$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/326131343a373538343a333030313a3a2f34382d3438203d3e20313532333638.roa File: 326131343a373538343a333030313a3a2f34382d3438203d3e20313532333638.roa (raw, json) Hash identifier: RycjpThYIZhrgAMUdYbKLisjcTcczyRyV0B6ob/yXcs= Subject key identifier: A6:90:C9:2A:D6:61:95:A8:10:7F:CB:06:BA:C0:CC:B6:DE:93:18:54 Certificate issuer: /CN=946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C Certificate serial: 6604C5C657B7793F73C4BDB0E99720B79C673F51 Authority key identifier: 94:6D:E1:5D:34:BE:AE:24:E2:9E:A1:6A:3F:E1:E6:59:1B:27:AD:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/326131343a373538343a333030313a3a2f34382d3438203d3e20313532333638.roa Signing time: Sun 20 Apr 2025 03:15:28 +0000 ROA not before: Sun 20 Apr 2025 03:10:28 +0000 ROA not after: Sun 19 Apr 2026 03:15:28 +0000 asID: 152368 IP address blocks: 2a14:7584:3001::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.crl rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 28 Apr 2025 22:16:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:04:c5:c6:57:b7:79:3f:73:c4:bd:b0:e9:97:20:b7:9c:67:3f:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C Validity Not Before: Apr 20 03:10:28 2025 GMT Not After : Apr 19 03:15:28 2026 GMT Subject: CN=A690C92AD66195A8107FCB06BAC0CCB6DE931854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:8d:d9:9f:01:ca:23:fc:13:c1:04:83:88:ac: c1:93:dd:04:66:d9:45:30:53:4d:9d:c4:ed:95:85: 19:1f:ac:f0:a4:d5:ad:90:b6:82:21:27:56:5f:a2: 15:09:57:0b:7e:a7:e7:4b:ac:b9:1d:a4:3d:f6:a0: aa:b7:2e:8b:84:9b:d5:0a:cf:54:2b:93:06:00:ce: fe:7f:6d:0e:a2:ac:bf:60:80:49:ea:89:cd:75:59: 39:c7:97:61:9d:0b:5a:fd:2a:0e:15:0d:f7:28:68: 0e:ba:e9:4c:a4:4a:21:b7:61:92:9d:50:70:1f:34: f0:46:42:7f:92:80:cd:93:59:a3:33:64:f3:3b:53: 70:9d:f0:83:18:fd:e5:96:2b:3c:82:e5:6f:ce:dc: 6b:82:40:a4:78:59:1c:3d:a3:59:c9:ce:f6:38:8f: 12:d6:7b:1e:0a:ae:4e:36:e9:c1:b0:d2:11:f6:cd: 7d:a0:a0:95:a9:66:fe:c8:fc:12:2c:72:d4:e5:1f: a6:2c:22:d5:ca:ea:32:79:53:07:d2:ec:b3:20:43: 73:97:c0:78:fc:2b:2c:f6:d5:7d:24:25:69:f2:a1: dd:e1:d2:b7:74:6f:59:0b:72:80:47:e1:2b:52:9b: b8:20:6f:bb:68:b3:1c:28:cd:28:fe:cc:4e:4e:d9: cf:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:90:C9:2A:D6:61:95:A8:10:7F:CB:06:BA:C0:CC:B6:DE:93:18:54 X509v3 Authority Key Identifier: keyid:94:6D:E1:5D:34:BE:AE:24:E2:9E:A1:6A:3F:E1:E6:59:1B:27:AD:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/326131343a373538343a333030313a3a2f34382d3438203d3e20313532333638.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:3001::/48 Signature Algorithm: sha256WithRSAEncryption 1a:b1:34:05:22:b3:97:16:68:d0:80:20:16:9b:b7:82:d1:6e: e4:fa:96:ee:fb:58:d6:e6:19:9c:65:47:42:2f:52:22:56:48: a0:04:6e:d4:53:b2:02:6e:2d:12:0c:39:64:0c:4d:40:74:f2: f5:3e:bd:df:63:6d:77:13:8c:fb:b7:b8:84:0a:fa:e9:76:e5: a8:89:f1:5a:5f:06:45:2b:d6:04:31:07:f9:55:51:e9:7d:a9: 4a:4d:f1:d6:20:ab:8a:3b:8c:17:e4:d4:17:3a:00:6e:bb:7c: 6d:4d:c6:6d:7d:f5:1b:ca:7c:04:26:80:7e:90:ac:32:5f:ce: 3d:18:54:d2:e3:e0:4f:ad:2d:03:c0:06:d8:7e:d2:c7:f8:df: 76:19:15:57:ee:59:75:4a:5a:c7:00:76:40:a1:a1:46:6b:a4: 69:e2:29:5b:54:9f:5d:4d:df:c0:7a:76:95:6f:d2:5f:99:66: 62:8c:45:21:02:bc:8d:c4:55:2c:eb:b0:72:5f:4a:53:83:7f: 28:a9:05:37:57:f1:a5:9a:30:db:55:9d:16:1f:98:2f:7f:e1: 02:b1:f6:a7:b1:46:2e:30:e5:f2:ad:50:d7:8b:5b:bb:6b:6a: 88:ec:20:7a:5e:86:5c:62:b5:ad:27:6c:04:3b:2b:80:28:c4: a8:0d:b8:76 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUZgTFxle3eT9zxL2w6Zcgt5xnP1EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTQ2REUxNUQzNEJFQUUyNEUyOUVBMTZBM0ZFMUU2NTkx QjI3QUQ5QzAeFw0yNTA0MjAwMzEwMjhaFw0yNjA0MTkwMzE1MjhaMDMxMTAvBgNV BAMTKEE2OTBDOTJBRDY2MTk1QTgxMDdGQ0IwNkJBQzBDQ0I2REU5MzE4NTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnjdmfAcoj/BPBBIOIrMGT3QRm 2UUwU02dxO2VhRkfrPCk1a2QtoIhJ1ZfohUJVwt+p+dLrLkdpD32oKq3LouEm9UK z1QrkwYAzv5/bQ6irL9ggEnqic11WTnHl2GdC1r9Kg4VDfcoaA666UykSiG3YZKd UHAfNPBGQn+SgM2TWaMzZPM7U3Cd8IMY/eWWKzyC5W/O3GuCQKR4WRw9o1nJzvY4 jxLWex4Krk426cGw0hH2zX2goJWpZv7I/BIsctTlH6YsItXK6jJ5UwfS7LMgQ3OX wHj8Kyz21X0kJWnyod3h0rd0b1kLcoBH4StSm7ggb7tosxwozSj+zE5O2c87AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUppDJKtZhlagQf8sGusDMtt6TGFQwHwYDVR0j BBgwFoAUlG3hXTS+riTinqFqP+HmWRsnrZwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMWJkMzA2YjQtZTVjMy00OGY5LWIyZWUtMzZhOWJkZGVk OGM0LzcvOTQ2REUxNUQzNEJFQUUyNEUyOUVBMTZBM0ZFMUU2NTkxQjI3QUQ5Qy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85NDZERTE1RDM0QkVBRTI0RTI5RUExNkEz RkUxRTY1OTFCMjdBRDlDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8xYmQzMDZiNC1lNWMzLTQ4ZjktYjJlZS0zNmE5YmRkZWQ4YzQvNy8zMjYxMzEz NDNhMzczNTM4MzQzYTMzMzAzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz NTMyMzMzNjM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1hDABMA0GCSqGSIb3DQEBCwUAA4IBAQAa sTQFIrOXFmjQgCAWm7eC0W7k+pbu+1jW5hmcZUdCL1IiVkigBG7UU7ICbi0SDDlk DE1AdPL1Pr3fY213E4z7t7iECvrpduWoifFaXwZFK9YEMQf5VVHpfalKTfHWIKuK O4wX5NQXOgBuu3xtTcZtffUbynwEJoB+kKwyX849GFTS4+BPrS0DwAbYftLH+N92 GRVX7ll1SlrHAHZAoaFGa6Rp4ilbVJ9dTd/AenaVb9JfmWZijEUhAryNxFUs67By X0pTg38oqQU3V/GlmjDbVZ0WH5gvf+ECsfansUYuMOXyrVDXi1u7a2qI7CB6XoZc YrWtJ2wEOyuAKMSoDbh2 -----END CERTIFICATE-----Generated at Mon Apr 28 07:51:15 2025 by rpki-client