This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json) Hash identifier: 4ZshE1zn48ldCy75zcwkgdK72WcvjCK97BLQeWh8gNA= Subject key identifier: 1E:C9:BE:FF:4E:F2:29:57:6C:4A:C3:03:0F:AB:D2:94:87:7D:80:D7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 23922FA73097CA54B5BBD1C58C6E5330FF1BFAA2 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa Signing time: Wed 10 Dec 2025 06:50:46 +0000 ROA not before: Wed 10 Dec 2025 06:50:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 195.254.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:92:2f:a7:30:97:ca:54:b5:bb:d1:c5:8c:6e:53:30:ff:1b:fa:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2b4791a1ea0a43d66dac25ce913ce1aabc02065d22264021fe8124c31da316ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:7b:a4:70:fe:6c:37:1b:7b:e3:a5:c0:22:7f: d4:df:1f:76:70:05:ac:d4:96:9a:c1:77:bc:25:a7: 84:91:7b:da:fc:70:52:8c:cb:14:c4:2f:17:dc:d4: ca:2e:a8:ce:5e:49:ee:92:56:0c:98:dd:d5:71:51: 5d:2f:b5:13:18:65:de:5f:e8:81:69:e0:57:6a:3b: ab:bd:7c:98:b9:d0:bd:8c:df:8a:c3:6c:42:88:34: 1d:4b:f1:fd:7c:61:4b:0a:96:73:f3:8e:ee:75:cf: af:ef:3d:02:c3:16:ee:aa:b0:27:50:cb:d7:c1:5c: 4e:45:dd:82:51:9b:20:7d:ac:33:6f:4f:52:27:ab: 19:9c:8f:25:19:89:68:0c:c4:ec:4e:d5:16:dc:de: 5b:77:f8:1d:ba:2b:62:07:83:30:21:67:1e:d2:d9: 1d:31:28:3c:e0:28:a8:88:bd:b8:74:bf:fb:90:12: 34:f7:e1:3a:ae:e3:4e:32:02:bd:e2:9a:2f:73:95: 64:b8:aa:63:50:77:75:7d:e8:22:e1:0d:d0:0f:b3: ef:50:75:e2:98:ee:0f:aa:04:da:73:06:c1:81:ae: ca:de:b9:dd:13:90:dc:a6:d4:fb:e0:bc:5b:a6:4e: 08:bd:6b:5d:47:ff:97:e2:eb:63:28:65:b8:24:2b: bd:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C9:BE:FF:4E:F2:29:57:6C:4A:C3:03:0F:AB:D2:94:87:7D:80:D7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.254.0.0/17 Signature Algorithm: sha256WithRSAEncryption 49:6a:c2:68:b7:e2:0b:a0:09:0a:43:32:31:54:17:aa:09:b5: 26:00:10:70:31:d1:8d:ff:9a:c6:56:02:75:b6:d6:ee:a8:b4: 08:d3:0c:55:8f:cc:ad:f1:4c:62:e8:99:b6:88:d2:52:69:06: f5:ce:f9:92:e2:e2:ae:df:9f:14:0e:e6:3f:30:d3:bb:78:50: ff:b1:90:a2:b5:c9:3b:f4:28:e7:71:80:83:dd:5a:0e:e2:49: 05:24:70:2b:ea:64:32:a5:02:06:93:08:9d:2f:39:f0:05:f9: 58:27:7b:51:e8:0e:17:ff:37:cc:0b:71:5e:6b:c5:c1:cd:b7: f4:4b:cd:05:84:38:dd:10:90:dd:2e:6e:f8:a7:34:a1:bb:59: 30:47:be:20:2c:a0:b8:1a:90:cf:a5:1e:0a:c6:c6:5e:fb:05: 7b:ce:df:14:2d:87:0c:23:7b:1f:47:12:c4:08:3e:d7:a1:69: 2d:5e:12:e2:e4:3f:ca:70:33:cd:47:43:52:2b:32:47:6b:32: 60:03:c3:1f:79:b1:d3:97:58:e5:4c:0c:e2:2b:9d:13:78:62: 1a:24:57:69:d5:bd:dd:fb:fa:2a:57:ce:24:b2:6d:30:51:75: a5:65:39:74:fc:96:6a:46:0f:5d:20:3f:16:25:92:cb:f5:91: 9e:84:73:ab -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUI5IvpzCXylS1u9HFjG5TMP8b+qIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJiNDc5MWExZWEwYTQzZDY2ZGFjMjVjZTkxM2NlMWFhYmMwMjA2NWQyMjI2 NDAyMWZlODEyNGMzMWRhMzE2ZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPV7pHD+bDcbe+OlwCJ/1N8fdnAFrNSWmsF3vCWnhJF72vxwUozLFMQvF9zU yi6ozl5J7pJWDJjd1XFRXS+1Exhl3l/ogWngV2o7q718mLnQvYzfisNsQog0HUvx /XxhSwqWc/OO7nXPr+89AsMW7qqwJ1DL18FcTkXdglGbIH2sM29PUierGZyPJRmJ aAzE7E7VFtzeW3f4HborYgeDMCFnHtLZHTEoPOAoqIi9uHS/+5ASNPfhOq7jTjIC veKaL3OVZLiqY1B3dX3oIuEN0A+z71B14pjuD6oE2nMGwYGuyt653ROQ3KbU++C8 W6ZOCL1rXUf/l+LrYyhluCQrvX8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQeyb7/ TvIpV2xKwwMPq9KUh32A1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN BgkqhkiG9w0BAQsFAAOCAQEASWrCaLfiC6AJCkMyMVQXqgm1JgAQcDHRjf+axlYC dbbW7qi0CNMMVY/MrfFMYuiZtojSUmkG9c75kuLirt+fFA7mPzDTu3hQ/7GQorXJ O/Qo53GAg91aDuJJBSRwK+pkMqUCBpMInS858AX5WCd7UegOF/83zAtxXmvFwc23 9EvNBYQ43RCQ3S5u+Kc0obtZMEe+ICyguBqQz6UeCsbGXvsFe87fFC2HDCN7H0cS xAg+16FpLV4S4uQ/ynAzzUdDUisyR2syYAPDH3mx05dY5UwM4iudE3hiGiRXadW9 3fv6KlfOJLJtMFF1pWU5dPyWakYPXSA/FiWSy/WRnoRzqw== -----END CERTIFICATE-----Generated at Wed Dec 10 09:21:45 2025 by rpki-client