$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa File: 326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa (raw, json) Hash identifier: LZc2AksEahD5rzoxMFxve6nJwmwqwYYZ+BLhaadaDDA= Subject key identifier: 9B:DD:B9:51:76:78:F0:21:85:D2:B8:C9:2F:BE:1C:61:8E:13:6F:DD Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Certificate serial: 618EABDBF197675DD4975EF2C836534F8468E297 Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa Signing time: Tue 10 Jun 2025 16:52:32 +0000 ROA not before: Tue 10 Jun 2025 16:47:32 +0000 ROA not after: Tue 09 Jun 2026 16:52:32 +0000 asID: 48700 IP address blocks: 2a14:1ec7:c400::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 16 Jun 2025 09:17:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:8e:ab:db:f1:97:67:5d:d4:97:5e:f2:c8:36:53:4f:84:68:e2:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Validity Not Before: Jun 10 16:47:32 2025 GMT Not After : Jun 9 16:52:32 2026 GMT Subject: CN=9BDDB9517678F02185D2B8C92FBE1C618E136FDD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:51:4e:c8:70:79:3c:ed:5a:9c:98:f1:1e:36: 07:ef:08:d3:0c:56:92:49:3b:e6:3e:e0:a9:5f:eb: 76:a4:63:8c:af:b5:37:e4:e2:7c:db:c6:e8:8a:77: 70:8b:ce:78:cc:2d:6e:d0:b4:27:5d:06:0b:da:23: 4d:eb:25:6a:3a:28:85:07:f7:9e:1a:ae:37:42:18: 83:f4:a4:95:a3:58:57:57:07:e4:47:1a:b2:71:23: bf:75:a4:b2:c1:c1:7d:1f:cc:c6:11:6e:26:ed:71: d4:44:c9:58:f0:2c:e2:16:7f:21:1e:55:8b:b3:fb: be:3f:b7:19:6b:ee:c2:35:0b:7d:77:9e:6b:da:0e: b9:e3:85:a5:30:9c:45:6d:9a:cc:6c:df:a2:4b:24: 13:9b:af:f7:8c:29:24:ba:82:90:f1:5e:59:87:1b: c5:06:1b:9a:a7:69:7b:98:20:53:08:7b:90:b8:5a: 40:f4:c2:b3:2a:66:f6:f8:47:c4:f7:4d:dd:dc:39: 90:59:9e:5a:9d:b5:ff:86:89:31:06:e7:8d:ce:20: 47:47:04:3c:e3:ac:48:de:36:9e:53:d3:f8:77:52: 94:78:59:05:2c:ea:0e:0e:fd:54:19:30:8e:1b:5f: 62:51:12:7c:e9:18:69:14:c4:cf:3e:92:ea:bf:a4: fd:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:DD:B9:51:76:78:F0:21:85:D2:B8:C9:2F:BE:1C:61:8E:13:6F:DD X509v3 Authority Key Identifier: keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec7:c400::/40 Signature Algorithm: sha256WithRSAEncryption 3c:96:44:90:97:df:25:f3:00:0f:2b:fa:05:72:85:63:b8:c0: 5f:cf:81:62:82:62:bc:b8:a7:aa:e1:08:ac:c0:29:fb:6d:ed: 71:a2:10:4a:c2:fe:8c:1b:c6:a6:d6:ae:93:50:d9:ea:7d:e8: 63:c9:dc:a7:3f:8c:ed:5f:45:b3:49:23:71:b3:ac:87:49:a2: 02:d7:6e:4c:67:8a:dd:52:c3:fc:06:70:31:d2:90:bb:b3:67: 0c:88:01:ff:c1:33:0f:d7:fd:6a:76:ff:c7:da:e9:37:6c:4f: 3d:65:5b:61:73:8f:4f:7e:b8:db:8d:ca:8c:df:36:f7:ba:ff: 30:a7:23:e0:8c:19:ec:da:83:7f:48:c1:dd:3a:04:d0:f6:fe: 90:f0:9d:15:f8:77:17:f3:e1:e0:9a:4d:b0:93:17:b4:eb:34: 30:23:0c:f6:12:2e:64:d5:01:51:ec:c9:84:d1:c4:65:b4:d8: 0a:4c:03:78:e6:18:62:13:71:79:4b:dc:8f:e1:bf:12:74:26: 6b:d6:35:9f:f4:7b:e4:da:d8:87:29:5d:16:0f:ad:6c:71:73: 3b:d2:94:e7:26:42:e7:4c:ce:70:79:9a:e9:1d:97:f9:51:97: 92:98:bb:2a:78:05:f5:39:d5:53:af:ad:5a:26:df:ec:98:2c: 3d:b4:7f:e0 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUYY6r2/GXZ13Ul17yyDZTT4Ro4pcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG NEFCREVDNjAeFw0yNTA2MTAxNjQ3MzJaFw0yNjA2MDkxNjUyMzJaMDMxMTAvBgNV BAMTKDlCRERCOTUxNzY3OEYwMjE4NUQyQjhDOTJGQkUxQzYxOEUxMzZGREQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLUU7IcHk87VqcmPEeNgfvCNMM VpJJO+Y+4Klf63akY4yvtTfk4nzbxuiKd3CLznjMLW7QtCddBgvaI03rJWo6KIUH 954arjdCGIP0pJWjWFdXB+RHGrJxI791pLLBwX0fzMYRbibtcdREyVjwLOIWfyEe VYuz+74/txlr7sI1C313nmvaDrnjhaUwnEVtmsxs36JLJBObr/eMKSS6gpDxXlmH G8UGG5qnaXuYIFMIe5C4WkD0wrMqZvb4R8T3Td3cOZBZnlqdtf+GiTEG543OIEdH BDzjrEjeNp5T0/h3UpR4WQUs6g4O/VQZMI4bX2JREnzpGGkUxM8+kuq/pP3lAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUm925UXZ48CGF0rjJL74cYY4Tb90wHwYDVR0j BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz NDNhMzE2NTYzMzczYTYzMzQzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQz ODM3MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUHsfEMA0GCSqGSIb3DQEBCwUAA4IBAQA8lkSQ l98l8wAPK/oFcoVjuMBfz4FigmK8uKeq4QiswCn7be1xohBKwv6MG8am1q6TUNnq fehjydynP4ztX0WzSSNxs6yHSaIC125MZ4rdUsP8BnAx0pC7s2cMiAH/wTMP1/1q dv/H2uk3bE89ZVthc49PfrjbjcqM3zb3uv8wpyPgjBns2oN/SMHdOgTQ9v6Q8J0V +HcX8+Hgmk2wkxe06zQwIwz2Ei5k1QFR7MmE0cRltNgKTAN45hhiE3F5S9yP4b8S dCZr1jWf9Hvk2tiHKV0WD61scXM70pTnJkLnTM5weZrpHZf5UZeSmLsqeAX1OdVT r61aJt/smCw9tH/g -----END CERTIFICATE-----Generated at Mon Jun 16 01:43:09 2025 by rpki-client