$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa File: 326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa (raw, json) Hash identifier: 1mjQTK2lJL4tc+S8VU0tMRSWqd4uZzYSjOZ3wTPofAQ= Subject key identifier: AA:68:9B:7B:08:52:07:C7:5D:ED:04:82:0A:D0:CA:98:B4:66:76:06 Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11 Certificate serial: 3B470EA839E1ABB1FC3B59379949D8698F83C978 Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa Signing time: Mon 24 Mar 2025 06:09:02 +0000 ROA not before: Mon 24 Mar 2025 06:04:02 +0000 ROA not after: Mon 23 Mar 2026 06:09:02 +0000 asID: 216324 IP address blocks: 2a14:7581:105::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 29 Apr 2025 11:46:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:47:0e:a8:39:e1:ab:b1:fc:3b:59:37:99:49:d8:69:8f:83:c9:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11 Validity Not Before: Mar 24 06:04:02 2025 GMT Not After : Mar 23 06:09:02 2026 GMT Subject: CN=AA689B7B085207C75DED04820AD0CA98B4667606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b0:61:67:56:74:e4:b4:46:bb:18:9d:5c:83: 21:2d:37:72:14:74:e0:cb:68:0d:3f:49:fc:db:13: c5:43:fa:c8:e7:09:a4:74:b7:25:28:75:77:54:cc: 3b:03:b3:ab:9e:50:7c:a7:c5:67:e2:4f:e4:5f:46: 5b:fb:16:e2:8f:23:f9:29:ac:d9:16:a4:09:7b:ea: 1a:db:d9:73:e5:e3:c7:f0:79:7c:48:a9:76:34:46: b0:ed:3f:51:f0:11:0b:bb:74:bf:a2:e7:c1:9c:bd: 17:c8:d8:b7:0a:bc:71:a9:a4:ec:e5:98:d1:fb:be: 35:bd:52:91:6c:a2:03:bc:98:1c:8d:0d:fa:0a:df: ef:89:fc:80:a3:b5:bc:37:93:39:4a:45:52:83:01: 8a:b7:d1:b5:40:5a:08:27:55:44:11:3a:c7:dd:12: b3:38:b3:f7:47:8e:7d:df:3a:7d:59:9d:2a:ce:5e: d1:e1:3a:2e:70:51:53:2e:2e:36:17:43:b8:87:a7: 43:3a:06:eb:e4:c4:0c:03:e3:c4:01:83:58:ba:58: b2:4d:5a:52:b7:ac:c1:6c:e3:f8:69:ab:df:f0:f7: ed:a8:63:e9:62:7e:75:25:81:77:1a:3b:b4:1b:33: e4:a5:d9:53:db:ee:fe:ad:4c:d6:20:f5:1a:6c:c9: fc:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:68:9B:7B:08:52:07:C7:5D:ED:04:82:0A:D0:CA:98:B4:66:76:06 X509v3 Authority Key Identifier: keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:105::/48 Signature Algorithm: sha256WithRSAEncryption 12:7e:38:94:a6:27:d3:6c:ab:e1:e0:54:f3:e3:82:4e:23:27: 9f:8d:2f:85:d9:9a:61:99:c6:35:d1:b1:a0:64:78:7a:83:fd: 45:0f:0f:41:1c:26:03:13:8a:17:6f:ff:4d:69:cd:0c:38:3d: 45:16:d8:aa:08:16:45:23:a0:a4:d9:31:0f:82:3a:44:ea:50: 6a:12:af:0d:28:f3:b0:ed:67:b8:6f:d6:e6:30:85:04:5f:20: 54:33:a6:f6:1c:49:b0:9d:ae:13:14:65:c9:fe:b3:a0:b1:f9: 58:ac:9d:e2:d0:2d:90:44:cf:3d:68:4a:c0:b5:f8:0d:a6:f1: 03:fc:50:d9:48:c1:1e:51:4f:b7:29:84:b7:a2:86:49:52:38: 90:33:09:51:42:aa:8b:74:e6:d9:74:03:5a:c9:3a:86:b5:36: 65:b9:3f:db:f1:2d:ca:62:6b:cd:80:9e:51:b9:e2:0a:5e:73: 31:d3:41:a9:22:cd:1d:b3:62:65:ea:90:29:8e:e3:1a:5c:c7: 96:08:c1:4d:75:eb:90:ca:53:f8:aa:1a:1c:62:92:5a:96:99: 02:bd:cf:ab:7e:c2:3d:a5:0b:4b:a8:b0:d1:ad:fd:18:71:ba: b7:bd:65:26:12:a8:37:0e:20:21:3b:0a:52:df:24:98:28:39: 0e:1b:f7:c6 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUO0cOqDnhq7H8O1k3mUnYaY+DyXgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF NzhFNkUxMTAeFw0yNTAzMjQwNjA0MDJaFw0yNjAzMjMwNjA5MDJaMDMxMTAvBgNV BAMTKEFBNjg5QjdCMDg1MjA3Qzc1REVEMDQ4MjBBRDBDQTk4QjQ2Njc2MDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWsGFnVnTktEa7GJ1cgyEtN3IU dODLaA0/SfzbE8VD+sjnCaR0tyUodXdUzDsDs6ueUHynxWfiT+RfRlv7FuKPI/kp rNkWpAl76hrb2XPl48fweXxIqXY0RrDtP1HwEQu7dL+i58GcvRfI2LcKvHGppOzl mNH7vjW9UpFsogO8mByNDfoK3++J/ICjtbw3kzlKRVKDAYq30bVAWggnVUQROsfd ErM4s/dHjn3fOn1ZnSrOXtHhOi5wUVMuLjYXQ7iHp0M6BuvkxAwD48QBg1i6WLJN WlK3rMFs4/hpq9/w9+2oY+lifnUlgXcaO7QbM+Sl2VPb7v6tTNYg9RpsyfzFAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUqmibewhSB8dd7QSCCtDKmLRmdgYwHwYDVR0j BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5 NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTMxMzAzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBBTANBgkqhkiG9w0BAQsFAAOCAQEAEn44 lKYn02yr4eBU8+OCTiMnn40vhdmaYZnGNdGxoGR4eoP9RQ8PQRwmAxOKF2//TWnN DDg9RRbYqggWRSOgpNkxD4I6ROpQahKvDSjzsO1nuG/W5jCFBF8gVDOm9hxJsJ2u ExRlyf6zoLH5WKyd4tAtkETPPWhKwLX4DabxA/xQ2UjBHlFPtymEt6KGSVI4kDMJ UUKqi3Tm2XQDWsk6hrU2Zbk/2/EtymJrzYCeUbniCl5zMdNBqSLNHbNiZeqQKY7j GlzHlgjBTXXrkMpT+KoaHGKSWpaZAr3Pq37CPaULS6iw0a39GHG6t71lJhKoNw4g ITsKUt8kmCg5Dhv3xg== -----END CERTIFICATE-----Generated at Mon Apr 28 23:28:45 2025 by rpki-client