This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json) Hash identifier: whoPEdNe31bAB4MAlIJoRkUM1zcV8xN7R9lOz2ybueU= Subject key identifier: 16:C0:2B:9E:C8:43:F6:34:AF:68:1E:3F:6F:D9:D9:56:CA:97:9F:61 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2EA0BEC9666B8417683CA144F17752D93101E51C Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa Signing time: Wed 10 Dec 2025 06:50:38 +0000 ROA not before: Wed 10 Dec 2025 06:50:38 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 143.65.224.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:a0:be:c9:66:6b:84:17:68:3c:a1:44:f1:77:52:d9:31:01:e5:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:38 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a00603cff428c3ae0a8a36a664fef4066c8d7396d7475ee610fbf3c66a0e06d1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:9f:2e:d2:1c:ce:fb:e5:1e:27:cc:76:ec:c5: fd:28:76:ac:bd:a6:71:2b:72:70:b6:e3:f5:ad:ef: 2b:c3:09:0f:39:99:f4:8f:c0:b4:4c:85:ef:9d:38: e2:6e:c7:70:eb:96:4e:60:10:d5:54:9f:28:c9:4a: 1d:6d:17:fe:e3:02:bd:fd:17:b4:e2:36:15:ee:c4: ab:c5:ae:87:3c:5e:3a:74:04:e1:bb:a4:ae:a0:0d: 4a:f0:3c:1f:dd:ef:ed:0b:37:02:d2:c7:e4:e5:46: 1c:8e:2c:b1:d1:ff:ec:88:9b:a8:df:c4:98:81:1b: c8:ab:9e:d1:41:fd:c1:c6:9e:fe:b1:3c:0e:83:f3: b5:ec:b8:ae:3a:d1:71:aa:61:0b:d7:33:24:d5:69: 58:99:9a:a0:07:57:b1:af:ce:07:80:cc:ac:93:79: 97:d7:f5:46:8c:2b:4e:42:50:97:f3:2f:ad:0b:37: 35:d3:55:65:2f:a4:a6:39:c5:1a:ce:1e:bd:81:ec: aa:2b:ce:5a:f7:cc:6b:53:0e:95:5c:43:f5:fb:5d: f1:a8:12:0b:f3:87:6d:52:6b:f0:d9:33:5f:4c:86: 77:cf:81:5f:d5:29:08:8c:18:6a:eb:dc:30:d0:6b: 75:78:89:f4:2c:6e:4e:33:ef:0f:b9:0e:99:b2:6d: 50:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:C0:2B:9E:C8:43:F6:34:AF:68:1E:3F:6F:D9:D9:56:CA:97:9F:61 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.65.224.0/19 Signature Algorithm: sha256WithRSAEncryption 0c:77:fb:67:f3:7c:55:df:2d:95:3a:bf:49:ba:0c:4d:ea:ee: b9:1d:68:b1:7c:b7:f0:0e:42:9e:41:9b:a5:c8:d6:1e:99:1f: 2f:56:82:8a:1f:f5:da:d6:de:7b:9d:e2:b3:e0:ef:59:23:c3: 69:64:7d:fd:a2:47:8c:1f:7d:7f:70:56:05:2f:46:70:35:a5: bd:c5:57:80:aa:a9:2e:11:d2:f1:5a:a9:49:65:91:28:bf:cb: 94:67:ad:f5:c0:f5:a0:7e:f0:65:74:af:97:72:81:50:90:3f: 0b:09:27:c8:ba:e4:56:80:e6:ad:af:3d:84:bb:ea:dd:83:7e: ef:a6:e6:d9:a5:fc:06:0a:91:fa:2a:01:57:50:39:21:1f:74: d7:8c:0b:8d:e4:52:09:4a:90:89:e1:8d:59:ed:31:65:c9:cb: 17:0f:0f:45:28:f7:c7:db:12:1d:b8:bc:69:38:b5:d9:97:61: db:73:d3:a5:09:85:76:79:08:c4:53:e9:45:f5:4e:ae:56:df: 11:ac:f7:15:ef:44:ae:e9:b7:21:9e:68:4e:46:77:14:92:18: 03:4b:35:cd:6b:b9:dc:ef:f7:05:4a:78:d0:70:b8:7a:69:27: 79:20:ce:29:79:b8:11:bf:b2:f5:c9:3d:c7:6b:b2:c2:b3:ea: 2e:fa:7b:7f -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIULqC+yWZrhBdoPKFE8XdS2TEB5RwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEwMDYwM2NmZjQyOGMzYWUwYThhMzZhNjY0ZmVmNDA2NmM4ZDczOTZkNzQ3 NWVlNjEwZmJmM2M2NmEwZTA2ZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKKfLtIczvvlHifMduzF/Sh2rL2mcStycLbj9a3vK8MJDzmZ9I/AtEyF7504 4m7HcOuWTmAQ1VSfKMlKHW0X/uMCvf0XtOI2Fe7Eq8WuhzxeOnQE4bukrqANSvA8 H93v7Qs3AtLH5OVGHI4ssdH/7IibqN/EmIEbyKue0UH9wcae/rE8DoPztey4rjrR caphC9czJNVpWJmaoAdXsa/OB4DMrJN5l9f1RowrTkJQl/MvrQs3NdNVZS+kpjnF Gs4evYHsqivOWvfMa1MOlVxD9ftd8agSC/OHbVJr8NkzX0yGd8+BX9UpCIwYauvc MNBrdXiJ9CxuTjPvD7kOmbJtUNUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQWwCue yEP2NK9oHj9v2dlWypefYTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN BgkqhkiG9w0BAQsFAAOCAQEADHf7Z/N8Vd8tlTq/SboMTeruuR1osXy38A5CnkGb pcjWHpkfL1aCih/12tbee53is+DvWSPDaWR9/aJHjB99f3BWBS9GcDWlvcVXgKqp LhHS8VqpSWWRKL/LlGet9cD1oH7wZXSvl3KBUJA/CwknyLrkVoDmra89hLvq3YN+ 76bm2aX8BgqR+ioBV1A5IR9014wLjeRSCUqQieGNWe0xZcnLFw8PRSj3x9sSHbi8 aTi12Zdh23PTpQmFdnkIxFPpRfVOrlbfEaz3Fe9Erum3IZ5oTkZ3FJIYA0s1zWu5 3O/3BUp40HC4emkneSDOKXm4Eb+y9ck9x2uywrPqLvp7fw== -----END CERTIFICATE-----Generated at Thu Jan 22 22:17:42 2026 by rpki-client