$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663335303a3a2f34342d3438203d3e20323133343238.roa File: 326131343a373538303a663335303a3a2f34342d3438203d3e20323133343238.roa (raw, json) Hash identifier: IZJTZmO8rUTih/3A3IKzAJhe0XALK2yn1EcqhSl5uIs= Subject key identifier: D1:45:C6:6F:C6:5C:7A:49:BF:2A:1F:5F:F0:8F:4F:04:67:00:17:00 Certificate issuer: /CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Certificate serial: 6842FCB9E4A956CF42AC5001718FEE9FC99D5415 Authority key identifier: F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663335303a3a2f34342d3438203d3e20323133343238.roa Signing time: Tue 03 Feb 2026 10:31:48 +0000 ROA not before: Tue 03 Feb 2026 10:26:48 +0000 ROA not after: Tue 02 Feb 2027 10:31:48 +0000 asID: 213428 IP address blocks: 2a14:7580:f350::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 21:59:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:42:fc:b9:e4:a9:56:cf:42:ac:50:01:71:8f:ee:9f:c9:9d:54:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Validity Not Before: Feb 3 10:26:48 2026 GMT Not After : Feb 2 10:31:48 2027 GMT Subject: CN=D145C66FC65C7A49BF2A1F5FF08F4F0467001700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:01:14:84:e8:ff:81:c8:24:71:2e:cf:a5:ce: 19:59:1e:9c:fa:f4:ba:2d:f0:41:49:61:20:ee:8f: c9:4c:ad:21:23:03:f7:be:8c:07:9f:22:41:b1:25: 7f:7d:c1:09:02:06:f8:c9:fa:d7:b7:80:b9:67:e5: 67:1d:13:81:95:03:9a:69:4b:90:e1:8b:3a:96:7a: 2d:e8:4c:b4:ad:0a:c4:05:cc:0d:4c:a6:15:6a:6f: 2b:e1:23:10:5c:52:4e:c4:a1:1a:17:3d:15:a7:84: b7:8f:d1:71:c5:ab:39:dc:b5:05:56:ab:db:c0:b2: a3:d8:28:ea:ba:32:d3:5c:12:91:1f:3a:76:28:15: e6:58:f9:d6:14:a2:20:87:5d:81:cf:46:67:95:c5: b1:31:43:54:85:c9:54:2b:14:8d:1c:0d:52:6c:e6: 62:26:86:d5:80:3e:92:55:b3:82:04:4f:f3:15:5e: 8f:f6:25:0e:69:8f:19:ec:e7:67:fb:5d:81:25:3b: dc:cc:0d:30:b9:57:33:77:ac:1d:bc:87:2d:9a:09: c5:37:87:2a:68:f3:74:b0:53:50:49:ff:c3:ab:83: 32:93:ef:29:09:c9:f9:86:82:06:3f:97:48:e4:87: 91:eb:81:e2:c3:37:5b:15:8b:37:e8:9b:14:f8:a1: ee:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:45:C6:6F:C6:5C:7A:49:BF:2A:1F:5F:F0:8F:4F:04:67:00:17:00 X509v3 Authority Key Identifier: keyid:F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663335303a3a2f34342d3438203d3e20323133343238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:f350::/44 Signature Algorithm: sha256WithRSAEncryption 5b:61:9d:7d:a3:d5:21:52:ee:1e:1c:eb:49:5d:91:e2:d8:d1: 7d:fa:d9:8d:78:99:d4:ce:73:42:17:be:89:1a:e5:bc:01:34: 7c:4e:93:fb:da:ce:92:c9:ae:93:1f:ea:81:10:27:ed:58:04: 2a:d7:50:42:39:fb:46:52:aa:9b:3b:05:79:b6:01:f8:a2:59: 88:ea:c4:94:65:ab:5e:78:fd:7b:a6:bb:ac:08:5d:46:64:3f: b6:f0:81:b8:77:01:48:b2:18:35:b2:17:ca:e5:b2:1e:5d:27: bf:cf:b4:9d:d2:72:f2:60:01:35:20:07:62:6d:fe:fe:98:65: 52:6b:87:9e:de:c6:de:c0:0d:de:a5:56:6e:0e:f7:a3:ff:57: 7d:7d:7f:3b:fb:6c:a8:21:5c:19:03:45:09:9d:86:32:39:75: 76:86:70:32:b4:60:76:02:8b:e4:32:0e:3a:f6:6d:b1:e6:5d: 5d:ee:3e:88:12:11:f1:b5:78:fa:05:60:ce:54:a1:95:94:49: 35:96:53:7d:64:7f:a5:9a:52:7e:d6:0f:c6:95:e5:6b:27:89: 1e:ff:87:7a:bb:a6:ed:e8:e2:03:47:55:1e:3f:52:e7:d5:b6: 46:b1:e1:5e:01:8a:50:ec:b8:0a:0f:13:e1:01:2e:7f:ab:83: c3:d5:bf:cb -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUaEL8ueSpVs9CrFABcY/un8mdVBUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENG OTM5RjRGNDAeFw0yNjAyMDMxMDI2NDhaFw0yNzAyMDIxMDMxNDhaMDMxMTAvBgNV BAMTKEQxNDVDNjZGQzY1QzdBNDlCRjJBMUY1RkYwOEY0RjA0NjcwMDE3MDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXARSE6P+ByCRxLs+lzhlZHpz6 9Lot8EFJYSDuj8lMrSEjA/e+jAefIkGxJX99wQkCBvjJ+te3gLln5WcdE4GVA5pp S5DhizqWei3oTLStCsQFzA1MphVqbyvhIxBcUk7EoRoXPRWnhLeP0XHFqznctQVW q9vAsqPYKOq6MtNcEpEfOnYoFeZY+dYUoiCHXYHPRmeVxbExQ1SFyVQrFI0cDVJs 5mImhtWAPpJVs4IET/MVXo/2JQ5pjxns52f7XYElO9zMDTC5VzN3rB28hy2aCcU3 hypo83SwU1BJ/8OrgzKT7ykJyfmGggY/l0jkh5HrgeLDN1sVizfomxT4oe7fAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU0UXGb8Zcekm/Kh9f8I9PBGcAFwAwHwYDVR0j BBgwFoAU9ABy/9wPGxWmnlvHmi9YjPk59PQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTlhYTlkYTctZjFlNC00ZDk4LWJmOTUtOWZkZmNmNDQ4 Zjc3LzAvRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENGOTM5RjRGNC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNDAwNzJGRkRDMEYxQjE1QTY5RTVCQzc5 QTJGNTg4Q0Y5MzlGNEY0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8xOWFhOWRhNy1mMWU0LTRkOTgtYmY5NS05ZmRmY2Y0NDhmNzcvMC8zMjYxMzEz NDNhMzczNTM4MzAzYTY2MzMzNTMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MTMzMzQzMjM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gPNQMA0GCSqGSIb3DQEBCwUAA4IBAQBb YZ19o9UhUu4eHOtJXZHi2NF9+tmNeJnUznNCF76JGuW8ATR8TpP72s6Sya6TH+qB ECftWAQq11BCOftGUqqbOwV5tgH4olmI6sSUZateeP17prusCF1GZD+28IG4dwFI shg1shfK5bIeXSe/z7Sd0nLyYAE1IAdibf7+mGVSa4ee3sbewA3epVZuDvej/1d9 fX87+2yoIVwZA0UJnYYyOXV2hnAytGB2AovkMg469m2x5l1d7j6IEhHxtXj6BWDO VKGVlEk1llN9ZH+lmlJ+1g/GleVrJ4ke/4d6u6bt6OIDR1UeP1Ln1bZGseFeAYpQ 7LgKDxPhAS5/q4PD1b/L -----END CERTIFICATE-----Generated at Mon Mar 2 11:42:18 2026 by rpki-client