This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json) Hash identifier: 0340aMVwAGfdfSElwfXK3hK5FdGSJJjhycLQGjepObY= Subject key identifier: 6B:1A:18:54:97:06:D3:70:46:D3:1D:9A:A6:3A:CA:CE:D3:0C:94:44 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 764C59ACD608CA90A4F105292701DC91DA941C03 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa Signing time: Wed 10 Dec 2025 06:40:37 +0000 ROA not before: Wed 10 Dec 2025 06:40:37 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 195.17.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:4c:59:ac:d6:08:ca:90:a4:f1:05:29:27:01:dc:91:da:94:1c:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:37 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=20f056091cfbb04b2c093d0fcabc5019ac9319aa1cd64d74d5140e1ac54f0212, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:87:f9:4f:9d:70:1e:1e:eb:38:1e:10:70:91: 3c:74:29:38:d8:33:ff:bd:62:98:ca:29:1b:87:cc: 6e:30:c2:e7:6d:aa:5e:c5:b2:4e:28:21:22:3d:70: bc:84:47:a4:4c:fe:b2:3a:fc:75:29:ee:3c:cb:0a: 42:c3:71:0f:c2:aa:6a:da:df:cf:3d:4b:3c:d1:1a: ab:50:7e:2a:0b:1d:db:29:80:da:3c:f2:d5:9d:e9: 00:3b:48:c4:a2:2f:49:f3:97:a0:32:49:e1:44:29: e0:17:2d:1a:a2:f3:61:85:75:e4:4f:dc:0f:55:d6: 4e:61:28:d3:69:e7:93:be:3f:27:d5:57:40:07:79: 12:52:b2:03:79:a6:26:7c:09:47:77:2d:7f:5b:1c: 5f:37:59:04:b1:b2:97:2d:41:7c:89:b1:51:72:48: 80:51:7b:55:e7:58:4a:e9:e1:a0:17:da:ca:47:37: 83:42:9e:41:8a:51:f9:6c:f7:5c:fd:87:03:0a:8a: 59:68:f0:40:20:82:23:ed:69:ef:2a:11:d1:38:99: 45:9f:d3:c5:9b:7c:99:fc:8b:43:03:be:44:de:df: bc:e7:8f:79:3b:10:e6:63:92:9a:3a:ab:b4:e6:76: 3b:20:fb:a7:d0:30:41:3a:9f:6a:51:91:4d:a2:29: e2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:1A:18:54:97:06:D3:70:46:D3:1D:9A:A6:3A:CA:CE:D3:0C:94:44 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.17.0.0/16 Signature Algorithm: sha256WithRSAEncryption c0:24:ac:85:dd:e8:5e:e0:f5:fb:d6:29:73:f8:ce:bb:b8:cc: c3:14:ed:ae:34:0f:ae:c1:3c:42:b4:fe:e8:de:5b:2e:99:1a: 34:0d:ed:23:29:9c:e7:94:f7:d7:fa:5a:cc:01:e0:5b:70:b1: ac:9b:4c:81:a4:f4:21:16:9b:1a:c2:f1:c6:96:53:1b:69:0b: f0:8f:eb:4f:fd:d0:d0:55:e1:2d:91:f4:b9:b3:4b:e9:f0:74: 1f:68:92:22:43:70:2c:cd:7c:b6:19:80:99:01:ac:c0:f7:c6: 40:4f:67:5f:4b:b7:88:dc:a8:34:36:9f:2f:fe:f1:18:d9:b1: e8:a1:8a:a1:71:51:99:78:3f:98:8a:77:25:1b:99:4c:18:f1: 26:28:04:b4:c9:a9:33:3a:8d:9d:48:4a:ee:a9:f3:bf:f0:8f: 39:a4:44:d2:fe:bb:f8:8c:9f:ea:fb:c9:bb:a1:72:14:fc:27: 27:b3:59:8e:aa:94:92:f9:83:a5:f5:ef:40:8e:1f:e5:c6:46: 59:a3:1a:69:0b:53:0e:fc:68:29:31:cd:49:31:d9:05:e3:a6: aa:db:31:cb:55:40:d1:4b:35:1a:5f:bc:ff:a1:df:fe:9c:28: bd:ce:0e:c9:af:f9:8d:cb:e1:ee:d7:a6:6e:01:d5:51:24:80: d1:53:f8:39 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUdkxZrNYIypCk8QUpJwHckdqUHAMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIwZjA1NjA5MWNmYmIwNGIyYzA5M2QwZmNhYmM1MDE5YWM5MzE5YWExY2Q2 NGQ3NGQ1MTQwZTFhYzU0ZjAyMTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuH+U+dcB4e6zgeEHCRPHQpONgz/71imMopG4fMbjDC522qXsWyTighIj1w vIRHpEz+sjr8dSnuPMsKQsNxD8Kqatrfzz1LPNEaq1B+Kgsd2ymA2jzy1Z3pADtI xKIvSfOXoDJJ4UQp4BctGqLzYYV15E/cD1XWTmEo02nnk74/J9VXQAd5ElKyA3mm JnwJR3ctf1scXzdZBLGyly1BfImxUXJIgFF7VedYSunhoBfaykc3g0KeQYpR+Wz3 XP2HAwqKWWjwQCCCI+1p7yoR0TiZRZ/TxZt8mfyLQwO+RN7fvOePeTsQ5mOSmjqr tOZ2OyD7p9AwQTqfalGRTaIp4r0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrGhhU lwbTcEbTHZqmOsrO0wyURDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G CSqGSIb3DQEBCwUAA4IBAQDAJKyF3ehe4PX71ilz+M67uMzDFO2uNA+uwTxCtP7o 3lsumRo0De0jKZznlPfX+lrMAeBbcLGsm0yBpPQhFpsawvHGllMbaQvwj+tP/dDQ VeEtkfS5s0vp8HQfaJIiQ3AszXy2GYCZAazA98ZAT2dfS7eI3Kg0Np8v/vEY2bHo oYqhcVGZeD+YinclG5lMGPEmKAS0yakzOo2dSEruqfO/8I85pETS/rv4jJ/q+8m7 oXIU/Ccns1mOqpSS+YOl9e9Ajh/lxkZZoxppC1MO/GgpMc1JMdkF46aq2zHLVUDR SzUaX7z/od/+nCi9zg7Jr/mNy+Hu16ZuAdVRJIDRU/g5 -----END CERTIFICATE-----Generated at Mon Dec 15 04:56:54 2025 by rpki-client