:2c:45:84:f0:14:bd:24:1f:62:68:06:05:6d:bf:f4:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:05 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=5303e226658e8eb9542cebfc0b7a0b714a2f685e50e7f9fc9af0e00c510c5371, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b9:83:22:d9:d3:af:b5:db:81:af:10:dc:3b: f7:71:3a:d8:b8:55:25:76:c6:1e:31:06:fc:1d:dd: ea:75:ea:8e:ee:f8:a1:d9:49:00:8c:e0:b9:27:f0: 0b:d9:fd:ba:26:e8:24:42:19:f5:69:b3:30:23:c0: bb:e1:86:7a:cd:73:03:2e:8b:45:c4:24:2e:39:12: b6:36:b3:41:8c:83:0c:50:97:05:2e:0e:bf:d6:8a: 04:3f:79:20:f1:f0:62:25:0e:a2:f7:31:27:6e:3a: b2:e9:6b:5b:1b:2b:b1:61:8c:17:50:c5:43:d7:23: 8a:d0:25:78:0d:27:10:a2:5c:aa:fc:6e:0a:b3:57: 49:a6:0c:64:09:f7:76:88:d5:38:c4:a1:80:8e:e3: ad:c6:ea:0c:50:12:37:f7:5c:27:ec:ea:d3:4d:63: ba:87:44:8b:b9:12:9a:df:07:61:cd:c1:d8:ec:14: dc:ec:4e:88:a1:62:af:6d:93:9d:57:c7:0b:d2:d9: 9c:d5:ec:e7:61:99:de:00:60:bf:a3:90:3a:1c:28: 37:d6:12:02:09:f8:d2:8f:d2:72:05:4e:58:37:df: 54:92:f3:70:ef:b6:95:ef:34:3f:3b:71:c3:9f:80: 17:a4:34:1b:0f:9b:a2:ba:e9:42:34:2c:ab:88:bd: ce:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:84:5A:BB:C2:6B:EC:DE:B5:52:A8:DC:9A:97:45:51:71:37:D5:F4 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.104.0.0/13 Signature Algorithm: sha256WithRSAEncryption 35:06:08:71:56:b1:5e:6d:60:a9:1e:d2:ff:30:ff:fc:ff:c1: 23:bb:34:a6:32:f8:fb:83:e7:36:a2:04:04:3e:1d:71:07:aa: c6:f0:36:93:bb:b2:1f:48:d5:6e:af:04:c1:9a:e4:ef:13:8c: 5d:ba:ce:97:dc:f2:00:57:ba:d5:2a:f5:4f:90:f2:aa:e4:79: 3f:fd:22:7f:9f:ca:70:4d:12:08:36:86:89:c7:9e:ac:ad:1a: c2:bf:78:3f:14:87:f6:5a:ed:8d:8f:e8:df:04:b1:2e:ba:1d: 24:54:8f:74:24:c8:90:9b:72:ab:d8:29:77:7a:28:57:b4:50: 62:12:37:1b:5d:fa:f2:e0:47:14:41:f6:70:81:e5:35:6b:85: 7d:f7:c9:f3:c0:f1:b6:97:52:2c:b8:70:d7:20:74:df:bb:b3: 6f:b5:0c:33:a6:02:60:f1:50:9b:05:e0:06:db:5f:a7:ad:10: 20:e7:cf:40:df:c1:17:f4:00:a5:fa:7a:0e:3e:63:82:54:1a: 18:19:de:7d:a9:96:17:14:5f:29:e4:65:70:5e:7d:8c:fc:bb: 99:7a:b6:85:47:ce:59:e0:8c:ad:ab:b3:13:76:fd:56:45:eb: 50:72:72:02:ef:cd:75:c0:af:d0:8c:ee:5e:1d:8a:1c:e8:91: 60:4d:13:f6 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSlDlwSxFhPAUvSQfYmgGBW2/9EAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDUzMDNlMjI2NjU4ZThlYjk1NDJjZWJmYzBiN2EwYjcxNGEyZjY4NWU1MGU3 ZjlmYzlhZjBlMDBjNTEwYzUzNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKK5gyLZ06+124GvENw793E62LhVJXbGHjEG/B3d6nXqju74odlJAIzguSfw C9n9uiboJEIZ9WmzMCPAu+GGes1zAy6LRcQkLjkStjazQYyDDFCXBS4Ov9aKBD95 IPHwYiUOovcxJ246sulrWxsrsWGMF1DFQ9cjitAleA0nEKJcqvxuCrNXSaYMZAn3 dojVOMShgI7jrcbqDFASN/dcJ+zq001juodEi7kSmt8HYc3B2OwU3OxOiKFir22T nVfHC9LZnNXs52GZ3gBgv6OQOhwoN9YSAgn40o/ScgVOWDffVJLzcO+2le80Pztx w5+AF6Q0Gw+borrpQjQsq4i9zi0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSFhFq7 wmvs3rVSqNyal0VRcTfV9DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G CSqGSIb3DQEBCwUAA4IBAQA1BghxVrFebWCpHtL/MP/8/8EjuzSmMvj7g+c2ogQE Ph1xB6rG8DaTu7IfSNVurwTBmuTvE4xdus6X3PIAV7rVKvVPkPKq5Hk//SJ/n8pw TRIINoaJx56srRrCv3g/FIf2Wu2Nj+jfBLEuuh0kVI90JMiQm3Kr2Cl3eihXtFBi EjcbXfry4EcUQfZwgeU1a4V998nzwPG2l1IsuHDXIHTfu7NvtQwzpgJg8VCbBeAG 21+nrRAg589A38EX9ACl+noOPmOCVBoYGd59qZYXFF8p5GVwXn2M/LuZeraFR85Z 4Iytq7MTdv1WRetQcnIC7811wK/QjO5eHYoc6JFgTRP2 -----END CERTIFICATE-----Generated at Sun Dec 7 12:26:13 2025 by rpki-client