This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json) Hash identifier: lfmFDRoK9xkmDVGYaFFsxPMPadYReM7Y/nnWty2JM0E= Subject key identifier: D1:92:18:4E:6C:0F:99:14:72:09:D4:67:04:AB:B0:E5:36:7F:4D:96 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 61921ED66B7CA85E49ADFC07AC526354860129F2 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa Signing time: Sat 15 Nov 2025 06:40:07 +0000 ROA not before: Sat 15 Nov 2025 06:40:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 195.247.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:92:1e:d6:6b:7c:a8:5e:49:ad:fc:07:ac:52:63:54:86:01:29:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=8aa56a43d5496bd5d32e39917a2a082ac35ed2d70d2ad801c23f663b0f5cb39e, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:5b:2d:e7:24:f7:d3:b3:22:cd:1d:a9:f8:75: 87:aa:32:7b:f9:a4:e0:9a:81:5b:ab:84:6b:ec:d0: e0:5f:ae:b0:39:a2:07:37:09:a8:6e:93:1e:5f:f2: 7e:a1:35:19:0d:a6:1b:cf:6f:a9:cd:50:f9:6a:35: f8:b1:09:95:36:99:86:7f:51:5c:64:e1:01:0b:75: c8:40:ad:f4:d7:32:0b:6e:fc:99:64:ce:17:7c:42: e5:4d:04:0e:82:1c:9d:42:5f:a5:d6:7b:74:f0:8a: 8a:82:14:d2:71:75:03:24:3d:a0:b6:b7:09:15:4d: 43:13:23:ec:4e:fa:32:d1:f3:80:f7:20:d6:35:21: a0:7d:ea:4e:5c:40:41:c6:99:ac:f2:f1:60:3e:cc: b1:34:4d:d6:1b:a0:95:43:5a:63:23:fb:ed:51:d3: 9f:72:2d:3b:39:c6:9b:a0:15:d9:78:bb:54:6b:02: be:b4:38:9d:08:26:45:02:6e:a0:0b:be:92:01:fb: 49:d4:19:27:56:9c:24:42:6f:01:67:ab:b2:43:0e: 46:20:e7:7f:26:e9:22:6e:8b:7c:10:01:82:8a:e4: 18:0f:0d:2f:ea:a8:6b:dc:9b:da:0c:11:ad:d2:2b: a6:68:7c:49:c4:ae:46:8e:ee:03:42:2a:95:1f:38: c3:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:92:18:4E:6C:0F:99:14:72:09:D4:67:04:AB:B0:E5:36:7F:4D:96 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.247.0.0/16 Signature Algorithm: sha256WithRSAEncryption 7b:b5:09:dd:03:64:26:2e:26:2d:0a:fc:dd:20:4e:90:11:db: be:61:39:46:95:8b:e4:37:b1:44:05:3f:4c:79:6a:77:62:07: a9:b5:63:81:46:e0:3c:c7:69:39:11:b2:d2:7d:f7:3b:96:ef: db:84:32:07:e2:51:60:e7:df:c2:74:f7:1e:2a:08:15:6d:b5: 29:bb:a7:af:4b:16:6f:26:93:0d:6d:97:91:35:76:c5:09:8f: 7a:9d:ac:d7:dc:f3:3f:ac:a4:99:09:9e:4b:f7:43:83:35:36: 73:cf:f1:9c:88:ef:0e:2b:bb:66:88:0b:5c:f0:87:4f:2c:0b: 58:c1:3f:9e:08:e3:9b:6b:66:0a:cb:c3:5f:44:ff:70:bf:fd: 63:27:8d:90:fb:0a:8d:eb:f9:27:7a:4d:5f:4d:32:6c:cb:51: a5:71:30:59:dd:50:ea:9c:b0:5c:7d:25:7b:e3:42:aa:25:bc: a2:a0:7c:0c:45:13:78:09:a0:d5:e0:bd:f8:be:0b:5f:8e:51: bb:20:84:6a:46:08:f0:24:a0:7e:9b:2c:c7:65:2b:bb:15:0d: d9:ac:c4:10:f0:e4:7a:22:6d:0f:ee:66:29:d8:cf:09:90:9d: 31:be:47:e0:8e:1c:13:eb:58:5f:09:d2:f6:cc:2c:70:61:c1: 28:7d:d6:2e -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUYZIe1mt8qF5JrfwHrFJjVIYBKfIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDhhYTU2YTQzZDU0OTZiZDVkMzJlMzk5MTdhMmEwODJhYzM1ZWQyZDcwZDJh ZDgwMWMyM2Y2NjNiMGY1Y2IzOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAONbLeck99OzIs0dqfh1h6oye/mk4JqBW6uEa+zQ4F+usDmiBzcJqG6THl/y fqE1GQ2mG89vqc1Q+Wo1+LEJlTaZhn9RXGThAQt1yECt9NcyC278mWTOF3xC5U0E DoIcnUJfpdZ7dPCKioIU0nF1AyQ9oLa3CRVNQxMj7E76MtHzgPcg1jUhoH3qTlxA QcaZrPLxYD7MsTRN1huglUNaYyP77VHTn3ItOznGm6AV2Xi7VGsCvrQ4nQgmRQJu oAu+kgH7SdQZJ1acJEJvAWerskMORiDnfybpIm6LfBABgorkGA8NL+qoa9yb2gwR rdIrpmh8ScSuRo7uA0IqlR84w08CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTRkhhO bA+ZFHIJ1GcEq7DlNn9NljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G CSqGSIb3DQEBCwUAA4IBAQB7tQndA2QmLiYtCvzdIE6QEdu+YTlGlYvkN7FEBT9M eWp3YgeptWOBRuA8x2k5EbLSffc7lu/bhDIH4lFg59/CdPceKggVbbUpu6evSxZv JpMNbZeRNXbFCY96nazX3PM/rKSZCZ5L90ODNTZzz/GciO8OK7tmiAtc8IdPLAtY wT+eCOOba2YKy8NfRP9wv/1jJ42Q+wqN6/knek1fTTJsy1GlcTBZ3VDqnLBcfSV7 40KqJbyioHwMRRN4CaDV4L34vgtfjlG7IIRqRgjwJKB+myzHZSu7FQ3ZrMQQ8OR6 Im0P7mYp2M8JkJ0xvkfgjhwT61hfCdL2zCxwYcEofdYu -----END CERTIFICATE-----Generated at Sat Dec 6 12:49:44 2025 by rpki-client