$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203134363138.roa File: 326131343a316563303a3a2f33312d3438203d3e203134363138.roa (raw, json) Hash identifier: 0MGh72HtcBIx2dyROH4vCwTGrkjWjpybf+czr46U9xA= Subject key identifier: 21:5B:30:29:66:3D:BB:FA:58:DF:87:F6:41:C5:90:C8:D2:08:54:E6 Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Certificate serial: 0CFF2483FE10580215686BDAAB43286606DA8560 Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203134363138.roa Signing time: Fri 10 Apr 2026 16:34:57 +0000 ROA not before: Fri 10 Apr 2026 16:29:57 +0000 ROA not after: Fri 09 Apr 2027 16:34:57 +0000 asID: 14618 IP address blocks: 2a14:1ec0::/31 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 08:56:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:ff:24:83:fe:10:58:02:15:68:6b:da:ab:43:28:66:06:da:85:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Validity Not Before: Apr 10 16:29:57 2026 GMT Not After : Apr 9 16:34:57 2027 GMT Subject: CN=215B3029663DBBFA58DF87F641C590C8D20854E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ec:c1:09:24:10:ba:2b:1a:08:0b:c6:50:50: bc:0d:ca:02:25:30:2b:a8:72:49:b7:97:a0:6f:6f: ef:10:91:f9:45:b7:81:1d:aa:43:4f:05:ef:74:f4: e5:09:ef:31:b4:ef:0d:37:7d:1e:f8:04:6f:9f:9a: 8e:40:95:a7:1e:ee:12:e6:48:33:3f:59:ec:aa:39: 42:16:c1:d6:34:30:23:e5:63:63:61:d2:16:f9:3d: eb:4b:0b:f5:29:54:d5:a2:03:cc:bd:92:01:d8:a3: 11:20:41:65:e7:38:12:bf:a2:1a:91:0d:ad:0a:2c: c6:85:1c:88:71:b2:60:19:87:55:c8:36:21:72:2f: 73:8d:ba:20:d8:b9:40:93:18:59:d9:fa:95:62:80: af:97:98:ca:8d:69:7d:80:26:04:ba:fc:30:8b:85: 2d:a7:bc:4a:b6:ec:94:77:5b:00:2b:68:43:ce:99: 11:2b:e0:c1:a5:d2:92:25:62:ea:98:da:60:39:9a: fd:af:f8:73:42:d4:25:3a:c7:d8:dd:c7:07:5e:be: 65:2c:ae:69:57:2e:37:46:32:c0:e1:c5:44:5f:e8: ed:58:e1:e6:b3:89:a3:61:9c:d4:d9:9b:67:aa:df: 87:fe:6d:d7:9d:48:bc:54:81:99:e5:47:53:2e:55: fe:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:5B:30:29:66:3D:BB:FA:58:DF:87:F6:41:C5:90:C8:D2:08:54:E6 X509v3 Authority Key Identifier: keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203134363138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec0::/31 Signature Algorithm: sha256WithRSAEncryption 2d:86:f6:fd:23:ac:6b:b9:53:c2:78:be:44:34:85:6d:7e:86: 31:72:a4:e1:84:b5:03:68:ca:e9:ab:78:9c:3a:35:cb:18:ed: 69:9f:d1:8d:5c:ef:fc:a1:69:18:7c:91:7e:ce:dd:68:44:49: 86:1e:2d:fe:85:6d:83:1a:44:09:f0:a8:f3:e1:84:69:a6:ac: b0:fd:7c:61:35:b1:1b:55:e6:a7:45:09:2f:0b:c9:a2:6e:5c: 29:0d:4d:67:6e:dd:7b:3d:6b:d5:9a:2e:7a:0b:b7:eb:81:7a: f0:27:4c:a6:5f:48:33:cc:a3:f6:49:5d:b8:90:e4:46:48:3c: 63:13:4c:6a:1b:50:aa:01:4a:39:cf:ae:4a:a6:21:20:de:c4: 98:45:ef:c0:52:8f:01:7f:a6:92:3d:97:7e:49:ba:80:9a:8b: 6a:3f:ed:e4:a0:cc:55:0a:b8:c8:3c:17:0b:b8:3f:f3:7f:1f: c4:3e:ec:66:a2:53:b4:0c:c7:ff:26:dd:62:ed:8a:29:21:b1: 7d:02:b3:80:1a:94:02:0d:d9:20:6c:9b:d3:19:bc:00:00:79: a2:00:8d:a3:9a:9c:63:6c:61:56:04:bd:2d:23:8f:3a:8f:39: 00:81:94:1b:1f:4b:31:0e:3d:3c:4e:d4:da:82:30:b6:62:22: 46:14:54:91 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIUDP8kg/4QWAIVaGvaq0MoZgbahWAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG NEFCREVDNjAeFw0yNjA0MTAxNjI5NTdaFw0yNzA0MDkxNjM0NTdaMDMxMTAvBgNV BAMTKDIxNUIzMDI5NjYzREJCRkE1OERGODdGNjQxQzU5MEM4RDIwODU0RTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC17MEJJBC6KxoIC8ZQULwNygIl MCuockm3l6Bvb+8QkflFt4EdqkNPBe909OUJ7zG07w03fR74BG+fmo5Alace7hLm SDM/WeyqOUIWwdY0MCPlY2Nh0hb5PetLC/UpVNWiA8y9kgHYoxEgQWXnOBK/ohqR Da0KLMaFHIhxsmAZh1XINiFyL3ONuiDYuUCTGFnZ+pVigK+XmMqNaX2AJgS6/DCL hS2nvEq27JR3WwAraEPOmREr4MGl0pIlYuqY2mA5mv2v+HNC1CU6x9jdxwdevmUs rmlXLjdGMsDhxURf6O1Y4eaziaNhnNTZm2eq34f+bdedSLxUgZnlR1MuVf5dAgMB AAGjggJ3MIICczAdBgNVHQ4EFgQUIVswKWY9u/pY34f2QcWQyNIIVOYwHwYDVR0j BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD QkIzOTg3NkY0QUJERUM2LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUF BzALhoGLcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz NDNhMzE2NTYzMzAzYTNhMmYzMzMxMmQzNDM4MjAzZDNlMjAzMTM0MzYzMTM4LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUBKhQewDANBgkqhkiG9w0BAQsFAAOCAQEALYb2/SOsa7lTwni+RDSF bX6GMXKk4YS1A2jK6at4nDo1yxjtaZ/RjVzv/KFpGHyRfs7daERJhh4t/oVtgxpE CfCo8+GEaaassP18YTWxG1Xmp0UJLwvJom5cKQ1NZ27dez1r1Zouegu364F68CdM pl9IM8yj9klduJDkRkg8YxNMahtQqgFKOc+uSqYhIN7EmEXvwFKPAX+mkj2Xfkm6 gJqLaj/t5KDMVQq4yDwXC7g/838fxD7sZqJTtAzH/ybdYu2KKSGxfQKzgBqUAg3Z IGyb0xm8AAB5ogCNo5qcY2xhVgS9LSOPOo85AIGUGx9LMQ49PE7U2oIwtmIiRhRU kQ== -----END CERTIFICATE-----Generated at Fri Apr 17 18:39:10 2026 by rpki-client