This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa File: 387a5e5f-3658-431f-b236-d486cddcae07.roa (raw, json) Hash identifier: UumM8ELxUhGFFtsZbKPIWA8ov+Cgtu5WSq3yszAwBPA= Subject key identifier: 79:CC:1C:BE:DD:6A:08:EC:30:90:05:7A:A8:87:57:12:FE:14:10:CA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 45F3F843C7BE773448F290A7A1E3761AEC7A083B Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa Signing time: Sat 29 Nov 2025 00:00:30 +0000 ROA not before: Sat 29 Nov 2025 00:00:30 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 83.119.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:f3:f8:43:c7:be:77:34:48:f2:90:a7:a1:e3:76:1a:ec:7a:08:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 29 00:00:30 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=98247c8265cb603c6c3a0889dbbdb38e38005bedf95f43005d30514a03a9eb87, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8a:11:08:61:b0:e9:fc:af:2e:ce:58:44:5e: 4a:1a:c2:5a:79:6a:48:09:8a:fb:07:24:ea:85:36: 32:f9:0a:f0:8d:ab:04:97:7d:b9:01:fe:bc:c5:d0: 53:0c:5d:81:f4:e2:6a:28:92:99:6b:08:bf:c6:72: 8a:3a:1a:85:6a:4e:0b:64:e9:41:93:a4:fb:bb:70: 94:e0:7b:e1:58:99:43:83:4f:d3:39:a8:92:14:3a: 22:87:f4:9f:0f:96:73:ca:2c:cf:97:60:75:5d:aa: 39:a0:1a:48:c2:aa:64:92:e6:3f:90:6e:a5:93:60: 60:1a:b0:63:4d:ec:b7:99:c9:a3:ac:bc:7e:1b:81: 22:2d:17:b2:b9:33:30:d9:b7:0c:09:f2:30:ff:9e: 9e:e9:da:b3:d8:6b:b0:bd:58:dd:32:d7:d3:ea:14: 8e:5c:8a:63:bf:29:9a:32:fb:46:31:99:71:68:a0: d5:df:de:76:22:eb:db:4f:03:5e:60:3b:3f:65:31: 05:fc:49:f3:04:2e:90:bd:ed:fc:e5:2b:9a:fd:f3: fd:67:61:e8:0c:33:ea:b4:4d:cc:27:b9:39:3d:72: 6f:32:e4:a0:2c:16:86:57:71:14:4d:9c:b6:bf:ba: ee:08:1d:45:12:b6:0e:40:f9:3e:c6:bb:c5:13:f0: e2:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:CC:1C:BE:DD:6A:08:EC:30:90:05:7A:A8:87:57:12:FE:14:10:CA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.119.128.0/17 Signature Algorithm: sha256WithRSAEncryption a0:17:7a:23:39:96:67:f7:e8:fc:52:3a:1a:42:5c:0e:e2:1b: 9c:6c:b9:55:b9:ab:3b:42:e8:37:06:d7:56:93:78:38:60:a3: eb:38:e3:cd:ad:95:63:60:f2:16:96:90:d3:3e:a2:5a:87:cc: 87:96:74:03:17:03:00:b1:6f:d4:e8:a8:e3:d5:49:01:50:3c: 9e:df:4a:5a:0f:0e:54:44:91:d5:c6:d9:47:05:1d:f2:a6:c8: 55:b6:02:26:a5:1c:ef:95:54:ed:60:b1:4d:4b:21:45:f5:f3: 2d:20:cd:7a:12:38:81:79:54:6d:8f:7b:2b:27:91:35:df:42: 8a:d5:d8:fd:fb:e5:4d:ae:f5:ae:2e:4f:0c:b7:47:e1:c1:45: f1:5d:40:8a:43:6d:68:96:35:76:b6:17:d7:b1:b8:e0:31:c2: 12:b2:0e:2d:3a:c1:62:41:cd:1f:fa:3f:4f:d0:e9:57:ef:b3: fc:b6:65:e1:e0:35:12:cd:52:eb:b5:28:a3:84:f6:75:3d:65: e6:f6:35:c7:98:96:14:3f:dd:f1:6b:13:b4:7d:28:60:4a:2e: 02:1b:3f:a4:cb:d2:a1:29:25:43:e5:69:7a:18:fc:16:f8:2e: 95:2f:75:2c:95:ca:86:9e:ab:74:f3:66:5d:ac:fa:75:6e:ec: 67:e9:f7:62 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIURfP4Q8e+dzRI8pCnoeN2Gux6CDswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjkwMDAwMzBaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDk4MjQ3YzgyNjVjYjYwM2M2YzNhMDg4OWRiYmRiMzhlMzgwMDViZWRmOTVm NDMwMDVkMzA1MTRhMDNhOWViODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKKEQhhsOn8ry7OWEReShrCWnlqSAmK+wck6oU2MvkK8I2rBJd9uQH+vMXQ UwxdgfTiaiiSmWsIv8ZyijoahWpOC2TpQZOk+7twlOB74ViZQ4NP0zmokhQ6Iof0 nw+Wc8osz5dgdV2qOaAaSMKqZJLmP5BupZNgYBqwY03st5nJo6y8fhuBIi0Xsrkz MNm3DAnyMP+enunas9hrsL1Y3TLX0+oUjlyKY78pmjL7RjGZcWig1d/ediLr208D XmA7P2UxBfxJ8wQukL3t/OUrmv3z/Wdh6Awz6rRNzCe5OT1ybzLkoCwWhldxFE2c tr+67ggdRRK2DkD5Psa7xRPw4ucCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR5zBy+ 3WoI7DCQBXqoh1cS/hQQyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mzg3YTVlNWYtMzY1OC00MzFmLWIyMzYtZDQ4NmNkZGNhZTA3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN BgkqhkiG9w0BAQsFAAOCAQEAoBd6IzmWZ/fo/FI6GkJcDuIbnGy5VbmrO0LoNwbX VpN4OGCj6zjjza2VY2DyFpaQ0z6iWofMh5Z0AxcDALFv1Oio49VJAVA8nt9KWg8O VESR1cbZRwUd8qbIVbYCJqUc75VU7WCxTUshRfXzLSDNehI4gXlUbY97KyeRNd9C itXY/fvlTa71ri5PDLdH4cFF8V1AikNtaJY1drYX17G44DHCErIOLTrBYkHNH/o/ T9DpV++z/LZl4eA1Es1S67Uoo4T2dT1l5vY1x5iWFD/d8WsTtH0oYEouAhs/pMvS oSklQ+Vpehj8FvgulS91LJXKhp6rdPNmXaz6dW7sZ+n3Yg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:56:31 2025 by rpki-client