This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json) Hash identifier: xyr01NgEoZAqB+ZMTKUfUU9ie4nnqVPWY8s/3Mpj1gQ= Subject key identifier: 3B:EA:DE:FA:AC:10:F4:80:43:4A:7E:AF:5A:E6:41:90:77:E7:BC:66 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7F271EF97C78CAAF427CAF73206AF25DF82FA784 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa Signing time: Wed 10 Dec 2025 06:50:06 +0000 ROA not before: Wed 10 Dec 2025 06:50:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 193.186.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:27:1e:f9:7c:78:ca:af:42:7c:af:73:20:6a:f2:5d:f8:2f:a7:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2f4f63988d96e4644b66fbccbc34c2cfad513c6ef386718ab9a693a8a1e44fa6, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:43:f2:f6:41:09:fa:be:7f:e6:38:ea:f0:d5: 6e:44:31:29:a7:6b:52:04:50:da:c2:34:13:ac:a5: f7:7b:37:75:60:bd:de:84:4e:7a:c8:4c:b0:06:8b: d2:01:fc:e2:bc:08:59:29:43:b5:9f:8d:66:d0:e2: a2:3d:b0:0a:c6:a2:9d:b1:32:8b:1b:60:73:cc:d5: aa:3c:bb:03:74:4c:cc:21:8f:38:97:99:06:82:35: 48:f7:02:ae:1c:6d:85:86:d0:78:92:04:5a:46:d2: 39:c2:91:e8:cf:8c:74:0b:8f:6c:1a:15:70:0c:3f: ee:ba:c7:d4:4d:40:cb:6e:db:84:d7:d1:59:6e:b6: aa:1c:36:6f:e6:7b:85:07:39:11:c6:e0:ee:9e:ff: 58:2c:f8:a8:f7:61:d6:37:6c:15:4c:23:6c:00:40: fd:37:e7:fb:28:a0:dd:ac:d8:44:c6:e1:cc:f6:22: d7:40:84:19:68:5d:a3:84:55:4b:be:fd:3d:01:9c: 88:9a:c6:ac:f2:ed:85:9a:e2:98:9e:14:bb:32:7e: ce:0e:ff:86:0e:5d:2b:4c:74:f0:fe:fe:46:ad:51: bc:ff:ca:75:61:30:59:04:bc:23:21:b5:1f:e0:f8: bd:31:a5:e5:7f:91:31:35:df:f8:6b:6f:25:82:d4: 57:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:EA:DE:FA:AC:10:F4:80:43:4A:7E:AF:5A:E6:41:90:77:E7:BC:66 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.186.210.0/24 Signature Algorithm: sha256WithRSAEncryption 91:d2:2f:cf:6c:e1:56:eb:19:67:b2:7e:fa:a5:2e:30:11:1f: a7:c8:5a:28:fe:6c:42:fe:4f:a1:21:a1:f6:50:7a:80:ef:8f: 8e:61:2d:aa:1e:3c:6e:43:4e:86:69:4a:29:94:68:2d:09:fd: 81:18:27:9b:ef:d6:99:2a:b4:16:8f:a2:67:61:0e:d6:66:87: 24:53:a6:86:2e:09:ca:e9:18:a2:e4:60:c7:f0:a9:15:c8:cb: fe:60:4d:1d:0e:52:28:8b:2e:e7:87:f4:0f:0a:1b:01:1a:72: 9e:25:bc:42:d2:b2:34:73:ce:a3:f7:75:fd:74:d8:be:a2:75: 5f:44:62:8f:0f:a1:53:b5:5e:5c:65:59:5c:47:30:6f:33:e3: 21:7e:f5:10:83:44:aa:9e:89:d4:9b:2f:f6:e7:10:e1:a4:3d: e6:12:3e:ac:35:1c:8e:e7:2d:d2:66:ab:5a:7e:2d:e4:df:d1: 72:8a:97:97:f8:74:8b:4d:d3:05:65:77:70:36:66:bf:fa:ba: 91:69:d4:d8:9e:ca:f2:a5:a2:00:57:c3:2b:eb:59:8a:06:17: 7f:2c:59:f5:77:7c:9c:f1:d5:3f:06:ab:b7:6b:f2:36:7f:a4: 97:c7:74:ee:93:54:a8:63:13:61:3b:6b:e1:8a:c5:21:78:fd: 53:aa:f3:f2 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUfyce+Xx4yq9CfK9zIGryXfgvp4QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJmNGY2Mzk4OGQ5NmU0NjQ0YjY2ZmJjY2JjMzRjMmNmYWQ1MTNjNmVmMzg2 NzE4YWI5YTY5M2E4YTFlNDRmYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1D8vZBCfq+f+Y46vDVbkQxKadrUgRQ2sI0E6yl93s3dWC93oROeshMsAaL 0gH84rwIWSlDtZ+NZtDioj2wCsainbEyixtgc8zVqjy7A3RMzCGPOJeZBoI1SPcC rhxthYbQeJIEWkbSOcKR6M+MdAuPbBoVcAw/7rrH1E1Ay27bhNfRWW62qhw2b+Z7 hQc5Ecbg7p7/WCz4qPdh1jdsFUwjbABA/Tfn+yig3azYRMbhzPYi10CEGWhdo4RV S779PQGciJrGrPLthZrimJ4UuzJ+zg7/hg5dK0x08P7+Rq1RvP/KdWEwWQS8IyG1 H+D4vTGl5X+RMTXf+GtvJYLUV/UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ76t76 rBD0gENKfq9a5kGQd+e8ZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN BgkqhkiG9w0BAQsFAAOCAQEAkdIvz2zhVusZZ7J++qUuMBEfp8haKP5sQv5PoSGh 9lB6gO+PjmEtqh48bkNOhmlKKZRoLQn9gRgnm+/WmSq0Fo+iZ2EO1maHJFOmhi4J yukYouRgx/CpFcjL/mBNHQ5SKIsu54f0DwobARpyniW8QtKyNHPOo/d1/XTYvqJ1 X0Rijw+hU7VeXGVZXEcwbzPjIX71EINEqp6J1Jsv9ucQ4aQ95hI+rDUcjuct0mar Wn4t5N/RcoqXl/h0i03TBWV3cDZmv/q6kWnU2J7K8qWiAFfDK+tZigYXfyxZ9Xd8 nPHVPwart2vyNn+kl8d07pNUqGMTYTtr4YrFIXj9U6rz8g== -----END CERTIFICATE-----Generated at Fri Dec 19 21:49:24 2025 by rpki-client