This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json) Hash identifier: H5V9fgwEM/inwTn8TFJcwsZdPCVMy3b/XFPLUapX1Nw= Subject key identifier: 5B:65:DB:F5:76:EA:9C:0C:90:FA:19:2F:32:45:8D:7E:66:FF:F0:8A Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 18022C585FB43B2DFE0FE41D80298F5BA3E0DC48 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa Signing time: Tue 25 Nov 2025 20:10:05 +0000 ROA not before: Tue 25 Nov 2025 20:10:05 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 185.72.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 27 Nov 2025 22:51:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:02:2c:58:5f:b4:3b:2d:fe:0f:e4:1d:80:29:8f:5b:a3:e0:dc:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:05 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=f70150e5c165bbc97b8c28d2ff9492c5e12c2b74ea3a2ae0d8fdb4286d15c0a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:2e:58:b0:8e:df:02:f8:9f:03:68:4c:2c:4e: 76:0b:59:f9:a2:ca:70:42:b9:8c:c2:a9:da:c8:61: af:e9:b6:b4:0c:5c:cb:ad:f2:55:f9:d0:00:b8:8b: a3:d2:e9:86:f9:24:04:4b:ba:98:a3:fb:3d:fb:2b: d4:88:49:f6:56:dc:ba:4d:ef:e3:f8:72:c1:98:6c: e0:38:89:d4:eb:76:e8:ee:3f:8c:15:48:ea:c1:cc: 9a:a1:69:a2:aa:fe:5f:05:58:86:09:29:34:40:c4: cd:5f:19:9c:70:f4:12:47:08:39:e6:02:0a:4a:e1: 08:cc:10:65:22:20:0e:ee:da:9a:b5:58:1c:10:d7: 4a:e5:06:f7:8c:11:39:88:25:58:87:86:4b:6e:9d: cf:32:6c:c3:54:74:a2:b5:4f:40:b5:5c:78:13:c9: 80:d3:36:54:c9:76:1e:e5:80:28:2d:61:39:c3:46: 0f:ff:e3:53:0f:ba:09:dd:ce:52:69:b9:62:b2:69: 3d:0d:ed:9d:bb:6e:15:eb:ee:a4:ac:de:b9:11:cc: f0:b5:12:ca:0e:31:77:7f:99:3e:8d:45:17:8c:69: 92:36:25:1f:d5:52:42:11:f1:cc:44:cd:67:08:d6: 05:79:c4:27:b6:f5:7f:33:7a:93:09:96:ca:b8:ae: de:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:65:DB:F5:76:EA:9C:0C:90:FA:19:2F:32:45:8D:7E:66:FF:F0:8A X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.72.192.0/22 Signature Algorithm: sha256WithRSAEncryption 6c:1f:0e:35:77:e5:17:75:30:76:0b:7e:54:a5:41:e8:77:83: e6:e5:1c:2d:0a:9c:62:0e:53:fc:4d:fc:2a:43:e1:a5:90:50: bd:03:37:cc:71:8f:23:5c:e0:2f:e7:33:6f:87:1a:61:23:25: ba:d9:25:ec:02:52:d2:24:48:da:89:b1:74:aa:8c:83:eb:13: ce:e4:2a:68:b4:fd:0b:26:6c:91:45:b2:08:a8:be:9c:bd:0f: a2:cc:7a:c5:96:2a:b8:f5:04:02:d9:35:bb:43:d9:01:2f:d4: d5:e0:21:ce:00:f2:1e:a3:98:49:04:58:46:54:cb:7c:1a:9d: 73:65:69:db:bd:55:02:08:ba:b7:a9:35:ed:ce:7c:c3:07:cb: e9:6b:03:6f:39:2a:da:4f:64:4e:27:02:41:4c:27:d2:2c:0e: 5d:7a:d3:8f:85:ad:04:46:58:34:32:cd:19:1a:d8:bf:84:9e: 00:f2:56:2e:00:ed:16:a8:fd:17:af:45:70:51:c4:23:56:87: 81:e5:57:a1:af:54:c0:fd:a0:d3:0e:3a:15:15:2d:1a:96:5c: 83:bd:40:a3:55:89:44:35:21:9f:74:ab:8a:79:57:66:84:c2: 66:99:0a:28:d2:b4:cc:09:87:2b:f2:95:b8:4e:a7:4a:d0:e9: 01:2b:a0:2b -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUGAIsWF+0Oy3+D+QdgCmPW6Pg3EgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGY3MDE1MGU1YzE2NWJiYzk3YjhjMjhkMmZmOTQ5MmM1ZTEyYzJiNzRlYTNh MmFlMGQ4ZmRiNDI4NmQxNWMwYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJIuWLCO3wL4nwNoTCxOdgtZ+aLKcEK5jMKp2shhr+m2tAxcy63yVfnQALiL o9LphvkkBEu6mKP7Pfsr1IhJ9lbcuk3v4/hywZhs4DiJ1Ot26O4/jBVI6sHMmqFp oqr+XwVYhgkpNEDEzV8ZnHD0EkcIOeYCCkrhCMwQZSIgDu7amrVYHBDXSuUG94wR OYglWIeGS26dzzJsw1R0orVPQLVceBPJgNM2VMl2HuWAKC1hOcNGD//jUw+6Cd3O Umm5YrJpPQ3tnbtuFevupKzeuRHM8LUSyg4xd3+ZPo1FF4xpkjYlH9VSQhHxzETN ZwjWBXnEJ7b1fzN6kwmWyriu3vMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRbZdv1 duqcDJD6GS8yRY1+Zv/wijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN BgkqhkiG9w0BAQsFAAOCAQEAbB8ONXflF3Uwdgt+VKVB6HeD5uUcLQqcYg5T/E38 KkPhpZBQvQM3zHGPI1zgL+czb4caYSMlutkl7AJS0iRI2omxdKqMg+sTzuQqaLT9 CyZskUWyCKi+nL0Posx6xZYquPUEAtk1u0PZAS/U1eAhzgDyHqOYSQRYRlTLfBqd c2Vp271VAgi6t6k17c58wwfL6WsDbzkq2k9kTicCQUwn0iwOXXrTj4WtBEZYNDLN GRrYv4SeAPJWLgDtFqj9F69FcFHEI1aHgeVXoa9UwP2g0w46FRUtGpZcg71Ao1WJ RDUhn3SrinlXZoTCZpkKKNK0zAmHK/KVuE6nStDpASugKw== -----END CERTIFICATE-----Generated at Thu Nov 27 03:59:08 2025 by rpki-client