This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json) Hash identifier: Qi6ol310qBrq6r9iEup163ROU9Db7g6SjwfGpiv8d4M= Subject key identifier: 7D:DD:31:69:E6:79:35:93:DC:FE:75:4A:FA:07:96:89:8F:74:23:08 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5BA073BA32E8313E7BD811458E3392BB477B6941 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa Signing time: Wed 10 Dec 2025 06:40:20 +0000 ROA not before: Wed 10 Dec 2025 06:40:20 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 193.57.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:a0:73:ba:32:e8:31:3e:7b:d8:11:45:8e:33:92:bb:47:7b:69:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:20 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=78ad92102e13e61c47d4e1beed110c2a62c35d6b100e1d4f3135253de8502c5e, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:23:aa:f8:c3:52:3a:b3:54:98:ba:96:55:18: 34:d9:66:bd:4f:72:c1:05:c9:8b:7d:b3:c1:04:cc: 80:20:ed:f3:b3:df:ec:70:36:53:1d:1e:3a:eb:e0: 63:7e:3b:8f:c7:8f:e2:68:e6:fd:24:0b:79:be:db: fa:8f:99:01:9c:69:66:14:70:f7:52:66:ae:f4:ba: 0d:c3:f2:b6:a2:d1:89:4f:e3:a1:8e:23:b2:6d:d2: 11:17:ec:c5:d9:b1:df:b6:06:be:bc:b1:a1:b6:69: bb:bb:47:e9:4e:9d:5a:f6:e2:9c:ff:bd:a9:e4:39: 12:ba:72:0b:11:cc:6f:ba:d0:9c:7a:79:f9:77:ea: 21:c5:0f:08:7e:01:ca:cd:c2:34:0e:c3:2a:db:f6: 8c:08:58:67:c4:fa:e6:da:9a:7d:5b:6c:22:d0:e4: fd:f6:0f:85:6c:9b:04:a5:83:47:27:a3:a9:27:47: 27:2f:43:28:c2:f6:e2:8b:d5:de:17:87:67:76:70: 8e:0d:db:3d:ae:d6:39:bb:40:31:00:18:14:a7:28: 0a:43:e5:fc:de:14:a1:be:23:17:56:1e:01:8d:c1: 35:e1:13:52:96:18:91:cf:ec:48:b0:d4:d6:40:29: 36:8b:54:80:36:19:87:1d:02:2f:ab:6f:0b:b6:5d: 63:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:DD:31:69:E6:79:35:93:DC:FE:75:4A:FA:07:96:89:8F:74:23:08 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.57.169.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:d6:72:db:ad:e3:7a:be:26:08:d2:59:9c:19:5c:4e:b8:10: 13:ff:13:2f:0d:5d:a4:73:9b:ac:f3:8a:25:7a:0a:1f:e1:b5: be:4a:ad:4f:a0:20:cb:b7:25:de:68:ac:b8:63:b9:d6:83:a1: e8:d1:48:dc:b5:d6:79:d7:f4:19:59:31:32:43:08:c0:9d:50: 4f:cb:88:42:61:26:01:81:8d:66:c1:86:b2:7f:62:bd:c2:33: 12:78:58:5d:be:a1:f9:52:24:5a:84:58:aa:c5:55:39:30:01: 62:97:aa:a1:df:06:81:79:62:60:4e:7d:27:fb:ed:79:26:ff: d7:ca:ea:2d:78:cf:1b:38:dc:07:f3:37:2f:ef:46:49:17:be: ff:87:51:bb:93:ae:9f:72:cf:a5:a4:8f:ce:c8:a1:19:2a:c3: b9:1f:82:ca:eb:8b:4c:7b:5b:f0:cc:51:98:59:b8:d1:b8:76: d4:8e:ed:59:6e:05:c3:8e:95:cf:94:a3:e4:60:64:53:c3:70: 34:60:b7:2a:1e:e9:df:e2:b3:6a:48:07:d5:80:00:e5:c0:a3: 95:fe:ca:c0:5d:10:56:93:13:4a:0d:96:78:f0:a2:28:86:fd: f8:b5:f0:c2:cd:3d:52:47:96:b2:a5:cd:20:4a:80:d2:79:21: 99:9f:ca:5e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUW6BzujLoMT572BFFjjOSu0d7aUEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDc4YWQ5MjEwMmUxM2U2MWM0N2Q0ZTFiZWVkMTEwYzJhNjJjMzVkNmIxMDBl MWQ0ZjMxMzUyNTNkZTg1MDJjNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAjqvjDUjqzVJi6llUYNNlmvU9ywQXJi32zwQTMgCDt87Pf7HA2Ux0eOuvg Y347j8eP4mjm/SQLeb7b+o+ZAZxpZhRw91JmrvS6DcPytqLRiU/joY4jsm3SERfs xdmx37YGvryxobZpu7tH6U6dWvbinP+9qeQ5ErpyCxHMb7rQnHp5+XfqIcUPCH4B ys3CNA7DKtv2jAhYZ8T65tqafVtsItDk/fYPhWybBKWDRyejqSdHJy9DKML24ovV 3heHZ3Zwjg3bPa7WObtAMQAYFKcoCkPl/N4Uob4jF1YeAY3BNeETUpYYkc/sSLDU 1kApNotUgDYZhx0CL6tvC7ZdYzECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR93TFp 5nk1k9z+dUr6B5aJj3QjCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN BgkqhkiG9w0BAQsFAAOCAQEATNZy263jer4mCNJZnBlcTrgQE/8TLw1dpHObrPOK JXoKH+G1vkqtT6Agy7cl3misuGO51oOh6NFI3LXWedf0GVkxMkMIwJ1QT8uIQmEm AYGNZsGGsn9ivcIzEnhYXb6h+VIkWoRYqsVVOTABYpeqod8GgXliYE59J/vteSb/ 18rqLXjPGzjcB/M3L+9GSRe+/4dRu5Oun3LPpaSPzsihGSrDuR+CyuuLTHtb8MxR mFm40bh21I7tWW4Fw46Vz5Sj5GBkU8NwNGC3Kh7p3+KzakgH1YAA5cCjlf7KwF0Q VpMTSg2WePCiKIb9+LXwws09UkeWsqXNIEqA0nkhmZ/KXg== -----END CERTIFICATE-----Generated at Thu Dec 11 18:24:59 2025 by rpki-client