$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6430303a3a2f34302d3438203d3e20313939333130.roa File: 326131343a373538303a6430303a3a2f34302d3438203d3e20313939333130.roa (raw, json) Hash identifier: tIRLcVg7UrhNFhqoUSzyKAfDY3qvSoSmXd0Y8F0kvUs= Subject key identifier: 0B:3E:C8:1F:EE:A8:FE:D5:02:B4:40:8A:19:F6:36:B2:54:55:34:D8 Certificate issuer: /CN=13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB Certificate serial: 0D9F372F13E22BFB42D6039BFA1E0F90718EE5A6 Authority key identifier: 13:E1:A9:98:F7:7D:7C:1F:F2:95:5C:0B:68:8F:EB:FE:0F:81:96:EB Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6430303a3a2f34302d3438203d3e20313939333130.roa Signing time: Sun 05 Apr 2026 17:22:35 +0000 ROA not before: Sun 05 Apr 2026 17:17:35 +0000 ROA not after: Sun 04 Apr 2027 17:22:35 +0000 asID: 199310 IP address blocks: 2a14:7580:d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.crl rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 16:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:9f:37:2f:13:e2:2b:fb:42:d6:03:9b:fa:1e:0f:90:71:8e:e5:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB Validity Not Before: Apr 5 17:17:35 2026 GMT Not After : Apr 4 17:22:35 2027 GMT Subject: CN=0B3EC81FEEA8FED502B4408A19F636B2545534D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f7:8e:95:c4:c9:ff:40:c4:bb:15:ae:c6:37: 35:59:e0:d4:eb:6f:fc:2e:3b:a3:64:c1:4b:d1:c9: 97:c9:45:4a:c9:45:3a:7f:6e:e4:b6:0c:9b:97:21: 5e:ef:2c:dd:ca:8d:e9:44:6c:93:c6:86:55:66:e7: 3e:7d:85:42:33:ad:49:3d:a6:fd:b3:67:6b:99:e5: a6:a1:d4:c1:f1:84:3a:3c:e6:8f:8b:c6:ee:a1:ab: 41:89:92:ad:b6:9d:17:34:e9:f7:a8:1d:e3:d4:ca: a1:43:8b:eb:a7:e7:b7:5b:97:5a:41:b6:78:da:16: 44:c0:ae:82:16:b0:85:a9:87:3f:90:95:1a:bf:fe: f7:b9:fc:ec:b8:5e:2b:37:42:9f:6a:d5:08:29:50: 63:02:a5:23:97:16:8c:05:ab:2f:5a:5a:26:ef:95: a0:6d:85:cf:89:50:60:df:9c:64:39:ae:6e:2b:6c: 7f:00:f8:6f:bf:a5:6a:28:32:3f:c6:ba:9c:79:72: 13:72:6d:55:f5:db:07:48:bd:2b:a5:9c:d3:76:75: e8:b5:24:95:28:1d:85:1c:df:17:f8:89:84:8b:8f: 83:c1:f1:9a:22:99:eb:c5:60:a6:cc:a0:de:c9:ef: df:2d:67:4c:9b:5a:50:28:13:bd:29:b6:40:a6:af: 68:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:3E:C8:1F:EE:A8:FE:D5:02:B4:40:8A:19:F6:36:B2:54:55:34:D8 X509v3 Authority Key Identifier: keyid:13:E1:A9:98:F7:7D:7C:1F:F2:95:5C:0B:68:8F:EB:FE:0F:81:96:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6430303a3a2f34302d3438203d3e20313939333130.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:d00::/40 Signature Algorithm: sha256WithRSAEncryption 42:f5:e9:b2:a7:74:e3:ae:50:cc:d3:b5:ad:a2:bf:dc:90:92: 16:2b:c4:1a:aa:23:17:8c:b5:7b:35:1c:ad:a4:6d:b2:a6:1c: 68:a5:7d:ad:fb:67:a4:59:c0:6d:9e:ca:eb:66:94:5a:9b:d2: c7:56:5d:65:bd:34:9d:f1:08:4b:b2:b0:37:c5:af:a0:ef:bb: f5:96:a1:1a:3d:f5:e8:9a:49:82:73:e4:01:9e:2a:4f:b8:29: 0b:24:bc:6d:da:f7:f6:6a:9f:b8:a6:fa:ab:92:61:79:b8:cb: 5a:92:f2:11:2f:21:b0:7a:0c:52:b3:03:9f:09:99:95:91:f7: 3c:ff:69:5b:71:6b:25:b1:d4:fa:24:11:7a:f6:35:a6:4e:05: 6a:53:00:cd:09:c1:76:ff:02:27:3a:51:f2:77:0c:f3:6e:75: be:27:a8:63:db:fd:75:14:20:ee:50:1c:fa:18:73:40:7e:79: 69:d0:47:48:c0:29:56:54:66:88:ab:d8:07:eb:1b:fa:3c:ff: 27:64:7b:6b:24:e7:5c:d3:6d:c9:00:c2:05:cb:3c:d6:c6:e4: 8a:60:c0:ea:0e:bf:d0:9b:4f:bd:5e:1c:4c:14:0b:69:3d:e7: c1:ec:cb:e5:3c:d1:ba:52:6d:99:24:c6:ae:7d:f0:ad:68:a7: f9:7c:f4:5c -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUDZ83LxPiK/tC1gOb+h4PkHGO5aYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTNFMUE5OThGNzdEN0MxRkYyOTU1QzBCNjg4RkVCRkUw RjgxOTZFQjAeFw0yNjA0MDUxNzE3MzVaFw0yNzA0MDQxNzIyMzVaMDMxMTAvBgNV BAMTKDBCM0VDODFGRUVBOEZFRDUwMkI0NDA4QTE5RjYzNkIyNTQ1NTM0RDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv946VxMn/QMS7Fa7GNzVZ4NTr b/wuO6NkwUvRyZfJRUrJRTp/buS2DJuXIV7vLN3KjelEbJPGhlVm5z59hUIzrUk9 pv2zZ2uZ5aah1MHxhDo85o+Lxu6hq0GJkq22nRc06feoHePUyqFDi+un57dbl1pB tnjaFkTAroIWsIWphz+QlRq//ve5/Oy4Xis3Qp9q1QgpUGMCpSOXFowFqy9aWibv laBthc+JUGDfnGQ5rm4rbH8A+G+/pWooMj/Gupx5chNybVX12wdIvSulnNN2dei1 JJUoHYUc3xf4iYSLj4PB8ZoimevFYKbMoN7J798tZ0ybWlAoE70ptkCmr2g3AgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUCz7IH+6o/tUCtECKGfY2slRVNNgwHwYDVR0j BBgwFoAUE+GpmPd9fB/ylVwLaI/r/g+BluswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDE1NzY0N2MtOTFkNi00YTA0LThhOTEtZDE1Mzg1ZDFm YWIyLzEvMTNFMUE5OThGNzdEN0MxRkYyOTU1QzBCNjg4RkVCRkUwRjgxOTZFQi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8xM0UxQTk5OEY3N0Q3QzFGRjI5NTVDMEI2 ODhGRUJGRTBGODE5NkVCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8wMTU3NjQ3Yy05MWQ2LTRhMDQtOGE5MS1kMTUzODVkMWZhYjIvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkz OTMzMzEzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYANMA0GCSqGSIb3DQEBCwUAA4IBAQBC9emy p3TjrlDM07Wtor/ckJIWK8QaqiMXjLV7NRytpG2yphxopX2t+2ekWcBtnsrrZpRa m9LHVl1lvTSd8QhLsrA3xa+g77v1lqEaPfXomkmCc+QBnipPuCkLJLxt2vf2ap+4 pvqrkmF5uMtakvIRLyGwegxSswOfCZmVkfc8/2lbcWslsdT6JBF69jWmTgVqUwDN CcF2/wInOlHydwzzbnW+J6hj2/11FCDuUBz6GHNAfnlp0EdIwClWVGaIq9gH6xv6 PP8nZHtrJOdc023JAMIFyzzWxuSKYMDqDr/Qm0+9XhxMFAtpPefB7MvlPNG6Um2Z JMauffCtaKf5fPRc -----END CERTIFICATE-----Generated at Fri Apr 17 19:09:18 2026 by rpki-client