This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json) Hash identifier: TS2cI9Plk9YW4dzz0RmpijDu4hF7+eVDdcCzAt5FlIk= Subject key identifier: EE:81:F4:98:C8:E1:2C:18:EA:0A:0D:19:3D:8D:E9:13:49:95:FF:89 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 58E8610E5BD4A69554E3A78EA293D7C280ABB752 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa Signing time: Tue 25 Nov 2025 20:10:21 +0000 ROA not before: Tue 25 Nov 2025 20:10:21 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 195.61.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:e8:61:0e:5b:d4:a6:95:54:e3:a7:8e:a2:93:d7:c2:80:ab:b7:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:21 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=e3c9ff5456f9e21c432f13ac8992e9ac9e6a723b63a6d288e41b936f2a2f712d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c6:4d:f6:40:c5:81:04:24:fd:c1:a7:73:b7: 8d:ca:e7:7d:07:f2:09:a8:75:f8:ff:81:17:48:61: 7f:97:c9:5a:78:f6:df:74:ee:eb:72:39:8c:25:84: 16:5c:ed:af:9f:99:9f:a9:ff:bd:d3:cd:78:03:a5: e9:b3:9c:f5:4b:70:b5:38:e4:91:cf:56:5f:c2:43: ce:2b:b5:0e:a9:91:ad:f4:0a:92:0f:4a:b6:91:cc: 71:43:0a:72:e0:51:6c:49:7f:72:df:f9:f1:eb:2d: 6e:62:e1:32:10:5e:8e:ea:1a:e6:e8:26:6a:2b:cc: f8:83:a0:e4:37:f7:56:2a:c4:e5:65:fa:a0:eb:92: 1f:7d:df:56:20:6f:b0:6e:f4:12:e8:e0:28:79:90: 74:02:90:45:da:e7:ef:e1:ad:51:6f:2b:c8:5e:8f: a4:97:c3:6a:22:e2:bd:21:e1:26:72:76:08:ff:93: 1b:54:e9:60:b0:c5:94:96:82:29:55:ff:ea:8c:2c: 83:7c:a9:fc:d4:c4:1c:96:15:04:60:56:eb:97:3b: 55:75:ff:fc:e4:a8:b5:d3:3a:03:5b:ab:79:59:7f: 17:c7:fe:4a:99:83:ba:27:0f:75:0f:5c:59:d5:83: 05:54:a7:f1:03:36:04:c1:52:d2:44:b5:1c:be:ed: 97:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:81:F4:98:C8:E1:2C:18:EA:0A:0D:19:3D:8D:E9:13:49:95:FF:89 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.61.0.0/16 Signature Algorithm: sha256WithRSAEncryption 61:f0:f9:7f:99:af:fb:fe:fc:50:0a:6f:e0:30:ec:4e:10:e6: 45:27:f4:4b:9c:9c:8f:b7:9f:f7:f6:56:87:64:ae:a7:47:f1: 04:0e:d6:66:15:f9:68:6c:1c:31:c1:0d:4f:c4:ed:df:71:15: c2:3b:10:cf:9e:6a:4e:2a:23:23:9b:ae:a3:4d:7f:e7:35:dd: a8:07:d4:e8:ed:ae:3b:68:75:f3:81:79:65:22:82:c6:1a:47: 5e:38:41:9c:1b:2e:fd:29:e6:f5:60:db:61:0b:f3:df:76:f9: d9:5b:22:e0:c6:1c:45:e8:da:28:47:b0:2b:63:de:e1:1a:51: f9:42:c5:83:0e:cd:88:7d:9d:61:0d:44:bb:3a:8f:bd:b2:b3: c3:c1:24:b3:77:bf:d6:36:f2:1f:55:dd:7c:8b:fd:ae:80:3e: 20:c6:cc:65:35:26:a7:e2:f2:76:b2:57:af:fb:55:17:25:96: 33:d8:d6:54:61:50:38:6d:85:e5:43:09:9f:91:ad:0d:5c:20: 1b:20:30:69:ff:b9:24:dd:01:a0:c5:8b:28:76:ea:b3:e9:38: 92:03:d9:88:1d:a7:d4:78:b5:ba:00:09:ee:92:c1:63:df:8b: 95:ca:0f:28:2c:d0:63:04:a7:e0:48:f4:e4:da:a8:77:a3:da: 25:b4:20:86 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUWOhhDlvUppVU46eOopPXwoCrt1IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjFaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGUzYzlmZjU0NTZmOWUyMWM0MzJmMTNhYzg5OTJlOWFjOWU2YTcyM2I2M2E2 ZDI4OGU0MWI5MzZmMmEyZjcxMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANbGTfZAxYEEJP3Bp3O3jcrnfQfyCah1+P+BF0hhf5fJWnj233Tu63I5jCWE Flztr5+Zn6n/vdPNeAOl6bOc9UtwtTjkkc9WX8JDziu1DqmRrfQKkg9KtpHMcUMK cuBRbEl/ct/58estbmLhMhBejuoa5ugmaivM+IOg5Df3VirE5WX6oOuSH33fViBv sG70EujgKHmQdAKQRdrn7+GtUW8ryF6PpJfDaiLivSHhJnJ2CP+TG1TpYLDFlJaC KVX/6owsg3yp/NTEHJYVBGBW65c7VXX//OSotdM6A1ureVl/F8f+SpmDuicPdQ9c WdWDBVSn8QM2BMFS0kS1HL7tl4UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTugfSY yOEsGOoKDRk9jekTSZX/iTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G CSqGSIb3DQEBCwUAA4IBAQBh8Pl/ma/7/vxQCm/gMOxOEOZFJ/RLnJyPt5/39laH ZK6nR/EEDtZmFflobBwxwQ1PxO3fcRXCOxDPnmpOKiMjm66jTX/nNd2oB9To7a47 aHXzgXllIoLGGkdeOEGcGy79Keb1YNthC/PfdvnZWyLgxhxF6NooR7ArY97hGlH5 QsWDDs2IfZ1hDUS7Oo+9srPDwSSzd7/WNvIfVd18i/2ugD4gxsxlNSan4vJ2slev +1UXJZYz2NZUYVA4bYXlQwmfka0NXCAbIDBp/7kk3QGgxYsoduqz6TiSA9mIHafU eLW6AAnuksFj34uVyg8oLNBjBKfgSPTk2qh3o9oltCCG -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:54 2025 by rpki-client