This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json) Hash identifier: WTuJ+rNAVxF0IdYE0GcIbof+ekyuv9btWx/8gDuPXQc= Subject key identifier: F7:19:CE:07:FC:CF:A9:DA:0D:2E:60:2B:0F:75:DC:05:98:89:9F:F6 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 777E8871DA1FE8FE9D6E1888B42E90E64FEAEB61 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa Signing time: Sat 15 Nov 2025 06:50:22 +0000 ROA not before: Sat 15 Nov 2025 06:50:22 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 195.17.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 29 Nov 2025 14:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:7e:88:71:da:1f:e8:fe:9d:6e:18:88:b4:2e:90:e6:4f:ea:eb:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:22 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=0f1ec018ce9cd9a8648b93ca4efe420032aa789f7f52f31ebd5ca1a7883889c8, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7b:66:88:19:9d:eb:9e:b2:29:d9:3b:c4:3f: 1d:83:b6:bc:48:da:83:11:ff:9b:9c:c2:7b:89:a6: 1f:e9:de:a6:03:8f:a9:90:c2:d1:e6:d1:b3:96:1b: 58:e3:dc:9c:b6:ee:ef:01:62:7f:f5:e2:71:07:b2: 58:5e:f4:b3:11:85:c5:bd:16:57:66:65:b9:a4:6c: 47:63:d4:b5:11:d4:7b:02:af:93:bf:85:d8:8e:9d: a5:44:1d:35:15:24:0b:18:d9:aa:08:ed:06:e5:49: 9a:48:60:51:a2:91:f2:75:c3:22:d5:7b:82:5f:75: bb:c2:a4:f1:42:36:44:59:6f:9e:86:2c:a0:2d:c9: 2e:4b:b5:c2:33:1b:ca:55:e8:db:80:d0:80:2e:0b: a6:4a:3c:5a:ea:c2:d8:5a:b0:97:9c:89:84:54:5b: 99:d5:27:c4:d2:8a:07:bf:57:6e:a7:a3:ac:2a:9e: 51:5b:4e:77:33:1f:9c:4b:39:03:91:48:92:1a:75: 5d:33:77:35:ff:90:16:db:5c:ed:01:27:12:25:55: 51:9c:85:73:09:16:54:a6:de:a0:b3:94:3b:d9:97: a6:8f:3f:e3:77:e2:c0:4e:ec:e9:e1:4e:3b:68:ad: 68:a6:27:bf:e7:3c:19:34:c1:02:99:a7:8b:ee:01: 62:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:19:CE:07:FC:CF:A9:DA:0D:2E:60:2B:0F:75:DC:05:98:89:9F:F6 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.17.0.0/24 Signature Algorithm: sha256WithRSAEncryption 39:c2:4f:98:89:4b:73:4a:a2:c6:c6:07:2c:3f:9b:c3:e1:05: 48:a4:20:d6:a5:95:cb:85:1a:b6:de:ef:03:d8:c7:7a:8a:4f: 3a:ac:10:30:29:bf:5f:59:9c:16:3a:07:39:57:e3:13:43:d6: 19:1b:8f:72:0f:c9:cc:3e:ed:19:c4:87:b0:cf:99:4f:d5:8c: 61:57:42:f1:bd:2e:68:b0:07:7a:fd:a8:71:3a:79:8e:2a:80: 85:91:63:2d:8d:91:85:cb:aa:23:9f:81:68:fc:d0:a2:47:38: d6:48:1d:e9:3d:8e:87:56:31:e8:db:fc:18:3f:f5:33:63:e4: 11:1e:f6:a1:7f:e2:9c:03:ef:d9:ab:df:89:11:d4:b4:fe:74: 07:03:aa:bf:cb:5e:7c:04:6d:61:52:6a:7e:73:e7:24:e8:46: 74:fc:48:00:20:d4:b0:89:2e:1b:7c:05:10:92:4f:81:43:51: 5c:e9:b1:34:a7:53:e7:a4:6e:cf:ed:a1:3f:30:24:56:71:58: df:04:a4:3a:0f:a1:9b:20:b7:89:3f:78:14:2e:f0:fc:7b:57: fa:34:09:e9:30:18:8d:3f:77:bb:5d:66:c0:d1:20:46:dd:fb: cc:a6:59:90:0c:c2:77:1c:65:84:ac:24:ad:c0:d8:f6:94:29: 2f:a5:f4:47 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUd36Icdof6P6dbhiItC6Q5k/q62EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDBmMWVjMDE4Y2U5Y2Q5YTg2NDhiOTNjYTRlZmU0MjAwMzJhYTc4OWY3ZjUy ZjMxZWJkNWNhMWE3ODgzODg5YzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJx7ZogZneuesinZO8Q/HYO2vEjagxH/m5zCe4mmH+nepgOPqZDC0ebRs5Yb WOPcnLbu7wFif/XicQeyWF70sxGFxb0WV2ZluaRsR2PUtRHUewKvk7+F2I6dpUQd NRUkCxjZqgjtBuVJmkhgUaKR8nXDItV7gl91u8Kk8UI2RFlvnoYsoC3JLku1wjMb ylXo24DQgC4Lpko8WurC2Fqwl5yJhFRbmdUnxNKKB79XbqejrCqeUVtOdzMfnEs5 A5FIkhp1XTN3Nf+QFttc7QEnEiVVUZyFcwkWVKbeoLOUO9mXpo8/43fiwE7s6eFO O2itaKYnv+c8GTTBApmni+4BYkcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3Gc4H /M+p2g0uYCsPddwFmImf9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN BgkqhkiG9w0BAQsFAAOCAQEAOcJPmIlLc0qixsYHLD+bw+EFSKQg1qWVy4Uatt7v A9jHeopPOqwQMCm/X1mcFjoHOVfjE0PWGRuPcg/JzD7tGcSHsM+ZT9WMYVdC8b0u aLAHev2ocTp5jiqAhZFjLY2RhcuqI5+BaPzQokc41kgd6T2Oh1Yx6Nv8GD/1M2Pk ER72oX/inAPv2avfiRHUtP50BwOqv8tefARtYVJqfnPnJOhGdPxIACDUsIkuG3wF EJJPgUNRXOmxNKdT56Ruz+2hPzAkVnFY3wSkOg+hmyC3iT94FC7w/HtX+jQJ6TAY jT93u11mwNEgRt37zKZZkAzCdxxlhKwkrcDY9pQpL6X0Rw== -----END CERTIFICATE-----Generated at Fri Nov 28 23:57:28 2025 by rpki-client