This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json) Hash identifier: cvJM5WYkPv7sqrSj5rENHCNjJOC12lU/DAkJqf/+Qec= Subject key identifier: 36:9B:2D:23:89:6B:C5:42:23:A7:50:99:C6:6E:1F:F3:F6:4A:97:C3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 41E191EE6601E125630D60A26AF3C57EC5B88E22 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa Signing time: Sat 15 Nov 2025 06:40:54 +0000 ROA not before: Sat 15 Nov 2025 06:40:54 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 194.234.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 19 Nov 2025 08:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:e1:91:ee:66:01:e1:25:63:0d:60:a2:6a:f3:c5:7e:c5:b8:8e:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:54 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=011c0583d762854a955500bddd3ae6db14e3d9e2c9f1d300a87401a5f65031d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:7f:e6:14:b2:7c:20:0d:c2:de:15:73:de:b4: 64:6b:20:97:d0:1c:3b:d1:e7:4f:e8:f0:c5:d9:0b: 2d:0a:b0:58:77:95:1e:28:19:6a:7b:88:09:4c:9c: b9:9b:74:03:d0:0e:12:3d:b0:76:d3:00:9d:93:8d: 3a:e1:d8:32:4a:4a:1e:38:fa:99:50:4e:7b:1d:f1: 1f:10:32:14:b9:34:b5:7c:a7:e4:3c:c4:ce:dd:9c: e3:d1:07:85:ea:30:04:30:b8:30:f3:f5:78:bd:db: a1:1f:a0:32:87:1a:1d:7d:0f:7d:2a:3e:ed:74:ae: 05:fe:bc:da:5e:a9:ef:70:d8:7f:0a:06:90:1a:04: d4:f2:1b:7a:89:a0:c3:20:c5:83:5d:81:53:ed:c1: 74:48:5d:61:23:d3:d4:c9:7d:1c:38:89:b2:48:7e: c1:34:bd:f7:46:1f:a8:f3:03:49:c4:fa:1b:5b:6d: 62:62:82:19:6a:87:1d:25:13:7f:c3:a0:45:d6:44: 22:ec:74:eb:a5:4b:33:72:f6:8a:d2:a2:55:ee:1b: 2f:96:7e:24:9b:81:88:41:9f:ac:c1:78:63:7a:67: cc:60:ad:ae:df:be:2b:6f:e9:83:cd:79:e8:4e:cd: 56:d7:0e:02:83:e5:ab:b1:8c:0d:19:85:69:83:9d: ca:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:9B:2D:23:89:6B:C5:42:23:A7:50:99:C6:6E:1F:F3:F6:4A:97:C3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.234.0.0/15 Signature Algorithm: sha256WithRSAEncryption 79:da:a7:d3:64:b9:35:e0:34:52:9f:2d:b1:b3:66:15:5d:df: 7e:c9:14:c6:1b:31:79:21:4a:e0:60:3e:23:cf:e3:87:54:9e: 1e:67:ae:8c:cb:45:11:c7:79:e3:fc:dd:c8:3b:f2:7c:e8:4c: fa:77:f6:2e:8e:e6:8f:22:22:7a:c9:a9:85:0c:f8:4e:de:99: 2f:ac:a5:38:6c:1b:53:34:8c:6e:3a:e2:f5:e2:48:3e:c8:97: 67:b6:5a:a0:6b:fb:83:9f:99:39:c0:05:f1:eb:88:d5:93:8e: c0:c1:f3:0a:08:8a:47:36:63:bc:27:fd:6e:e7:c0:fc:25:79: be:9d:8a:36:66:2c:37:80:e6:b7:a3:86:41:0a:49:4b:54:61: c3:2f:2d:39:63:74:c4:a2:d9:12:b8:46:6b:53:f6:4f:f5:2e: db:e3:f7:3c:b7:94:ac:c2:e6:6a:3d:2b:30:9b:30:eb:40:3b: e2:14:7a:e7:b5:89:30:b7:f2:cf:87:db:c1:5e:a8:9d:2b:6b: d8:a4:60:7c:0d:e4:4b:83:e6:1e:ab:0f:e0:44:ec:5e:f6:1d: ac:59:93:73:47:24:44:af:e4:6e:ae:ef:5b:14:ee:2d:10:3c: ea:39:05:8a:1c:8a:df:9a:30:65:b2:00:f7:9e:5e:ca:03:77: 20:93:31:19 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUQeGR7mYB4SVjDWCiavPFfsW4jiIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwNTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDAxMWMwNTgzZDc2Mjg1NGE5NTU1MDBiZGRkM2FlNmRiMTRlM2Q5ZTJjOWYx ZDMwMGE4NzQwMWE1ZjY1MDMxZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKB/5hSyfCANwt4Vc960ZGsgl9AcO9HnT+jwxdkLLQqwWHeVHigZanuICUyc uZt0A9AOEj2wdtMAnZONOuHYMkpKHjj6mVBOex3xHxAyFLk0tXyn5DzEzt2c49EH heowBDC4MPP1eL3boR+gMocaHX0PfSo+7XSuBf682l6p73DYfwoGkBoE1PIbeomg wyDFg12BU+3BdEhdYSPT1Ml9HDiJskh+wTS990YfqPMDScT6G1ttYmKCGWqHHSUT f8OgRdZEIux066VLM3L2itKiVe4bL5Z+JJuBiEGfrMF4Y3pnzGCtrt++K2/pg815 6E7NVtcOAoPlq7GMDRmFaYOdyv0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2my0j iWvFQiOnUJnGbh/z9kqXwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G CSqGSIb3DQEBCwUAA4IBAQB52qfTZLk14DRSny2xs2YVXd9+yRTGGzF5IUrgYD4j z+OHVJ4eZ66My0URx3nj/N3IO/J86Ez6d/YujuaPIiJ6yamFDPhO3pkvrKU4bBtT NIxuOuL14kg+yJdntlqga/uDn5k5wAXx64jVk47AwfMKCIpHNmO8J/1u58D8JXm+ nYo2Ziw3gOa3o4ZBCklLVGHDLy05Y3TEotkSuEZrU/ZP9S7b4/c8t5SswuZqPSsw mzDrQDviFHrntYkwt/LPh9vBXqidK2vYpGB8DeRLg+Yeqw/gROxe9h2sWZNzRyRE r+Ruru9bFO4tEDzqOQWKHIrfmjBlsgD3nl7KA3cgkzEZ -----END CERTIFICATE-----Generated at Tue Nov 18 17:32:28 2025 by rpki-client