This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json) Hash identifier: 0He/jxKVMAsW/gMpGxGf+V+b5FgubKac4c0CxKGZAt8= Subject key identifier: 67:DE:56:FE:EE:F5:59:3A:45:E2:48:6F:E6:9E:70:F4:C5:B5:EC:26 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 014106DC2B6551A5490B77B27E2ADF456094EA1F Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa Signing time: Sat 15 Nov 2025 06:50:07 +0000 ROA not before: Sat 15 Nov 2025 06:50:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 151.176.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:41:06:dc:2b:65:51:a5:49:0b:77:b2:7e:2a:df:45:60:94:ea:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f66dd5c26fe4584ce12eaf4646b2032353d09d08971fac7697ad674ef8884880, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a2:bc:ee:d6:9e:6e:ce:5e:75:f8:e8:eb:c3: 1e:6c:0c:9a:fb:60:5a:47:34:ed:38:33:e2:f3:dc: 0b:43:6a:ae:00:b9:ab:26:84:45:bf:9e:99:a0:c6: a9:05:45:53:77:82:90:0b:5c:bd:f7:db:f3:f5:a9: 90:39:1c:9c:bd:de:91:1d:39:33:83:31:54:7c:2a: a8:20:50:2e:35:bb:7f:d5:0f:d7:f6:8b:d9:5a:13: e7:46:f8:10:81:e3:6e:92:2e:42:f8:98:30:4b:c7: 0e:10:8d:07:73:ca:44:22:ad:ee:cf:32:68:40:1c: b6:13:a2:06:72:dc:82:71:ce:e5:c9:59:17:c2:29: a4:af:39:08:28:51:5f:04:07:5a:0e:91:6f:d2:0b: c4:c8:68:0b:f9:cc:4a:4a:5d:1d:2f:a9:61:b5:e2: ef:44:95:6f:8e:82:18:c4:ea:31:5b:00:e8:84:78: 5b:36:f0:a0:03:26:f3:b0:88:5c:86:66:3d:f3:d3: 12:08:61:60:36:32:31:5f:35:6e:3b:be:89:a9:23: 6b:99:78:55:92:87:18:4c:59:4f:b8:5b:ac:61:eb: ee:6b:c5:60:3f:d5:e1:d2:2b:66:ac:c5:66:f2:92: 04:ca:67:de:13:da:d8:a7:82:5e:11:70:83:5d:5d: 7e:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:DE:56:FE:EE:F5:59:3A:45:E2:48:6F:E6:9E:70:F4:C5:B5:EC:26 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.176.0.0/16 Signature Algorithm: sha256WithRSAEncryption ac:b0:5b:96:1e:57:7f:29:18:ed:2f:4d:b3:18:cb:03:29:3a: 2f:ce:16:e7:19:5d:1c:e7:c4:bc:a3:35:b5:ff:13:4e:45:5b: 14:48:2b:f8:4a:21:74:78:8f:e0:b1:e8:7a:57:21:b7:66:52: 24:21:0b:a2:b3:ae:60:9d:7c:c5:23:eb:7b:cd:07:76:7c:ef: 7f:60:84:24:e5:58:5a:35:07:84:36:fe:dc:ee:05:1b:b3:05: 9a:86:24:e7:1b:c4:eb:ce:29:a4:8f:91:ef:aa:60:ed:e8:0d: d8:44:bf:0c:80:ef:55:19:42:ba:a7:f1:3d:b4:51:c2:54:ed: 5a:06:89:95:48:cd:10:e9:9f:94:0a:a9:50:44:b6:93:3a:ec: ab:61:dc:25:f9:db:49:29:79:c6:d0:2e:9a:e9:bb:3c:07:84: 56:b5:1b:a0:22:72:a4:dc:d5:7f:e8:b4:5e:4e:1f:92:d0:6b: 5f:80:1e:cc:f9:25:13:3c:98:f8:bf:7a:55:e0:93:7c:69:d1: 21:08:b1:5c:0f:d7:42:0b:c1:b6:44:90:c7:5b:7a:96:cc:d4: 53:7a:c9:02:6a:f0:b2:68:5f:ec:28:d9:11:b7:75:e5:4d:8d: 0f:43:65:78:28:d8:bb:a0:a4:20:43:7c:4c:8e:8d:4f:d1:6a: d3:be:fe:66 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUAUEG3CtlUaVJC3eyfirfRWCU6h8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY2NmRkNWMyNmZlNDU4NGNlMTJlYWY0NjQ2YjIwMzIzNTNkMDlkMDg5NzFm YWM3Njk3YWQ2NzRlZjg4ODQ4ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKqivO7Wnm7OXnX46OvDHmwMmvtgWkc07Tgz4vPcC0NqrgC5qyaERb+emaDG qQVFU3eCkAtcvffb8/WpkDkcnL3ekR05M4MxVHwqqCBQLjW7f9UP1/aL2VoT50b4 EIHjbpIuQviYMEvHDhCNB3PKRCKt7s8yaEActhOiBnLcgnHO5clZF8IppK85CChR XwQHWg6Rb9ILxMhoC/nMSkpdHS+pYbXi70SVb46CGMTqMVsA6IR4WzbwoAMm87CI XIZmPfPTEghhYDYyMV81bju+iakja5l4VZKHGExZT7hbrGHr7mvFYD/V4dIrZqzF ZvKSBMpn3hPa2KeCXhFwg11dfgkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRn3lb+ 7vVZOkXiSG/mnnD0xbXsJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G CSqGSIb3DQEBCwUAA4IBAQCssFuWHld/KRjtL02zGMsDKTovzhbnGV0c58S8ozW1 /xNORVsUSCv4SiF0eI/gseh6VyG3ZlIkIQuis65gnXzFI+t7zQd2fO9/YIQk5Vha NQeENv7c7gUbswWahiTnG8Trzimkj5HvqmDt6A3YRL8MgO9VGUK6p/E9tFHCVO1a BomVSM0Q6Z+UCqlQRLaTOuyrYdwl+dtJKXnG0C6a6bs8B4RWtRugInKk3NV/6LRe Th+S0GtfgB7M+SUTPJj4v3pV4JN8adEhCLFcD9dCC8G2RJDHW3qWzNRTeskCavCy aF/sKNkRt3XlTY0PQ2V4KNi7oKQgQ3xMjo1P0WrTvv5m -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:37 2025 by rpki-client