$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa File: 326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa (raw, json) Hash identifier: 2UDjxG4RlvjPmviPQqGqAVVrCPWdscmfmRM0j7DODko= Subject key identifier: BB:7F:CA:AD:16:7D:1B:16:23:B1:1E:DD:AC:07:16:64:B6:FA:E3:98 Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Certificate serial: 0CBDC75252667448CBBB02042E6848811BD0796B Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa Signing time: Wed 28 Jan 2026 12:01:31 +0000 ROA not before: Wed 28 Jan 2026 11:56:31 +0000 ROA not after: Wed 27 Jan 2027 12:01:31 +0000 asID: 215223 IP address blocks: 2a14:7581:4820::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Mar 2026 07:22:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:bd:c7:52:52:66:74:48:cb:bb:02:04:2e:68:48:81:1b:d0:79:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Validity Not Before: Jan 28 11:56:31 2026 GMT Not After : Jan 27 12:01:31 2027 GMT Subject: CN=BB7FCAAD167D1B1623B11EDDAC071664B6FAE398 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:48:d5:81:c9:c4:1e:76:cf:e7:27:cf:a4:ef: cd:87:19:9b:7f:4f:1e:82:c1:ee:02:6c:29:04:34: 72:de:7c:3f:bd:b7:2a:cc:0a:af:03:0e:76:fb:e2: 6e:1d:f0:9c:34:f9:f5:aa:53:09:06:83:7c:08:1f: ad:b0:53:71:23:28:f8:17:ba:3c:ea:95:50:2c:5e: 53:85:d7:3d:8d:a8:ff:5b:40:50:29:c3:83:42:af: 79:c5:95:76:87:f2:62:52:4b:9a:af:5e:3a:3f:d8: 6a:8b:89:a1:e9:f7:3d:9c:22:8a:8d:f0:3c:a5:45: 4b:fd:f6:44:46:5a:18:c3:31:56:b8:20:fb:01:a7: 38:21:fe:53:87:02:13:37:91:ad:f5:cc:91:dd:4a: 7e:24:e5:f5:49:93:5d:d6:e2:a1:2d:df:dd:37:82: b3:54:24:43:99:f2:39:e9:ab:32:d0:57:39:09:90: ab:ee:f9:3d:51:db:c1:85:13:ff:2d:ee:2b:87:df: 9b:27:7a:c4:11:8e:ac:77:1f:e6:29:3b:fb:2f:7f: 9a:8e:26:70:5c:ff:e3:a6:33:0b:49:d0:ea:93:cc: aa:1f:60:16:d6:a0:96:a7:b1:46:35:42:cd:4b:96: bb:1a:3d:8e:93:b7:53:c1:8b:08:0c:ba:95:c6:e8: 5d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:7F:CA:AD:16:7D:1B:16:23:B1:1E:DD:AC:07:16:64:B6:FA:E3:98 X509v3 Authority Key Identifier: keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:4820::/44 Signature Algorithm: sha256WithRSAEncryption 5e:61:03:be:e4:20:9a:c4:8a:26:55:71:bf:91:4e:eb:a3:c4: 4f:d5:6c:1f:73:93:6f:b2:6f:4d:09:84:76:f8:e1:86:bd:9f: e3:cf:04:03:09:56:0b:61:49:b9:f0:53:88:0e:f0:bd:a4:c6: fc:6c:af:42:fd:43:ec:20:7a:48:06:dd:8c:16:c5:33:4e:d4: 70:31:45:f3:ba:84:93:c0:b9:51:d8:7e:eb:10:01:41:ac:17: bf:96:18:0f:e4:78:06:19:ca:7a:d1:e3:4d:bc:02:8d:4f:7c: cc:1c:2c:9d:b1:59:82:65:c0:62:d8:7a:dd:18:c7:63:45:29: 0c:3b:50:3f:d7:f9:c5:2c:62:9d:61:16:6c:cd:16:22:ef:d2: 0c:25:98:1c:8b:3f:6b:88:eb:6a:f4:28:36:72:33:5c:c0:2e: f4:02:5b:83:b7:6f:bf:c4:12:83:d0:58:9f:77:25:75:9e:ea: a8:02:e8:04:d5:f4:c2:3d:f3:9a:93:15:f4:70:6e:43:d4:54: ec:19:d7:b7:0f:b5:63:be:49:eb:cc:73:be:94:14:08:2c:d6: 99:cc:4a:b8:6b:8b:96:f9:85:5f:45:f8:4c:4e:cb:39:5a:09: 17:77:d5:37:46:49:cf:77:e6:51:1b:b2:00:25:5d:18:86:b9: d1:6b:cc:d5 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUDL3HUlJmdEjLuwIELmhIgRvQeWswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF MEFGQjM4QzAeFw0yNjAxMjgxMTU2MzFaFw0yNzAxMjcxMjAxMzFaMDMxMTAvBgNV BAMTKEJCN0ZDQUFEMTY3RDFCMTYyM0IxMUVEREFDMDcxNjY0QjZGQUUzOTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVSNWBycQeds/nJ8+k782HGZt/ Tx6Cwe4CbCkENHLefD+9tyrMCq8DDnb74m4d8Jw0+fWqUwkGg3wIH62wU3EjKPgX ujzqlVAsXlOF1z2NqP9bQFApw4NCr3nFlXaH8mJSS5qvXjo/2GqLiaHp9z2cIoqN 8DylRUv99kRGWhjDMVa4IPsBpzgh/lOHAhM3ka31zJHdSn4k5fVJk13W4qEt3903 grNUJEOZ8jnpqzLQVzkJkKvu+T1R28GFE/8t7iuH35snesQRjqx3H+YpO/svf5qO JnBc/+OmMwtJ0OqTzKofYBbWoJansUY1Qs1LlrsaPY6Tt1PBiwgMupXG6F23AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUu3/KrRZ9GxYjsR7drAcWZLb645gwHwYDVR0j BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4 NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz NDNhMzczNTM4MzEzYTM0MzgzMjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MTM1MzIzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gUggMA0GCSqGSIb3DQEBCwUAA4IBAQBe YQO+5CCaxIomVXG/kU7ro8RP1Wwfc5Nvsm9NCYR2+OGGvZ/jzwQDCVYLYUm58FOI DvC9pMb8bK9C/UPsIHpIBt2MFsUzTtRwMUXzuoSTwLlR2H7rEAFBrBe/lhgP5HgG Gcp60eNNvAKNT3zMHCydsVmCZcBi2HrdGMdjRSkMO1A/1/nFLGKdYRZszRYi79IM JZgciz9riOtq9Cg2cjNcwC70AluDt2+/xBKD0FifdyV1nuqoAugE1fTCPfOakxX0 cG5D1FTsGde3D7VjvknrzHO+lBQILNaZzEq4a4uW+YVfRfhMTss5WgkXd9U3RknP d+ZRG7IAJV0YhrnRa8zV -----END CERTIFICATE-----Generated at Mon Mar 2 21:57:24 2026 by rpki-client