$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6466303a3a2f34382d3438203d3e20323133373239.roa File: 326131343a373538303a6466303a3a2f34382d3438203d3e20323133373239.roa (raw, json) Hash identifier: OqGaVqVCLNSInBlm8X6eu0kCi8tEf6Tx9W+YlK/qfuw= Subject key identifier: 2C:34:1E:E8:3F:AF:FD:CE:55:23:2F:3A:D1:E9:C6:72:E1:31:B9:1C Certificate issuer: /CN=13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB Certificate serial: 179BD71DFA3AB294FDF250E9C3472A5DBEC94221 Authority key identifier: 13:E1:A9:98:F7:7D:7C:1F:F2:95:5C:0B:68:8F:EB:FE:0F:81:96:EB Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6466303a3a2f34382d3438203d3e20323133373239.roa Signing time: Sun 05 Apr 2026 17:22:35 +0000 ROA not before: Sun 05 Apr 2026 17:17:35 +0000 ROA not after: Sun 04 Apr 2027 17:22:35 +0000 asID: 213729 IP address blocks: 2a14:7580:df0::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.crl rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 16:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:9b:d7:1d:fa:3a:b2:94:fd:f2:50:e9:c3:47:2a:5d:be:c9:42:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB Validity Not Before: Apr 5 17:17:35 2026 GMT Not After : Apr 4 17:22:35 2027 GMT Subject: CN=2C341EE83FAFFDCE55232F3AD1E9C672E131B91C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:9b:e6:c9:4d:87:06:41:e9:07:09:f1:5f:af: 05:02:59:f8:31:b0:5c:e0:e2:65:4f:54:30:32:22: 44:f9:9a:3a:dd:44:22:01:cd:cd:2c:45:d8:75:97: 35:75:e1:fb:88:5f:b1:91:6f:7e:ee:b2:2c:ae:4e: c0:f2:f5:09:61:1e:a1:fc:5f:4f:60:30:29:de:4b: cc:3f:ad:26:e6:cd:bc:c0:42:07:1c:f9:d7:c1:64: 1c:60:5b:62:92:70:54:02:28:cc:fc:fe:19:7c:28: 73:93:07:1f:82:d4:be:0a:9d:43:91:39:d5:1d:4e: fe:fd:2a:60:e2:b9:8c:90:7e:c7:cc:9f:5d:71:b8: 77:8a:83:6f:c7:13:a5:c5:64:b0:cb:98:24:07:58: ee:71:44:ee:a6:09:ff:5c:68:c7:5a:28:46:28:f9: 51:5a:02:97:d8:30:b7:e9:7b:f1:0c:be:aa:03:95: 13:87:aa:22:23:dc:1c:e1:b5:75:38:fe:fc:e5:9f: 00:95:b8:26:58:f9:a5:cc:60:d8:18:82:7d:df:9c: 1c:d7:1c:ce:a5:c1:3a:63:8a:e6:dc:97:fc:eb:bf: f3:24:e0:a2:e2:32:34:74:f2:8a:0f:d6:cf:89:f3: 77:c3:ae:ee:aa:26:d8:33:f3:60:6a:77:90:75:86: 52:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:34:1E:E8:3F:AF:FD:CE:55:23:2F:3A:D1:E9:C6:72:E1:31:B9:1C X509v3 Authority Key Identifier: keyid:13:E1:A9:98:F7:7D:7C:1F:F2:95:5C:0B:68:8F:EB:FE:0F:81:96:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6466303a3a2f34382d3438203d3e20323133373239.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:df0::/48 Signature Algorithm: sha256WithRSAEncryption 3f:15:f9:c8:1c:1b:43:66:41:cf:5f:0f:b1:0e:d2:b1:55:4d: 2d:f2:66:8b:a3:01:8a:10:d5:67:6f:61:0a:3c:ce:fd:d2:f0: 17:b5:93:98:9c:f5:88:fd:eb:3f:58:75:f8:31:1d:d0:36:83: 7b:9e:20:98:6b:ab:4a:e6:d7:3a:14:ed:98:4c:6f:18:d5:eb: 52:25:a5:99:d8:d2:36:cd:ac:43:3f:d1:33:ff:74:6f:0d:90: 32:70:4d:87:1d:07:a8:79:f0:77:fb:50:55:e6:b7:7b:34:d5: 6b:f5:f3:33:8b:a3:5d:11:f8:ae:1f:71:fb:a7:04:59:e4:c8: 5a:04:39:0c:a3:94:68:07:57:20:a3:b2:d1:b8:90:de:cb:16: ad:f1:c2:d3:d9:c4:86:35:b8:46:dd:de:6b:ae:17:f5:18:7d: b0:f1:7b:5b:52:84:ab:b9:b1:18:19:34:fa:27:96:f5:23:8d: a1:f9:77:4b:dd:ad:08:26:24:3d:21:d0:6c:5c:32:18:45:9f: c3:b9:dd:cb:b8:c5:d7:c8:05:bf:31:b9:08:87:12:ed:82:5a: e9:47:7d:78:29:3b:4b:a6:0f:ef:1e:78:5c:14:7d:1b:94:a7: c3:41:cd:de:86:16:cc:be:4d:3f:82:22:13:20:37:8e:87:32: c3:70:2e:61 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUF5vXHfo6spT98lDpw0cqXb7JQiEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTNFMUE5OThGNzdEN0MxRkYyOTU1QzBCNjg4RkVCRkUw RjgxOTZFQjAeFw0yNjA0MDUxNzE3MzVaFw0yNzA0MDQxNzIyMzVaMDMxMTAvBgNV BAMTKDJDMzQxRUU4M0ZBRkZEQ0U1NTIzMkYzQUQxRTlDNjcyRTEzMUI5MUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYm+bJTYcGQekHCfFfrwUCWfgx sFzg4mVPVDAyIkT5mjrdRCIBzc0sRdh1lzV14fuIX7GRb37usiyuTsDy9QlhHqH8 X09gMCneS8w/rSbmzbzAQgcc+dfBZBxgW2KScFQCKMz8/hl8KHOTBx+C1L4KnUOR OdUdTv79KmDiuYyQfsfMn11xuHeKg2/HE6XFZLDLmCQHWO5xRO6mCf9caMdaKEYo +VFaApfYMLfpe/EMvqoDlROHqiIj3BzhtXU4/vzlnwCVuCZY+aXMYNgYgn3fnBzX HM6lwTpjiubcl/zrv/Mk4KLiMjR08ooP1s+J83fDru6qJtgz82Bqd5B1hlL5AgMB AAGjggKDMIICfzAdBgNVHQ4EFgQULDQe6D+v/c5VIy860enGcuExuRwwHwYDVR0j BBgwFoAUE+GpmPd9fB/ylVwLaI/r/g+BluswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDE1NzY0N2MtOTFkNi00YTA0LThhOTEtZDE1Mzg1ZDFm YWIyLzEvMTNFMUE5OThGNzdEN0MxRkYyOTU1QzBCNjg4RkVCRkUwRjgxOTZFQi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8xM0UxQTk5OEY3N0Q3QzFGRjI5NTVDMEI2 ODhGRUJGRTBGODE5NkVCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8wMTU3NjQ3Yy05MWQ2LTRhMDQtOGE5MS1kMTUzODVkMWZhYjIvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY0NjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz MzM3MzIzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoUdYAN8DANBgkqhkiG9w0BAQsFAAOCAQEAPxX5 yBwbQ2ZBz18PsQ7SsVVNLfJmi6MBihDVZ29hCjzO/dLwF7WTmJz1iP3rP1h1+DEd 0DaDe54gmGurSubXOhTtmExvGNXrUiWlmdjSNs2sQz/RM/90bw2QMnBNhx0HqHnw d/tQVea3ezTVa/XzM4ujXRH4rh9x+6cEWeTIWgQ5DKOUaAdXIKOy0biQ3ssWrfHC 09nEhjW4Rt3ea64X9Rh9sPF7W1KEq7mxGBk0+ieW9SONofl3S92tCCYkPSHQbFwy GEWfw7ndy7jF18gFvzG5CIcS7YJa6Ud9eCk7S6YP7x54XBR9G5Snw0HN3oYWzL5N P4IiEyA3jocyw3AuYQ== -----END CERTIFICATE-----Generated at Fri Apr 17 21:49:12 2026 by rpki-client