This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json) Hash identifier: NNBhTtWVHA4ltYIMKGJEvNkt7NjtMjmjIIPx47r4bDE= Subject key identifier: 62:F8:B9:0B:95:3F:B6:E6:FD:46:91:F9:29:E8:55:9E:FC:37:D7:75 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2CDA05DFA704161A7E26F02AB7388C25DA6E7E94 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa Signing time: Sat 15 Nov 2025 06:50:44 +0000 ROA not before: Sat 15 Nov 2025 06:50:44 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 195.254.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 19 Nov 2025 17:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:da:05:df:a7:04:16:1a:7e:26:f0:2a:b7:38:8c:25:da:6e:7e:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:44 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5e4d6615490166ba7343d96625bedb72b2e95189f617d89f7478fda9c3bbaf96, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:78:5f:32:4a:a7:ab:ed:9b:a6:c2:bf:f7:8c: 7f:96:45:ec:e9:62:d3:24:17:b5:3d:e5:b3:3b:c7: 2e:c0:da:88:60:65:ca:87:33:a4:3c:80:d1:cc:ab: a2:95:8f:6b:d3:f1:5f:db:64:2b:f0:a2:15:4a:97: 29:7a:ce:b7:11:67:f3:3c:57:e6:6f:5c:e7:9f:f3: 59:a9:ec:a4:4f:11:47:37:f8:45:b3:45:45:ba:9f: 2a:3a:ea:d8:28:d7:88:ee:3c:3e:87:d8:f8:96:24: 93:74:8c:d7:8c:03:70:82:92:60:29:18:3c:e0:e5: 56:7b:2a:8f:6e:cd:65:94:af:33:5d:42:7e:5b:c1: 61:d9:fd:16:d0:db:25:9d:17:ee:0c:24:24:49:9f: 63:31:3b:72:f0:7b:aa:93:44:a9:c2:85:38:f6:22: 3c:4b:a1:50:a1:d4:f3:cd:6c:9a:0b:14:f6:58:8f: 52:74:1e:29:0f:49:8c:55:41:cd:28:96:81:8a:6f: e9:56:eb:38:d0:0b:67:bc:96:61:74:67:99:cb:04: 96:d6:a5:aa:df:30:5d:db:bf:94:6f:e7:9f:12:3c: 5e:b8:19:46:7a:e0:ce:c8:16:ac:2c:26:1b:0b:14: e9:92:de:62:1c:a2:0d:bd:eb:e8:2a:37:a5:f0:b8: 6b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:F8:B9:0B:95:3F:B6:E6:FD:46:91:F9:29:E8:55:9E:FC:37:D7:75 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.254.0.0/17 Signature Algorithm: sha256WithRSAEncryption 68:c3:2b:e1:29:92:5f:d4:b9:7b:54:66:1a:65:24:18:bb:eb: ce:44:11:78:92:f7:c0:de:24:be:97:66:b0:96:02:23:8f:8d: 4e:38:4c:74:33:3b:e7:f1:29:d1:fe:b8:f4:65:6c:ee:78:95: f3:24:d7:6e:e0:75:82:ba:9a:e7:28:d0:2b:d5:5a:e9:1a:e9: d9:c4:61:74:1d:96:70:61:74:1e:7d:a6:36:35:9d:4c:79:96: e6:79:fe:78:db:8d:e3:30:7f:9c:49:83:53:9d:24:ab:1b:b6: 99:94:ea:b0:b3:72:9d:6c:44:58:1a:f8:96:f0:63:0d:46:55: 90:62:ef:a7:bc:2e:c5:49:38:27:b7:a9:b4:1a:56:f7:fd:bd: 6f:72:ef:70:1f:ee:bb:c9:93:df:ed:a6:6a:ba:8f:84:b4:66: 9c:97:bb:dc:03:80:0b:a3:32:eb:09:a4:f6:e1:d4:cb:51:66: 8d:86:de:47:e2:3f:e2:92:ea:e4:9a:24:4c:b7:39:ef:44:f2: d3:93:7b:2b:ca:d0:2b:38:05:10:ab:33:c1:a6:99:c0:cc:2f: 90:c3:05:3a:70:10:d0:d1:49:e8:05:92:82:30:c8:94:1b:9d: cf:e5:79:f9:21:e6:07:06:6f:2d:3b:c1:45:89:6c:b0:33:0a: c7:0c:ea:75 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIULNoF36cEFhp+JvAqtziMJdpufpQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVlNGQ2NjE1NDkwMTY2YmE3MzQzZDk2NjI1YmVkYjcyYjJlOTUxODlmNjE3 ZDg5Zjc0NzhmZGE5YzNiYmFmOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANR4XzJKp6vtm6bCv/eMf5ZF7Oli0yQXtT3lszvHLsDaiGBlyoczpDyA0cyr opWPa9PxX9tkK/CiFUqXKXrOtxFn8zxX5m9c55/zWanspE8RRzf4RbNFRbqfKjrq 2CjXiO48PofY+JYkk3SM14wDcIKSYCkYPODlVnsqj27NZZSvM11CflvBYdn9FtDb JZ0X7gwkJEmfYzE7cvB7qpNEqcKFOPYiPEuhUKHU881smgsU9liPUnQeKQ9JjFVB zSiWgYpv6VbrONALZ7yWYXRnmcsEltalqt8wXdu/lG/nnxI8XrgZRnrgzsgWrCwm GwsU6ZLeYhyiDb3r6Co3pfC4azUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRi+LkL lT+25v1Gkfkp6FWe/DfXdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN BgkqhkiG9w0BAQsFAAOCAQEAaMMr4SmSX9S5e1RmGmUkGLvrzkQReJL3wN4kvpdm sJYCI4+NTjhMdDM75/Ep0f649GVs7niV8yTXbuB1grqa5yjQK9Va6Rrp2cRhdB2W cGF0Hn2mNjWdTHmW5nn+eNuN4zB/nEmDU50kqxu2mZTqsLNynWxEWBr4lvBjDUZV kGLvp7wuxUk4J7eptBpW9/29b3LvcB/uu8mT3+2marqPhLRmnJe73AOAC6My6wmk 9uHUy1FmjYbeR+I/4pLq5JokTLc570Ty05N7K8rQKzgFEKszwaaZwMwvkMMFOnAQ 0NFJ6AWSgjDIlBudz+V5+SHmBwZvLTvBRYlssDMKxwzqdQ== -----END CERTIFICATE-----Generated at Wed Nov 19 02:49:53 2025 by rpki-client