This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json) Hash identifier: 9F0ld4lz67tEfJwCyAxKnCd8r/HEfcAErOrXRa/Fi3c= Subject key identifier: FC:F7:75:B1:90:0C:70:CC:AD:6E:E5:0A:AC:B8:9E:95:C1:62:8B:32 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3819283C0520D2CFC904C8558072220056E37267 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa Signing time: Sat 15 Nov 2025 06:40:07 +0000 ROA not before: Sat 15 Nov 2025 06:40:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 195.17.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:19:28:3c:05:20:d2:cf:c9:04:c8:55:80:72:22:00:56:e3:72:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=302bb7e48ed035d1efedc98cd7f3256482a1d819dc1414d6a9a1c7278a9e53c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:eb:5c:9f:36:7c:c1:84:d4:cd:d7:b8:a8:6a: 94:e6:02:4c:a3:07:25:e7:90:93:6d:a7:cd:f7:53: 53:43:17:e9:1c:74:d0:c6:21:9b:be:41:9e:c7:3f: e0:8f:5c:c6:f7:73:26:55:ea:b9:57:9c:6d:e5:54: d9:d8:8a:77:fc:63:0a:a7:3c:7a:6f:6b:c6:fd:a0: 02:d9:2c:bf:b4:f4:93:d3:70:82:3d:31:eb:57:cf: 52:e5:4f:e5:79:24:ed:8f:44:8b:7b:01:a8:49:3e: 30:46:7c:23:04:76:39:d9:57:19:e4:20:72:71:14: c8:f8:aa:4b:bb:94:a2:ec:af:6e:3d:0e:cb:e0:ac: f6:d8:d6:7f:9a:9b:ae:66:66:cd:fa:0b:ce:d9:8f: 2b:d4:f7:97:e1:ed:a5:36:6d:e6:9f:5c:07:e7:2f: 14:4b:4b:eb:21:23:79:e5:51:3f:3e:83:ce:60:99: 68:e0:20:a4:06:9d:0e:96:2c:78:68:75:47:13:5b: 6f:85:33:fe:52:f9:30:b8:d9:01:16:bd:87:24:21: 39:ea:3d:35:1d:8f:f6:e3:c9:a1:63:cb:e5:86:80: 2c:78:62:3f:ae:b8:6b:c7:c2:c7:53:f6:91:4b:e0: 93:40:ac:2c:c3:ad:c4:fa:4d:1b:0b:aa:d9:f4:ec: d0:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:F7:75:B1:90:0C:70:CC:AD:6E:E5:0A:AC:B8:9E:95:C1:62:8B:32 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.17.0.0/16 Signature Algorithm: sha256WithRSAEncryption 46:f9:48:bb:c2:c0:63:dc:ba:3f:62:00:3b:ef:3f:39:aa:b3: f6:e4:5f:e8:85:af:d5:9d:e6:ee:ee:71:9a:1b:37:e1:3b:82: 03:d9:d7:bb:ec:fa:7b:c1:ba:b6:c4:fd:b5:f3:53:d7:a1:13: 13:de:70:d1:da:3b:6b:e9:ed:6d:a2:f6:4f:6e:5f:50:85:98: d1:ac:72:6f:3b:d5:92:68:08:6b:92:3b:f5:29:c9:a8:97:d8: 41:1f:51:99:0e:85:bb:5d:7a:af:cf:66:c6:6b:9e:44:fc:70: 76:78:45:f2:9e:ca:15:a2:73:00:4c:7b:23:d5:36:c3:f1:c9: ce:83:80:03:f7:b2:8c:b9:77:a5:15:16:f6:06:ae:38:42:62: 50:f7:22:6d:33:9f:8a:2a:cf:67:c0:e2:49:5c:3c:8c:5a:b0: 37:d6:4e:dc:4f:d2:38:08:7f:fe:fc:0f:81:2c:db:ae:77:6e: 2c:f7:65:1b:b8:6c:13:45:13:3f:11:25:e0:71:99:9b:4a:3e: c8:7f:e3:be:3f:10:c9:62:b2:25:c1:35:b8:39:03:ed:55:2a: a7:2f:a2:fe:a0:2d:5f:a8:84:22:7e:d6:5d:33:67:f1:43:cb: cd:2a:8c:e0:67:cd:c5:1e:88:cf:17:de:d3:84:e3:36:cd:12: 67:f0:25:93 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUOBkoPAUg0s/JBMhVgHIiAFbjcmcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDMwMmJiN2U0OGVkMDM1ZDFlZmVkYzk4Y2Q3ZjMyNTY0ODJhMWQ4MTlkYzE0 MTRkNmE5YTFjNzI3OGE5ZTUzYzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIfrXJ82fMGE1M3XuKhqlOYCTKMHJeeQk22nzfdTU0MX6Rx00MYhm75Bnsc/ 4I9cxvdzJlXquVecbeVU2diKd/xjCqc8em9rxv2gAtksv7T0k9Nwgj0x61fPUuVP 5Xkk7Y9Ei3sBqEk+MEZ8IwR2OdlXGeQgcnEUyPiqS7uUouyvbj0Oy+Cs9tjWf5qb rmZmzfoLztmPK9T3l+HtpTZt5p9cB+cvFEtL6yEjeeVRPz6DzmCZaOAgpAadDpYs eGh1RxNbb4Uz/lL5MLjZARa9hyQhOeo9NR2P9uPJoWPL5YaALHhiP664a8fCx1P2 kUvgk0CsLMOtxPpNGwuq2fTs0N0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT893Wx kAxwzK1u5QqsuJ6VwWKLMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G CSqGSIb3DQEBCwUAA4IBAQBG+Ui7wsBj3Lo/YgA77z85qrP25F/oha/Vnebu7nGa GzfhO4ID2de77Pp7wbq2xP2181PXoRMT3nDR2jtr6e1tovZPbl9QhZjRrHJvO9WS aAhrkjv1Kcmol9hBH1GZDoW7XXqvz2bGa55E/HB2eEXynsoVonMATHsj1TbD8cnO g4AD97KMuXelFRb2Bq44QmJQ9yJtM5+KKs9nwOJJXDyMWrA31k7cT9I4CH/+/A+B LNuud24s92UbuGwTRRM/ESXgcZmbSj7If+O+PxDJYrIlwTW4OQPtVSqnL6L+oC1f qIQiftZdM2fxQ8vNKozgZ83FHojPF97ThOM2zRJn8CWT -----END CERTIFICATE-----Generated at Sun Dec 7 12:26:14 2025 by rpki-client