This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json) Hash identifier: Y5N3oCew83MHjU9vAynSfDXwVUh8NgUDANRHc2XTV8I= Subject key identifier: 26:8D:E3:B4:1F:3F:94:5B:F6:5E:1D:AB:37:53:66:A0:74:B0:18:CB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 73F83F0B9ED21D13399EE42D06CA9C8CE5451703 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa Signing time: Tue 25 Nov 2025 20:10:25 +0000 ROA not before: Tue 25 Nov 2025 20:10:25 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 195.119.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 02 Dec 2025 14:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:f8:3f:0b:9e:d2:1d:13:39:9e:e4:2d:06:ca:9c:8c:e5:45:17:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:25 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=6e85cb3d1b6755ba4d3098b91ca5ad458c397bfadcae640a15b64a2147817304, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:d1:1f:7b:2d:f6:ef:4d:27:b2:b7:77:3d:3d: e8:fc:19:18:d5:e4:fb:d0:bc:d6:2f:61:33:dd:e4: 50:8b:da:45:24:34:f6:fc:a7:29:e5:3a:28:56:ad: 02:4b:a3:1f:4b:86:cb:c9:b4:62:75:3d:5d:ed:b2: 44:21:21:23:d0:8b:87:20:db:9e:b4:10:bc:35:b5: f4:bf:fd:90:78:eb:b7:9b:23:cf:af:11:2c:a8:cc: 0d:9e:b8:0b:e4:1c:af:a7:1d:0c:9b:0b:3f:77:b8: 70:56:3a:1b:5d:aa:c0:d7:60:62:26:bb:c3:bf:65: e2:bd:77:33:05:1d:88:68:dc:50:35:fa:c8:40:d3: 69:29:90:8e:0d:85:77:e0:01:d4:0f:19:80:f0:50: 5f:a8:2c:37:58:23:6e:02:47:38:f8:58:cc:8d:82: c4:95:b8:62:3d:4e:57:48:c2:d7:19:95:b7:70:7b: ee:77:9f:d2:b5:be:aa:76:8a:8d:32:84:a8:05:66: a6:9c:0f:00:f2:56:ea:ff:8f:b6:83:b2:8f:23:6e: 09:b2:6e:ff:5b:51:5d:f3:d5:da:5b:51:0b:5a:96: 80:e6:b1:58:48:40:81:5e:8b:f6:af:30:54:91:d3: ab:87:94:e3:21:79:17:1b:f5:f3:33:0c:89:6e:5f: 96:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:8D:E3:B4:1F:3F:94:5B:F6:5E:1D:AB:37:53:66:A0:74:B0:18:CB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.119.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3b:11:44:4b:ba:9f:a6:72:e7:4e:55:4a:fd:49:e5:08:96:a8: 56:b2:f2:7d:c3:01:ba:5e:d4:10:be:00:f8:01:88:26:e7:8b: c6:8a:9a:c1:28:d2:ca:22:6a:73:1e:43:a8:91:57:e0:43:94: 8a:a2:54:a3:b9:6c:86:9c:be:4f:20:48:ef:36:e9:6d:c2:72: b4:16:cc:31:a2:03:5b:3b:0a:a6:7f:64:a9:10:bf:48:c9:19: 64:59:9f:e6:84:30:c2:67:73:c3:70:1b:34:4e:9f:33:b9:dc: bd:c7:c4:32:94:ec:da:ca:2e:da:d7:16:e1:a2:3a:81:3a:24: 6c:34:83:b3:79:12:12:5c:5d:19:1b:f0:e6:b4:86:a1:bd:b0: 82:8d:04:16:8b:6e:37:59:90:ca:1d:9b:7d:33:20:f0:17:ca: e1:58:08:85:43:b0:b6:a7:ff:bf:88:0f:0d:80:71:7e:d9:43: cd:47:11:95:05:1e:46:36:37:fd:d9:72:e2:37:3c:49:16:0a: 3f:aa:95:24:ca:ad:15:ab:f4:e0:2c:81:d9:fa:0b:ab:31:d8: 25:24:ca:3c:bb:0b:cf:f8:c1:5b:96:e1:af:21:b7:e4:80:97: 03:74:33:4a:81:55:b1:5b:43:5b:bd:eb:bb:d9:ee:e4:bc:18: 42:31:10:22 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUc/g/C57SHRM5nuQtBsqcjOVFFwMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDZlODVjYjNkMWI2NzU1YmE0ZDMwOThiOTFjYTVhZDQ1OGMzOTdiZmFkY2Fl NjQwYTE1YjY0YTIxNDc4MTczMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ3RH3st9u9NJ7K3dz096PwZGNXk+9C81i9hM93kUIvaRSQ09vynKeU6KFat AkujH0uGy8m0YnU9Xe2yRCEhI9CLhyDbnrQQvDW19L/9kHjrt5sjz68RLKjMDZ64 C+Qcr6cdDJsLP3e4cFY6G12qwNdgYia7w79l4r13MwUdiGjcUDX6yEDTaSmQjg2F d+AB1A8ZgPBQX6gsN1gjbgJHOPhYzI2CxJW4Yj1OV0jC1xmVt3B77nef0rW+qnaK jTKEqAVmppwPAPJW6v+PtoOyjyNuCbJu/1tRXfPV2ltRC1qWgOaxWEhAgV6L9q8w VJHTq4eU4yF5Fxv18zMMiW5fljsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmjeO0 Hz+UW/ZeHas3U2agdLAYyzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G CSqGSIb3DQEBCwUAA4IBAQA7EURLup+mcudOVUr9SeUIlqhWsvJ9wwG6XtQQvgD4 AYgm54vGiprBKNLKImpzHkOokVfgQ5SKolSjuWyGnL5PIEjvNultwnK0FswxogNb Owqmf2SpEL9IyRlkWZ/mhDDCZ3PDcBs0Tp8zudy9x8QylOzayi7a1xbhojqBOiRs NIOzeRISXF0ZG/DmtIahvbCCjQQWi243WZDKHZt9MyDwF8rhWAiFQ7C2p/+/iA8N gHF+2UPNRxGVBR5GNjf92XLiNzxJFgo/qpUkyq0Vq/TgLIHZ+gurMdglJMo8uwvP +MFbluGvIbfkgJcDdDNKgVWxW0Nbveu72e7kvBhCMRAi -----END CERTIFICATE-----Generated at Mon Dec 1 21:15:44 2025 by rpki-client