This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json) Hash identifier: HRZsRplEuEq6Vl7wPxAfoTVUbfPJR3a2auKTqYtidzM= Subject key identifier: F4:DD:8F:D1:40:A4:1E:96:7A:DE:10:B8:14:C4:BC:EB:CF:0B:4E:FF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2F69787E48170269F6F02B63C5A6A48E50DB5818 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa Signing time: Tue 25 Nov 2025 20:10:25 +0000 ROA not before: Tue 25 Nov 2025 20:10:25 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 85.213.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:69:78:7e:48:17:02:69:f6:f0:2b:63:c5:a6:a4:8e:50:db:58:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:25 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=10c0dee2fffdb4550414bdd2e8f0a1a30815f22c36543114f62e60eca208fd93, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:88:ee:d2:76:de:93:4a:c8:c9:0c:36:59:a1: a5:8a:d7:b7:ab:02:f0:99:73:ea:92:f1:2e:fd:42: c2:ad:e7:f6:29:2e:e2:fb:c8:51:c6:3d:74:55:85: 1a:bc:b7:74:b1:37:44:9e:90:08:d6:be:43:bb:58: 19:d9:24:97:54:47:b9:72:2d:b6:ee:e3:3e:f7:43: f2:f4:bf:e9:3d:90:26:ad:4f:03:e7:a0:51:30:c6: 2e:ef:62:7c:e5:ca:24:ca:c1:21:86:3a:f8:9a:fc: 54:f0:8f:d3:dc:4d:3c:08:27:47:e3:76:27:91:4b: 48:ad:b7:f8:ba:31:8e:5e:5d:1b:4a:4e:6b:f8:45: d3:7c:d2:e5:28:6f:46:2c:84:1d:17:50:87:8a:e8: 3c:a5:27:e8:d5:32:f6:30:c9:a0:1a:23:6a:31:4e: 85:56:31:30:51:90:1d:17:d8:1b:30:2b:3a:4f:3a: 2f:b6:81:7f:e0:58:c5:c5:db:28:8b:2a:9c:75:c9: f2:f3:0b:63:95:72:ab:9d:3c:94:4a:92:d1:1e:d7: 31:4a:f5:e0:ee:75:c6:ac:b5:4d:b6:34:57:93:24: 0b:ee:da:35:9d:91:4f:b7:77:f4:2b:a3:a7:07:4a: c2:81:84:2e:bb:0f:7b:82:96:f9:6e:53:c7:fd:3e: 35:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:DD:8F:D1:40:A4:1E:96:7A:DE:10:B8:14:C4:BC:EB:CF:0B:4E:FF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.213.0.0/16 Signature Algorithm: sha256WithRSAEncryption b8:a8:47:68:ed:67:18:27:c1:59:87:2c:d3:1a:02:4b:0f:a0: 8c:a2:fb:80:04:16:ec:a3:35:5a:35:c3:72:d8:09:14:9f:fc: 33:77:19:32:60:3e:0b:6f:80:63:5a:54:e4:9d:68:79:70:1d: 66:a1:60:86:8c:cb:b6:b1:2c:5a:0d:26:11:e1:83:9e:84:3a: c9:51:b0:46:cc:b2:d2:18:f9:d2:6b:31:e9:7c:dd:c8:4c:3b: 20:c2:dc:1d:90:50:55:05:f3:46:55:26:58:74:ce:4c:f7:d9: de:19:fa:01:04:b2:a0:a8:90:70:a6:ad:d2:fb:cf:52:43:a1: ab:10:cc:e5:62:ae:2c:06:57:50:35:ab:24:d3:a6:8a:12:e4: fe:8c:b1:d9:de:b8:cb:c4:78:bb:5b:35:91:f7:ab:f7:10:ea: 52:e9:e1:86:09:6d:ce:37:b9:ef:ca:6a:b5:4d:ae:94:de:58: 58:ae:90:34:29:cb:e3:41:b4:2d:c2:49:0e:8f:91:5d:ab:6a: 75:ba:7b:9a:d6:26:ab:00:2c:42:6d:98:32:60:3e:30:79:fa: af:73:5e:15:f7:cd:a9:f0:da:2b:04:fc:86:da:08:ee:64:ce: 9b:ef:cf:e2:85:87:e2:b7:91:65:9a:c6:14:90:58:70:62:16: d1:ee:bd:4d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUL2l4fkgXAmn28CtjxaakjlDbWBgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDEwYzBkZWUyZmZmZGI0NTUwNDE0YmRkMmU4ZjBhMWEzMDgxNWYyMmMzNjU0 MzExNGY2MmU2MGVjYTIwOGZkOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJWI7tJ23pNKyMkMNlmhpYrXt6sC8Jlz6pLxLv1Cwq3n9iku4vvIUcY9dFWF Gry3dLE3RJ6QCNa+Q7tYGdkkl1RHuXIttu7jPvdD8vS/6T2QJq1PA+egUTDGLu9i fOXKJMrBIYY6+Jr8VPCP09xNPAgnR+N2J5FLSK23+Loxjl5dG0pOa/hF03zS5Shv RiyEHRdQh4roPKUn6NUy9jDJoBojajFOhVYxMFGQHRfYGzArOk86L7aBf+BYxcXb KIsqnHXJ8vMLY5Vyq508lEqS0R7XMUr14O51xqy1TbY0V5MkC+7aNZ2RT7d39Cuj pwdKwoGELrsPe4KW+W5Tx/0+NW8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT03Y/R QKQelnreELgUxLzrzwtO/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G CSqGSIb3DQEBCwUAA4IBAQC4qEdo7WcYJ8FZhyzTGgJLD6CMovuABBbsozVaNcNy 2AkUn/wzdxkyYD4Lb4BjWlTknWh5cB1moWCGjMu2sSxaDSYR4YOehDrJUbBGzLLS GPnSazHpfN3ITDsgwtwdkFBVBfNGVSZYdM5M99neGfoBBLKgqJBwpq3S+89SQ6Gr EMzlYq4sBldQNask06aKEuT+jLHZ3rjLxHi7WzWR96v3EOpS6eGGCW3ON7nvymq1 Ta6U3lhYrpA0KcvjQbQtwkkOj5Fdq2p1unua1iarACxCbZgyYD4wefqvc14V982p 8NorBPyG2gjuZM6b78/ihYfit5FlmsYUkFhwYhbR7r1N -----END CERTIFICATE-----Generated at Sat Dec 6 10:59:02 2025 by rpki-client