This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json) Hash identifier: gAAM1C4yuM7MAKzWLB82RlsVDxikzEd5ovi3+uvOP98= Subject key identifier: 24:6C:18:2B:30:D1:95:86:31:ED:69:E4:2A:5A:51:AB:55:44:4E:4C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6DA51485275C4286B6B308D09DD57EA1FAE9DD37 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa Signing time: Wed 10 Dec 2025 06:40:37 +0000 ROA not before: Wed 10 Dec 2025 06:40:37 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 195.247.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:a5:14:85:27:5c:42:86:b6:b3:08:d0:9d:d5:7e:a1:fa:e9:dd:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:37 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=7dbf1b5ad4d0789bb6d00d9da9de2e1195e76b80918e670fd8e999f3a445e285, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:36:68:c2:22:2b:98:bf:9e:12:61:62:99:bd: 74:b2:a1:26:8b:17:93:69:b1:ed:12:12:1b:51:0a: 49:b7:a6:ef:64:c8:10:6e:20:40:d2:32:67:9f:05: 1f:cd:62:5c:bd:5d:60:da:45:7d:4b:03:cf:91:0a: 45:aa:10:93:b3:fc:91:f8:78:c8:29:dd:cd:96:4e: 67:06:2d:df:44:5a:b6:0b:fb:b9:31:ae:03:78:9b: cb:eb:c5:e0:c2:bb:de:19:e0:fc:7c:e2:7d:ce:09: f2:a2:81:0d:35:e6:41:f4:cd:73:ae:94:1e:7e:4e: 32:3e:ce:88:57:09:69:c8:d6:7b:ea:a7:6d:39:30: b4:fc:8e:0d:3d:e8:76:92:98:aa:79:9c:fd:9c:19: 91:2b:73:49:9d:2c:08:8e:2c:da:10:56:e3:4b:bb: a7:52:0e:03:04:0f:70:d1:ab:2a:0a:54:a5:86:a1: 2f:cc:94:0c:94:52:1a:e8:97:c4:50:3a:14:35:29: 03:e2:62:fb:ba:2d:cd:53:16:eb:1b:b9:bc:63:74: ae:c6:c6:e6:69:d6:88:85:99:e2:08:40:24:38:c7: 78:b9:1d:f0:55:fc:32:34:e2:7c:ad:78:51:21:18: cf:d4:87:ac:bc:30:82:10:3b:e3:c0:51:95:01:d0: fe:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:6C:18:2B:30:D1:95:86:31:ED:69:E4:2A:5A:51:AB:55:44:4E:4C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.247.0.0/16 Signature Algorithm: sha256WithRSAEncryption 67:fb:4c:70:5f:94:b2:62:bb:0f:40:82:72:78:a3:30:00:bf: e7:2b:c3:22:43:61:29:fa:e3:06:d2:19:af:87:6e:38:40:49: 81:74:e7:b2:9d:42:55:ff:c6:ff:86:aa:64:96:3c:d6:07:89: a4:50:9b:b8:44:62:38:67:2e:de:f9:12:39:c8:2f:75:7e:b4: 6e:b3:2c:c3:71:4a:6d:2e:d8:47:5e:4a:fb:a0:42:cf:17:08: 88:58:a4:8a:c9:00:1f:74:0e:32:43:ba:3a:84:87:33:1e:7e: 61:79:3f:e2:93:b5:53:3a:2f:d5:1a:7c:cf:f8:18:3f:b6:28: 7c:bb:f7:52:5b:f6:33:c9:03:b6:2e:c3:96:33:9d:dd:59:27: 76:77:a3:bc:f9:74:7e:1a:ca:6c:82:ef:6a:8c:e5:19:38:e3: 75:8f:d6:71:cc:87:7a:95:ed:5b:40:0e:64:e8:ea:f7:09:27: 5a:76:d6:a0:2f:7e:ed:63:ad:24:6b:9d:5d:11:39:05:c5:be: bb:54:36:8e:7b:f9:c7:53:be:6d:5f:a6:c8:0b:81:5f:e2:ca: b6:16:36:87:fe:a9:71:9b:22:18:88:0c:26:f0:37:a4:2e:63: 92:e9:37:e4:01:02:59:49:dc:a2:1f:84:86:2c:37:2b:25:f2: a4:5c:d1:07 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUbaUUhSdcQoa2swjQndV+ofrp3TcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDdkYmYxYjVhZDRkMDc4OWJiNmQwMGQ5ZGE5ZGUyZTExOTVlNzZiODA5MThl NjcwZmQ4ZTk5OWYzYTQ0NWUyODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJg2aMIiK5i/nhJhYpm9dLKhJosXk2mx7RISG1EKSbem72TIEG4gQNIyZ58F H81iXL1dYNpFfUsDz5EKRaoQk7P8kfh4yCndzZZOZwYt30Ratgv7uTGuA3iby+vF 4MK73hng/Hzifc4J8qKBDTXmQfTNc66UHn5OMj7OiFcJacjWe+qnbTkwtPyODT3o dpKYqnmc/ZwZkStzSZ0sCI4s2hBW40u7p1IOAwQPcNGrKgpUpYahL8yUDJRSGuiX xFA6FDUpA+Ji+7otzVMW6xu5vGN0rsbG5mnWiIWZ4ghAJDjHeLkd8FX8MjTifK14 USEYz9SHrLwwghA748BRlQHQ/h0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkbBgr MNGVhjHtaeQqWlGrVUROTDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G CSqGSIb3DQEBCwUAA4IBAQBn+0xwX5SyYrsPQIJyeKMwAL/nK8MiQ2Ep+uMG0hmv h244QEmBdOeynUJV/8b/hqpkljzWB4mkUJu4RGI4Zy7e+RI5yC91frRusyzDcUpt LthHXkr7oELPFwiIWKSKyQAfdA4yQ7o6hIczHn5heT/ik7VTOi/VGnzP+Bg/tih8 u/dSW/YzyQO2LsOWM53dWSd2d6O8+XR+Gspsgu9qjOUZOON1j9ZxzId6le1bQA5k 6Or3CSdadtagL37tY60ka51dETkFxb67VDaOe/nHU75tX6bIC4Ff4sq2FjaH/qlx myIYiAwm8DekLmOS6TfkAQJZSdyiH4SGLDcrJfKkXNEH -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:20 2025 by rpki-client