This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json) Hash identifier: phE45h710dtLWoY96lz3mhrjL+41LK6oYeWfOPdceOs= Subject key identifier: 42:A6:03:E5:95:77:67:0E:E7:39:B6:04:57:62:D2:1D:D2:ED:55:83 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 539E7E515559FBB387425C1238F083AA0AF7FA51 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa Signing time: Tue 25 Nov 2025 20:10:08 +0000 ROA not before: Tue 25 Nov 2025 20:10:08 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 130.24.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:9e:7e:51:55:59:fb:b3:87:42:5c:12:38:f0:83:aa:0a:f7:fa:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:08 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=26ffe83dfa1bd5bbaca5792dd976181ffcd7eb92b9c0a6ddba2d1213a0238d59, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f2:42:1e:b6:5c:6e:e1:6f:82:2a:c1:d1:84: 2c:3f:a1:f3:09:92:ac:6e:c7:70:2c:a4:03:f8:fd: 72:9e:0d:93:07:37:01:f3:1f:de:9e:78:1a:80:39: 88:e5:7a:49:54:23:6f:bb:6a:a0:d8:1e:57:02:15: 7d:70:7f:ae:c2:91:55:e1:5f:4c:be:3c:03:ae:a4: ab:3d:e7:e7:96:00:e5:57:e0:79:00:44:b3:31:87: b4:fa:27:e7:8f:80:08:ff:65:bd:61:83:9e:f1:99: a5:0a:ea:43:93:77:af:82:09:aa:0d:0f:1e:4f:24: 1c:b5:39:a6:1d:57:c7:8c:4c:55:38:59:6c:7f:16: 4b:86:35:c7:b8:e3:b0:5f:8d:67:a7:c4:36:7d:2f: 7f:ae:91:24:60:1d:39:a3:62:b4:34:c4:b1:73:57: e2:2d:b9:e7:a1:cc:4a:03:71:61:b5:f4:12:7a:e2: 76:2a:d2:31:2b:1f:09:ca:92:4b:19:31:24:c4:83: 27:94:b1:fe:6e:bc:d2:91:00:a4:3f:8b:1d:ee:0a: 3f:82:3d:ba:5b:c8:03:01:c6:5f:22:9c:2c:b4:c1: 90:3f:d3:5a:01:64:23:c2:15:07:40:87:ea:d0:fa: bf:4a:ab:0b:13:b3:86:d5:84:46:14:74:18:e1:61: 3b:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:A6:03:E5:95:77:67:0E:E7:39:B6:04:57:62:D2:1D:D2:ED:55:83 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 130.24.0.0/16 Signature Algorithm: sha256WithRSAEncryption c3:7e:02:0c:61:fd:6a:fd:64:00:11:56:e3:76:74:de:c5:d1: 9b:98:43:7e:cb:27:f8:a2:dc:9f:2e:4e:70:b7:40:28:3a:90: 6f:c9:b5:60:e0:b2:3b:92:32:dc:d9:bb:72:04:b3:4d:07:70: 55:38:e9:71:af:fb:db:42:42:02:26:fe:c5:a8:f1:23:a2:ca: 35:3b:49:2a:d1:80:e6:95:5c:78:49:8a:b5:e0:8a:70:db:72: 2d:bd:70:6c:a7:16:d3:2a:46:87:a5:b8:41:c0:14:99:dd:e0: fb:73:96:08:69:24:0d:a5:17:25:4c:cc:d4:d0:be:c4:30:50: a8:c5:d4:8d:c6:8b:2c:3e:30:2c:5f:79:2d:df:f0:84:c6:33: cb:87:b2:a0:d4:d6:e4:f5:db:c6:17:af:76:5a:bd:21:2c:13: 18:c7:17:b0:5d:9d:50:1b:54:c5:81:c9:e1:5b:d9:50:29:d9: 3c:9b:69:55:48:e9:35:9a:ef:f9:bc:cf:5f:53:86:05:5d:37: 11:43:23:3e:f7:06:92:92:a3:e8:0c:ea:42:aa:0f:aa:7f:ef: 50:b3:fc:69:25:d0:80:91:32:d8:9d:b4:af:7a:db:0b:60:09: 8c:49:36:f9:66:2a:07:ed:74:3c:f8:5c:65:5a:f8:55:e1:e7: cb:80:15:6d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUU55+UVVZ+7OHQlwSOPCDqgr3+lEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDhaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDI2ZmZlODNkZmExYmQ1YmJhY2E1NzkyZGQ5NzYxODFmZmNkN2ViOTJiOWMw YTZkZGJhMmQxMjEzYTAyMzhkNTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjyQh62XG7hb4IqwdGELD+h8wmSrG7HcCykA/j9cp4Nkwc3AfMf3p54GoA5 iOV6SVQjb7tqoNgeVwIVfXB/rsKRVeFfTL48A66kqz3n55YA5VfgeQBEszGHtPon 54+ACP9lvWGDnvGZpQrqQ5N3r4IJqg0PHk8kHLU5ph1Xx4xMVThZbH8WS4Y1x7jj sF+NZ6fENn0vf66RJGAdOaNitDTEsXNX4i2556HMSgNxYbX0EnridirSMSsfCcqS SxkxJMSDJ5Sx/m680pEApD+LHe4KP4I9ulvIAwHGXyKcLLTBkD/TWgFkI8IVB0CH 6tD6v0qrCxOzhtWERhR0GOFhO2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRCpgPl lXdnDuc5tgRXYtId0u1VgzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G CSqGSIb3DQEBCwUAA4IBAQDDfgIMYf1q/WQAEVbjdnTexdGbmEN+yyf4otyfLk5w t0AoOpBvybVg4LI7kjLc2btyBLNNB3BVOOlxr/vbQkICJv7FqPEjoso1O0kq0YDm lVx4SYq14Ipw23ItvXBspxbTKkaHpbhBwBSZ3eD7c5YIaSQNpRclTMzU0L7EMFCo xdSNxossPjAsX3kt3/CExjPLh7Kg1Nbk9dvGF692Wr0hLBMYxxewXZ1QG1TFgcnh W9lQKdk8m2lVSOk1mu/5vM9fU4YFXTcRQyM+9waSkqPoDOpCqg+qf+9Qs/xpJdCA kTLYnbSvetsLYAmMSTb5ZioH7XQ8+FxlWvhV4efLgBVt -----END CERTIFICATE-----Generated at Sat Dec 6 09:56:45 2025 by rpki-client