$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538343a323030303a3a2f34342d3438203d3e20323134343531.roa File: 326131343a373538343a323030303a3a2f34342d3438203d3e20323134343531.roa (raw, json) Hash identifier: TvKEkNYj4nNFZRmfcRKXhCgzG3ePxJK2Myah2LEVKqU= Subject key identifier: 21:7E:64:00:F8:76:45:33:24:11:64:BD:69:8B:15:40:59:61:76:42 Certificate issuer: /CN=41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B Certificate serial: 0A69E3D66BE570902C779060D93FAB1201FF20DC Authority key identifier: 41:C6:B5:56:7A:DB:76:46:22:2A:1B:9F:1A:A7:03:8F:0C:2D:4B:4B Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538343a323030303a3a2f34342d3438203d3e20323134343531.roa Signing time: Sat 17 May 2025 19:45:12 +0000 ROA not before: Sat 17 May 2025 19:40:12 +0000 ROA not after: Sat 16 May 2026 19:45:12 +0000 asID: 214451 IP address blocks: 2a14:7584:2000::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.crl rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 16 Jun 2025 11:22:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:69:e3:d6:6b:e5:70:90:2c:77:90:60:d9:3f:ab:12:01:ff:20:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B Validity Not Before: May 17 19:40:12 2025 GMT Not After : May 16 19:45:12 2026 GMT Subject: CN=217E6400F8764533241164BD698B154059617642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:4f:83:e6:62:4a:60:02:04:b3:56:17:9d:70: 9f:32:df:4d:d2:bd:bf:c4:d3:17:7b:0a:3d:25:bb: 3d:f8:47:05:71:ac:50:d2:2c:70:64:8e:19:5c:53: fe:70:05:29:e0:d2:83:e6:83:62:c5:cf:6b:99:4d: 48:07:41:a3:b6:ee:7a:cd:eb:2f:88:e0:69:f1:fa: 8b:07:41:4b:4f:66:1a:0d:84:b7:9e:08:b6:99:9d: 21:51:31:d9:a9:4d:72:43:79:44:ff:19:12:0c:59: 64:24:dd:db:4c:52:6f:5c:4a:8f:d1:1c:8e:ab:ca: c4:55:c8:3d:cf:be:db:98:4a:37:b2:16:49:78:c4: 4b:19:ed:fb:9b:c1:fd:f4:f2:64:40:b6:7c:b1:26: 77:d9:77:bb:9f:8a:13:f5:b4:7e:18:81:94:50:17: 8c:a8:37:5b:4b:cb:93:f4:6d:dc:fd:5d:ad:e0:40: ed:2a:af:86:24:e5:de:bd:b5:1f:aa:01:3e:25:1e: a0:db:84:8c:38:f9:26:9a:fe:4a:c6:28:b3:c5:11: 96:4e:f8:35:e3:1f:c5:ea:0f:62:0c:14:62:5e:28: f3:04:3d:4c:db:87:9b:e0:b7:6b:d2:8c:7c:f0:a9: 24:3b:de:c5:33:b4:20:12:86:41:06:96:9d:a4:30: 1e:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:7E:64:00:F8:76:45:33:24:11:64:BD:69:8B:15:40:59:61:76:42 X509v3 Authority Key Identifier: keyid:41:C6:B5:56:7A:DB:76:46:22:2A:1B:9F:1A:A7:03:8F:0C:2D:4B:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538343a323030303a3a2f34342d3438203d3e20323134343531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:2000::/44 Signature Algorithm: sha256WithRSAEncryption 1b:93:dd:2a:a2:fb:c2:ea:ea:5f:b9:77:8b:08:05:f2:4e:eb: 75:e3:63:27:e4:ac:a0:1d:eb:7f:31:07:cd:75:13:c9:bd:00: 77:3a:a5:39:0e:f7:29:24:57:53:12:9e:ee:f9:2e:d6:49:13: 1d:ff:9d:b5:e5:cd:d4:61:bd:eb:87:b3:08:2a:6d:a8:5e:ba: 2d:c9:84:94:b1:7b:1e:15:bb:fa:af:14:b9:7c:69:87:24:3b: 9d:8f:97:9b:64:b7:93:b5:70:be:ba:1a:85:bc:6f:7c:f4:93: 80:41:6b:70:44:f0:63:8f:c9:40:e6:34:0b:a9:f6:f9:77:8b: de:c8:7a:cb:e0:9c:a3:be:7c:03:41:50:23:24:d4:d7:f3:c1: 2c:be:ec:9d:46:da:80:0c:7d:95:d4:44:59:20:81:ac:a7:78: fd:8a:3b:0f:56:cf:c3:d2:69:e6:be:fb:8c:4a:3b:cd:e6:4b: 60:97:ac:a4:ed:6a:71:3f:be:a7:b3:8e:70:a9:2d:fe:7c:4c: 2c:52:3e:6e:26:a9:07:6b:23:5e:e5:94:4e:8d:bb:8a:84:82: 6b:1f:8c:42:8c:be:af:97:f8:62:2a:f2:4d:41:e0:1f:1a:75: 05:4c:72:82:9e:4d:2e:4f:5c:21:7a:5e:37:7e:da:60:2f:c6: cb:c0:c4:69 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUCmnj1mvlcJAsd5Bg2T+rEgH/INwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFDNkI1NTY3QURCNzY0NjIyMkExQjlGMUFBNzAzOEYw QzJENEI0QjAeFw0yNTA1MTcxOTQwMTJaFw0yNjA1MTYxOTQ1MTJaMDMxMTAvBgNV BAMTKDIxN0U2NDAwRjg3NjQ1MzMyNDExNjRCRDY5OEIxNTQwNTk2MTc2NDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpT4PmYkpgAgSzVhedcJ8y303S vb/E0xd7Cj0luz34RwVxrFDSLHBkjhlcU/5wBSng0oPmg2LFz2uZTUgHQaO27nrN 6y+I4Gnx+osHQUtPZhoNhLeeCLaZnSFRMdmpTXJDeUT/GRIMWWQk3dtMUm9cSo/R HI6rysRVyD3PvtuYSjeyFkl4xEsZ7fubwf308mRAtnyxJnfZd7ufihP1tH4YgZRQ F4yoN1tLy5P0bdz9Xa3gQO0qr4Yk5d69tR+qAT4lHqDbhIw4+Saa/krGKLPFEZZO +DXjH8XqD2IMFGJeKPMEPUzbh5vgt2vSjHzwqSQ73sUztCAShkEGlp2kMB5rAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUIX5kAPh2RTMkEWS9aYsVQFlhdkIwHwYDVR0j BBgwFoAUQca1VnrbdkYiKhufGqcDjwwtS0swDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjJjZjhiYTctY2IwMi00MThiLWJlMDQtNGQ5ZjNhMDdl OTUwLzEvNDFDNkI1NTY3QURCNzY0NjIyMkExQjlGMUFBNzAzOEYwQzJENEI0Qi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC80MUM2QjU1NjdBREI3NjQ2MjIyQTFCOUYx QUE3MDM4RjBDMkQ0QjRCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yMmNmOGJhNy1jYjAyLTQxOGItYmUwNC00ZDlmM2EwN2U5NTAvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTMyMzAzMDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MTM0MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1hCAAMA0GCSqGSIb3DQEBCwUAA4IBAQAb k90qovvC6upfuXeLCAXyTut142Mn5KygHet/MQfNdRPJvQB3OqU5DvcpJFdTEp7u +S7WSRMd/5215c3UYb3rh7MIKm2oXrotyYSUsXseFbv6rxS5fGmHJDudj5ebZLeT tXC+uhqFvG989JOAQWtwRPBjj8lA5jQLqfb5d4veyHrL4JyjvnwDQVAjJNTX88Es vuydRtqADH2V1ERZIIGsp3j9ijsPVs/D0mnmvvuMSjvN5ktgl6yk7WpxP76ns45w qS3+fEwsUj5uJqkHayNe5ZROjbuKhIJrH4xCjL6vl/hiKvJNQeAfGnUFTHKCnk0u T1whel43ftpgL8bLwMRp -----END CERTIFICATE-----Generated at Sun Jun 15 19:06:19 2025 by rpki-client