This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json) Hash identifier: K3d8tQjA3KlYPo3IY9QSeVWrkAvaVWYQUXAMxjOFmg8= Subject key identifier: 49:20:EE:68:3A:19:0B:0F:78:C4:CE:1A:32:AD:BB:24:8F:16:A8:5F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1E30F184943A525758E0B7029328511A3C3AF178 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa Signing time: Sat 15 Nov 2025 06:50:07 +0000 ROA not before: Sat 15 Nov 2025 06:50:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 193.57.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 21 Nov 2025 09:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:30:f1:84:94:3a:52:57:58:e0:b7:02:93:28:51:1a:3c:3a:f1:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3905cabff58aac20bc2a848de046299add6a50bd41d7c41f64d55547ca62636a, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f5:6b:e8:a4:a7:86:9a:b3:e8:17:19:8d:d7: 58:09:0f:64:32:70:af:16:e0:b6:ae:46:f6:bc:1a: 12:16:a8:c1:22:e0:14:2a:38:e8:9b:54:6d:29:e5: 89:4d:ab:1d:b2:c8:ff:12:17:3e:1b:e4:b7:30:e4: 22:f1:6c:ab:4d:54:6d:6d:65:86:9d:a1:46:65:9b: 25:6c:c6:90:72:e9:02:ed:1e:3a:2c:35:cc:7c:1b: 89:59:62:ce:88:be:af:a5:4a:79:8e:40:94:7e:06: 0f:5d:04:a5:42:56:96:0c:26:23:0c:94:40:7e:6b: 3e:3d:d3:a0:ea:8b:6d:51:9b:1d:2a:2a:be:8e:4e: 60:28:b8:5c:97:7a:22:69:24:92:85:b0:a0:f5:a6: 3e:77:0e:af:60:24:32:57:fc:ce:a9:c2:f7:31:61: 9f:af:9c:3d:9c:2a:d7:6b:52:6f:32:77:b6:ee:68: a6:9e:f2:a9:80:c2:2b:2f:af:9a:ba:2a:97:c9:50: 28:b9:3a:d7:d6:6e:a7:32:bd:48:8f:fc:17:a3:ed: 52:13:18:27:85:47:6e:cd:ea:85:10:80:30:8d:2f: 18:5e:80:1f:a9:fa:e4:bf:4d:68:9c:13:39:1f:86: 16:75:92:f6:a8:73:dc:25:42:8f:5a:36:56:a6:24: ae:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:20:EE:68:3A:19:0B:0F:78:C4:CE:1A:32:AD:BB:24:8F:16:A8:5F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.57.169.0/24 Signature Algorithm: sha256WithRSAEncryption b6:38:a3:65:f0:0d:50:b4:fe:9e:44:00:4b:8c:8c:df:8c:b9: bc:2e:30:58:a1:4f:93:fa:dd:4d:b0:b8:c9:43:56:d3:68:b5: 01:eb:95:34:51:d2:1d:5e:9e:b6:2c:12:02:da:c7:b2:7b:80: b0:b4:5c:7c:73:6d:a9:67:0d:63:c0:da:68:f9:3c:76:9e:24: b1:83:c4:2e:58:97:75:7e:88:4a:7a:f7:45:1e:97:80:8a:a1: 7a:d5:7c:6e:b1:0b:a0:6f:60:4a:64:89:b1:9f:c0:48:b2:7b: 2a:f7:0c:2c:3a:f1:55:9b:93:1e:77:eb:ce:77:73:75:df:ee: aa:8d:a3:8e:ee:4a:82:29:05:1d:76:aa:01:97:81:fe:4f:d5: e6:bf:4f:d9:33:71:f0:bb:db:0e:60:d3:31:61:db:aa:13:6a: 59:22:db:fe:0a:7b:15:35:43:a0:ec:dd:3f:6c:25:c8:41:a4: 09:6b:ef:05:66:9e:82:00:b0:26:81:04:e1:97:66:a1:64:19: d5:9b:89:5a:a5:01:e9:a8:fd:fe:05:b5:be:16:55:0c:7d:65: bb:17:61:be:cd:a7:5a:1b:8a:74:84:99:c4:7d:a9:97:11:01: 6f:6a:a8:c9:ae:3c:53:c3:54:9e:7c:5b:1d:7a:cc:18:d8:b2: 37:dd:82:66 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUHjDxhJQ6UldY4LcCkyhRGjw68XgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM5MDVjYWJmZjU4YWFjMjBiYzJhODQ4ZGUwNDYyOTlhZGQ2YTUwYmQ0MWQ3 YzQxZjY0ZDU1NTQ3Y2E2MjYzNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMH1a+ikp4aas+gXGY3XWAkPZDJwrxbgtq5G9rwaEhaowSLgFCo46JtUbSnl iU2rHbLI/xIXPhvktzDkIvFsq01UbW1lhp2hRmWbJWzGkHLpAu0eOiw1zHwbiVli zoi+r6VKeY5AlH4GD10EpUJWlgwmIwyUQH5rPj3ToOqLbVGbHSoqvo5OYCi4XJd6 ImkkkoWwoPWmPncOr2AkMlf8zqnC9zFhn6+cPZwq12tSbzJ3tu5opp7yqYDCKy+v mroql8lQKLk619ZupzK9SI/8F6PtUhMYJ4VHbs3qhRCAMI0vGF6AH6n65L9NaJwT OR+GFnWS9qhz3CVCj1o2VqYkruMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJIO5o OhkLD3jEzhoyrbskjxaoXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN BgkqhkiG9w0BAQsFAAOCAQEAtjijZfANULT+nkQAS4yM34y5vC4wWKFPk/rdTbC4 yUNW02i1AeuVNFHSHV6etiwSAtrHsnuAsLRcfHNtqWcNY8DaaPk8dp4ksYPELliX dX6ISnr3RR6XgIqhetV8brELoG9gSmSJsZ/ASLJ7KvcMLDrxVZuTHnfrzndzdd/u qo2jju5KgikFHXaqAZeB/k/V5r9P2TNx8LvbDmDTMWHbqhNqWSLb/gp7FTVDoOzd P2wlyEGkCWvvBWaeggCwJoEE4ZdmoWQZ1ZuJWqUB6aj9/gW1vhZVDH1luxdhvs2n WhuKdISZxH2plxEBb2qoya48U8NUnnxbHXrMGNiyN92CZg== -----END CERTIFICATE-----Generated at Thu Nov 20 15:50:07 2025 by rpki-client