This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json) Hash identifier: VJQdYMzsaLEj45ByWgnVwxOrj+OiX7yRh2GFLf4w5Ww= Subject key identifier: 84:DC:67:68:C5:EC:1C:2F:30:E7:CF:60:AE:0C:D3:7F:92:D0:AE:6D Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 586C5A5B886C57507F27DD21CCB72B3200B27748 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa Signing time: Tue 25 Nov 2025 20:10:25 +0000 ROA not before: Tue 25 Nov 2025 20:10:25 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 80.203.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:6c:5a:5b:88:6c:57:50:7f:27:dd:21:cc:b7:2b:32:00:b2:77:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:25 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=46495c500451c9afc7f4b8bb6d48622a08ca3963e0aff436b2c3484876ae375b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:32:d1:5b:8b:1b:d8:08:8b:1a:36:12:f4:ac: 31:85:2b:32:37:eb:5d:14:68:4b:b8:38:17:46:a9: e2:5b:ea:71:18:cb:de:1c:83:92:10:4b:1d:c5:f5: 72:69:d7:18:55:3d:5b:ed:b6:17:f2:9b:ee:56:bd: 7b:f7:d0:73:d2:7f:c7:50:a3:bc:fe:0a:8c:92:69: be:e2:4b:a6:fb:fc:99:d6:18:d0:e0:68:17:99:ad: 56:15:f3:55:b9:4e:77:98:02:08:bd:59:cc:13:e0: 4e:66:5c:da:8f:1e:72:f5:dd:cc:f0:94:f8:1b:d2: 03:ec:35:21:81:6d:a2:d0:8c:cd:01:74:10:3a:ac: 53:e8:b9:43:b3:74:1c:72:b4:3c:50:8d:d9:f8:3e: 6c:97:5a:af:d8:9a:a6:e4:f5:de:7e:ac:3f:1c:69: 89:fb:b4:47:d7:d4:ae:3d:96:30:87:67:47:8d:30: a7:70:d3:5a:c3:da:5d:97:9a:83:23:01:9c:27:cf: 73:15:99:0c:f3:b5:bf:58:9e:7b:2c:b8:36:8e:cd: d4:43:60:77:ab:73:98:26:78:54:ae:54:ff:dd:f5: 14:de:04:16:70:51:ce:13:5a:8c:5d:19:3d:d4:3d: 2d:71:4a:09:dd:93:f7:e0:7f:29:73:26:cd:65:25: 7d:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:DC:67:68:C5:EC:1C:2F:30:E7:CF:60:AE:0C:D3:7F:92:D0:AE:6D X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.203.128.0/17 Signature Algorithm: sha256WithRSAEncryption 1a:e7:ee:39:ed:15:8b:3c:b7:52:7f:8b:63:9f:b9:35:b1:41: 34:c0:d1:b9:50:81:3d:cd:40:ea:44:18:a6:98:bf:ca:94:48: 79:0d:82:4f:31:58:60:55:31:17:07:93:18:a8:f0:6d:be:ce: d7:59:89:04:f8:7a:02:dc:e8:9c:38:3b:71:fe:56:5c:d4:24: 13:b5:5e:57:ff:60:74:b7:63:ca:d3:29:f6:52:1f:6d:67:97: f3:6e:37:fd:f4:68:ec:55:1a:c4:e6:aa:d0:61:7d:a5:78:2d: bf:46:e5:ef:e6:e0:aa:fa:a9:0a:8c:a6:d5:a7:42:bc:9a:a3: 91:90:b0:0e:a8:9d:bf:22:6b:69:1d:89:c6:65:a8:23:59:60: 2f:fa:9e:4b:b7:24:f1:cb:d4:a9:51:f8:57:7a:20:be:2e:31: 5f:b4:b2:bb:dc:87:63:c7:e0:bc:f6:f6:e9:e0:5b:c0:62:09: 1f:68:25:e0:ce:81:09:64:82:28:7c:0e:68:bb:ad:20:67:d7: ae:ed:a0:44:08:00:6e:bf:30:be:97:51:4d:7d:06:a1:be:ac: 31:dc:c6:b1:7e:5b:26:e9:29:8b:d3:e1:29:69:e8:a5:73:e1: 63:08:86:b7:c6:75:01:fb:c9:fa:70:9c:dc:f6:a7:e7:f9:f4: 03:9c:25:9b -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUWGxaW4hsV1B/J90hzLcrMgCyd0gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDQ2NDk1YzUwMDQ1MWM5YWZjN2Y0YjhiYjZkNDg2MjJhMDhjYTM5NjNlMGFm ZjQzNmIyYzM0ODQ4NzZhZTM3NWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALgy0VuLG9gIixo2EvSsMYUrMjfrXRRoS7g4F0ap4lvqcRjL3hyDkhBLHcX1 cmnXGFU9W+22F/Kb7la9e/fQc9J/x1CjvP4KjJJpvuJLpvv8mdYY0OBoF5mtVhXz VblOd5gCCL1ZzBPgTmZc2o8ecvXdzPCU+BvSA+w1IYFtotCMzQF0EDqsU+i5Q7N0 HHK0PFCN2fg+bJdar9iapuT13n6sPxxpifu0R9fUrj2WMIdnR40wp3DTWsPaXZea gyMBnCfPcxWZDPO1v1ieeyy4No7N1ENgd6tzmCZ4VK5U/931FN4EFnBRzhNajF0Z PdQ9LXFKCd2T9+B/KXMmzWUlfXUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSE3Gdo xewcLzDnz2CuDNN/ktCubTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN BgkqhkiG9w0BAQsFAAOCAQEAGufuOe0Vizy3Un+LY5+5NbFBNMDRuVCBPc1A6kQY ppi/ypRIeQ2CTzFYYFUxFweTGKjwbb7O11mJBPh6AtzonDg7cf5WXNQkE7VeV/9g dLdjytMp9lIfbWeX8243/fRo7FUaxOaq0GF9pXgtv0bl7+bgqvqpCoym1adCvJqj kZCwDqidvyJraR2JxmWoI1lgL/qeS7ck8cvUqVH4V3ogvi4xX7Syu9yHY8fgvPb2 6eBbwGIJH2gl4M6BCWSCKHwOaLutIGfXru2gRAgAbr8wvpdRTX0Gob6sMdzGsX5b Jukpi9PhKWnopXPhYwiGt8Z1AfvJ+nCc3Pan5/n0A5wlmw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:20 2025 by rpki-client