This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json) Hash identifier: XZ9GUJJ/SVc+IO4CVNhrDg/KePAbfJOdwtC752QQQZ0= Subject key identifier: 00:D1:C4:F7:38:96:D9:4A:95:41:40:69:96:11:A0:EA:23:C4:7B:24 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 71FBB591E97380AE4CE5B562A828F168A9684300 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa Signing time: Sat 15 Nov 2025 06:50:44 +0000 ROA not before: Sat 15 Nov 2025 06:50:44 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.180.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:fb:b5:91:e9:73:80:ae:4c:e5:b5:62:a8:28:f1:68:a9:68:43:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:44 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f6c0c7058e17c0075ef81fdfde29b3e85fc792573bd074e8943f2879e52a0397, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:58:df:00:a2:12:e9:b0:ec:07:55:e7:a3:d0: a9:53:bc:5f:41:3d:c2:16:d6:7b:0f:10:d9:f2:32: a4:19:a1:ac:ae:3a:fa:61:85:5b:25:51:9b:c1:f7: 20:51:93:af:bb:ed:7e:1d:52:b2:aa:a1:02:0f:53: b1:19:fb:43:7f:5d:03:14:6a:54:8f:de:32:d8:eb: a0:88:09:a5:a5:a6:e0:bf:91:f6:97:b8:0f:26:94: 44:d1:4d:a8:a3:cf:16:0b:f6:a4:0e:bc:92:0a:c0: 75:43:27:35:11:17:b2:c9:9f:58:c6:85:78:05:a0: f4:14:34:ab:b5:75:25:d4:35:4d:5a:df:2b:38:5b: ec:4c:bc:7f:96:3c:55:07:41:91:e9:da:7b:50:71: 1f:8a:34:24:5b:69:7f:23:fd:ca:71:7c:54:3a:16: fd:be:82:d5:26:00:00:5f:be:1b:c5:be:23:61:89: 77:44:fa:89:10:2d:08:5f:a5:42:ea:17:0a:dc:ff: fc:0a:4a:06:05:4b:69:5e:c2:df:e1:2b:70:d8:62: 0a:4e:34:06:b2:b0:08:ef:d8:4f:f6:44:27:fd:39: c8:3b:5f:b1:87:f7:48:7d:45:a6:ab:df:c8:d8:96: 02:7f:21:e5:1b:78:8b:3f:d9:c0:f8:e0:5f:58:e7: ea:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:D1:C4:F7:38:96:D9:4A:95:41:40:69:96:11:A0:EA:23:C4:7B:24 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.180.0.0/15 Signature Algorithm: sha256WithRSAEncryption 71:5e:fb:31:8e:24:13:e2:fe:c6:97:f3:6e:29:45:59:e1:70: 41:60:21:8b:75:3b:e6:3c:6b:f4:11:9d:f4:6a:59:c1:3c:5c: f0:4e:01:9b:5c:de:74:91:46:60:49:85:23:e1:99:4f:52:38: 58:8b:20:62:89:9e:4c:5f:ea:d8:c9:7f:65:00:7e:5d:11:a8: 1e:e4:c1:34:b9:f1:72:59:d9:39:67:05:37:fe:6c:c7:53:29: e0:d9:6e:3c:72:eb:84:77:83:e7:35:bc:d5:f4:ac:14:16:d1: 5c:f4:a6:da:90:00:83:68:1f:38:82:83:c3:31:ac:99:ab:f3: 04:d9:ca:0b:d3:14:82:6a:64:7f:a6:77:31:99:12:72:52:9b: a4:ef:1b:76:21:67:96:d4:89:99:a3:74:9d:3c:f2:b6:0d:b0: 72:0c:90:da:63:d0:d1:1e:c4:16:c4:22:d0:b2:71:5b:49:cc: 71:3f:4c:bb:9e:95:b3:bc:38:d2:90:10:4b:cb:f7:05:8a:b6: e3:95:2e:97:12:95:ea:cd:3f:fd:de:25:d8:a1:48:61:56:3a: c4:46:ab:bc:bc:3f:30:46:eb:e0:1a:9b:07:61:d4:fc:19:9f: 9c:da:ca:fe:84:9d:fe:f1:9f:88:35:80:46:44:82:85:47:31: 80:78:7e:4b -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUcfu1kelzgK5M5bViqCjxaKloQwAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY2YzBjNzA1OGUxN2MwMDc1ZWY4MWZkZmRlMjliM2U4NWZjNzkyNTczYmQw NzRlODk0M2YyODc5ZTUyYTAzOTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIdY3wCiEumw7AdV56PQqVO8X0E9whbWew8Q2fIypBmhrK46+mGFWyVRm8H3 IFGTr7vtfh1SsqqhAg9TsRn7Q39dAxRqVI/eMtjroIgJpaWm4L+R9pe4DyaURNFN qKPPFgv2pA68kgrAdUMnNREXssmfWMaFeAWg9BQ0q7V1JdQ1TVrfKzhb7Ey8f5Y8 VQdBkenae1BxH4o0JFtpfyP9ynF8VDoW/b6C1SYAAF++G8W+I2GJd0T6iRAtCF+l QuoXCtz//ApKBgVLaV7C3+ErcNhiCk40BrKwCO/YT/ZEJ/05yDtfsYf3SH1Fpqvf yNiWAn8h5Rt4iz/ZwPjgX1jn6jUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQA0cT3 OJbZSpVBQGmWEaDqI8R7JDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G CSqGSIb3DQEBCwUAA4IBAQBxXvsxjiQT4v7Gl/NuKUVZ4XBBYCGLdTvmPGv0EZ30 alnBPFzwTgGbXN50kUZgSYUj4ZlPUjhYiyBiiZ5MX+rYyX9lAH5dEage5ME0ufFy Wdk5ZwU3/mzHUyng2W48cuuEd4PnNbzV9KwUFtFc9KbakACDaB84goPDMayZq/ME 2coL0xSCamR/pncxmRJyUpuk7xt2IWeW1ImZo3SdPPK2DbByDJDaY9DRHsQWxCLQ snFbScxxP0y7npWzvDjSkBBLy/cFirbjlS6XEpXqzT/93iXYoUhhVjrERqu8vD8w RuvgGpsHYdT8GZ+c2sr+hJ3+8Z+INYBGRIKFRzGAeH5L -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:46 2025 by rpki-client