This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa File: e398b47e-9867-4e71-96db-760f9102a39f.roa (raw, json) Hash identifier: /q4rdoXbB4npNrxtF6C8zmabp9irsoXcdf1u3PMjd8s= Subject key identifier: 2B:45:CA:91:41:F7:2C:EB:D5:99:A0:7C:38:61:EC:A2:6D:95:80:46 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 715FAB4F2DDFC0ED54C5D2F1E93756E17DA2EC29 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa Signing time: Wed 10 Dec 2025 06:40:03 +0000 ROA not before: Wed 10 Dec 2025 06:40:03 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 62785 IP address blocks: 193.57.182.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:5f:ab:4f:2d:df:c0:ed:54:c5:d2:f1:e9:37:56:e1:7d:a2:ec:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:03 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d7057d3b44f655f9fbfb76835e6a558ee28aa0a70c0fa201a2b91b18bf723d6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5a:42:f4:a2:46:d7:21:30:31:79:6f:20:ae: ad:06:b7:f8:89:7b:b8:42:e3:7f:46:41:e3:e2:86: 74:ff:62:e7:71:bf:05:3e:6d:45:fb:03:bf:9a:c5: 14:55:80:1d:d6:25:ba:d6:f5:3a:2c:e2:9c:f6:64: 3d:25:50:8c:d9:b6:d9:45:3c:ef:6f:d7:d6:4e:67: fb:22:6e:88:e8:c3:dd:a6:b9:0b:c5:76:a4:0f:ea: ef:9c:26:b8:c1:64:ca:a0:8a:eb:92:de:14:e8:ba: cc:9b:f5:fb:db:89:32:c2:4a:50:d6:f6:be:82:57: 77:8a:60:23:e8:dd:d3:b1:75:91:38:99:e6:a5:96: e5:9d:86:7c:37:f0:5c:0a:72:ca:c0:f8:02:3c:5f: be:ce:20:57:f4:38:ec:04:9a:69:0f:06:68:0b:73: 06:f6:69:5e:47:64:b9:cb:db:d5:c8:b7:0b:70:fb: 2e:36:29:ed:43:e4:1d:fe:58:d9:76:68:38:ec:c6: 2f:9f:23:aa:1d:48:37:a6:12:d1:3c:7e:aa:35:5b: c3:23:b2:23:95:78:79:b3:8c:e5:8d:db:46:2d:fb: e6:d3:62:76:b7:d1:8d:a7:5b:7f:26:ed:d1:ec:4d: 38:1e:b9:43:19:16:c7:70:3e:d4:60:0a:05:8c:b8: 68:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:45:CA:91:41:F7:2C:EB:D5:99:A0:7C:38:61:EC:A2:6D:95:80:46 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.57.182.0/23 Signature Algorithm: sha256WithRSAEncryption 89:0a:25:e1:a9:24:86:fb:2a:57:a5:92:c0:d8:e0:ed:5f:f5: 54:82:1c:30:4b:83:ea:72:bb:ef:7a:e9:e3:0c:7b:36:d7:a2: 47:b5:7c:ca:a3:5e:23:58:d6:0d:27:21:03:ca:01:96:92:48: cb:82:a4:ca:be:f5:26:03:f1:eb:7b:d0:b6:2c:bc:d4:d2:86: 87:2f:83:50:d9:63:04:fe:d2:19:b5:ea:6d:e3:4b:4d:b2:ae: 69:bf:11:32:3f:c0:d4:b1:51:0f:f4:fd:95:03:11:fc:00:95: 51:8d:76:39:9e:19:dd:10:cc:9c:f2:3d:36:96:b8:71:99:53: ee:74:99:d8:ce:af:41:ef:5d:56:29:ac:82:e0:de:ed:e2:da: 06:d4:0c:bf:81:4a:4a:41:42:b6:40:fd:15:f1:db:c3:e2:b4: 1f:8e:41:00:92:4a:42:18:9d:8e:77:bb:19:5c:d1:2e:59:74: 32:b2:1c:02:98:0a:6a:de:f8:7e:3c:ea:d8:a0:3f:50:a3:cb: 20:74:df:4f:75:f7:23:31:4f:ec:1c:9a:c3:c1:da:38:5a:df: d0:3c:fe:08:81:da:30:a5:06:bd:33:bd:d3:16:81:9c:88:97: 7f:3a:4c:c6:69:51:2b:86:58:e9:62:03:10:b2:1d:f1:b6:c7: 80:81:da:42 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUcV+rTy3fwO1UxdLx6TdW4X2i7CkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ3MDU3ZDNiNDRmNjU1ZjlmYmZiNzY4MzVlNmE1NThlZTI4YWEwYTcwYzBm YTIwMWEyYjkxYjE4YmY3MjNkNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMJaQvSiRtchMDF5byCurQa3+Il7uELjf0ZB4+KGdP9i53G/BT5tRfsDv5rF FFWAHdYlutb1OizinPZkPSVQjNm22UU872/X1k5n+yJuiOjD3aa5C8V2pA/q75wm uMFkyqCK65LeFOi6zJv1+9uJMsJKUNb2voJXd4pgI+jd07F1kTiZ5qWW5Z2GfDfw XApyysD4Ajxfvs4gV/Q47ASaaQ8GaAtzBvZpXkdkucvb1ci3C3D7LjYp7UPkHf5Y 2XZoOOzGL58jqh1IN6YS0Tx+qjVbwyOyI5V4ebOM5Y3bRi375tNidrfRjadbfybt 0exNOB65QxkWx3A+1GAKBYy4aK8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQrRcqR Qfcs69WZoHw4YeyibZWARjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZTM5OGI0N2UtOTg2Ny00ZTcxLTk2ZGItNzYwZjkxMDJhMzlmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN BgkqhkiG9w0BAQsFAAOCAQEAiQol4akkhvsqV6WSwNjg7V/1VIIcMEuD6nK773rp 4wx7NteiR7V8yqNeI1jWDSchA8oBlpJIy4Kkyr71JgPx63vQtiy81NKGhy+DUNlj BP7SGbXqbeNLTbKuab8RMj/A1LFRD/T9lQMR/ACVUY12OZ4Z3RDMnPI9Npa4cZlT 7nSZ2M6vQe9dVimsguDe7eLaBtQMv4FKSkFCtkD9FfHbw+K0H45BAJJKQhidjne7 GVzRLll0MrIcApgKat74fjzq2KA/UKPLIHTfT3X3IzFP7Byaw8HaOFrf0Dz+CIHa MKUGvTO90xaBnIiXfzpMxmlRK4ZY6WIDELId8bbHgIHaQg== -----END CERTIFICATE-----Generated at Sun Dec 21 23:59:49 2025 by rpki-client