$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343835653a3a2f34382d3438203d3e20323134363737.roa File: 326131343a373538313a343835653a3a2f34382d3438203d3e20323134363737.roa (raw, json) Hash identifier: iHR6gaBLhEeuJStOmjFzEe4Moo+lPwxxC1xTUcqx6g4= Subject key identifier: 9C:BB:86:38:CC:2C:C0:33:E1:16:E5:D5:4B:AB:BB:97:39:BF:1E:33 Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Certificate serial: 0313F22F72096FF3EB0450F8460530691DD38DFA Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343835653a3a2f34382d3438203d3e20323134363737.roa Signing time: Sun 26 Oct 2025 09:37:32 +0000 ROA not before: Sun 26 Oct 2025 09:32:32 +0000 ROA not after: Sun 25 Oct 2026 09:37:32 +0000 asID: 214677 IP address blocks: 2a14:7581:485e::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 11:13:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:13:f2:2f:72:09:6f:f3:eb:04:50:f8:46:05:30:69:1d:d3:8d:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Validity Not Before: Oct 26 09:32:32 2025 GMT Not After : Oct 25 09:37:32 2026 GMT Subject: CN=9CBB8638CC2CC033E116E5D54BABBB9739BF1E33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e1:09:9d:50:aa:ee:7c:c1:35:e0:5e:8d:ce: 28:be:7c:cf:5e:37:2f:e8:cd:d0:1f:82:6d:3e:21: 80:be:9d:b3:d5:37:21:61:49:d6:14:56:ea:ca:cb: d5:00:c4:0f:b5:c7:5e:4e:9d:6f:9f:c1:e0:2f:ba: 31:f0:03:25:9a:2f:57:8c:2a:55:97:55:73:59:87: 71:bd:14:9e:e8:f2:5c:51:be:b6:2c:ec:5b:0d:93: 83:34:7e:ad:51:a6:29:f6:a0:9b:b4:2e:e3:04:3d: 9d:d7:25:77:f7:c0:95:ac:a4:03:79:1c:12:72:cc: 2e:0a:65:e5:ad:1f:4a:c8:92:2e:fe:fd:34:96:3e: 27:24:f6:a4:fe:c4:71:6b:e6:43:7d:54:ab:e1:51: 1b:13:8f:33:b6:58:86:74:43:cc:dd:08:78:81:61: b7:60:09:de:a7:31:c3:ec:ea:c9:b7:6e:53:45:47: ae:bb:78:a7:25:47:d7:93:a6:9e:eb:9e:28:69:42: b2:f3:a4:36:58:5f:bc:d1:52:8e:09:ea:7c:12:9b: 13:7e:ac:0b:cd:c9:62:d4:e3:01:8e:2d:80:7d:0f: db:25:40:a5:d6:bc:d6:6f:46:85:1d:9f:29:68:30: 9e:f5:88:b9:09:f1:9d:7a:27:32:66:fb:59:1b:1d: 12:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:BB:86:38:CC:2C:C0:33:E1:16:E5:D5:4B:AB:BB:97:39:BF:1E:33 X509v3 Authority Key Identifier: keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343835653a3a2f34382d3438203d3e20323134363737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:485e::/48 Signature Algorithm: sha256WithRSAEncryption 26:83:ca:ec:ca:26:db:4f:bb:c2:d6:71:f1:86:61:1c:c7:f7: 50:4d:00:69:44:e9:58:51:5d:31:c8:8f:ea:d7:92:1f:b9:1a: 21:14:76:0f:89:cb:9f:f6:9a:56:33:a1:ce:f0:e3:b2:8e:8e: f5:61:d9:ff:ff:49:57:b8:a4:63:17:9c:89:93:c2:dd:23:a3: c9:28:41:24:58:26:b6:d2:e7:e6:8c:9e:9c:64:5d:ab:0f:9e: 7c:d7:88:ae:5a:db:3b:37:58:84:70:25:c7:dc:9e:ad:14:9b: fe:c2:88:5a:e0:65:d3:01:37:aa:55:50:80:2c:5d:ce:2a:91: f1:b5:6e:6a:40:a1:1a:4d:2a:34:50:0f:f7:6f:dc:ac:ed:64: 39:16:75:33:e8:fc:97:de:c2:91:2b:e7:1e:2d:b8:ef:1b:b5: 5f:87:6a:0f:63:04:ac:87:44:b9:42:5a:c9:48:f4:f5:8f:6c: e1:11:b1:c3:ec:05:4e:27:3b:bb:85:b7:7b:56:5f:d4:45:65: cc:af:5c:76:23:be:83:91:fb:f3:f0:cf:1b:6f:74:50:16:0f: 82:48:d5:cb:0d:74:f2:5b:00:3d:8f:55:61:54:dd:6a:49:57: 24:4c:6c:92:1c:88:52:ac:82:a1:d7:2e:3f:16:4f:1b:8d:11: d6:0f:b0:ad -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUAxPyL3IJb/PrBFD4RgUwaR3TjfowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF MEFGQjM4QzAeFw0yNTEwMjYwOTMyMzJaFw0yNjEwMjUwOTM3MzJaMDMxMTAvBgNV BAMTKDlDQkI4NjM4Q0MyQ0MwMzNFMTE2RTVENTRCQUJCQjk3MzlCRjFFMzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP4QmdUKrufME14F6Nzii+fM9e Ny/ozdAfgm0+IYC+nbPVNyFhSdYUVurKy9UAxA+1x15OnW+fweAvujHwAyWaL1eM KlWXVXNZh3G9FJ7o8lxRvrYs7FsNk4M0fq1Rpin2oJu0LuMEPZ3XJXf3wJWspAN5 HBJyzC4KZeWtH0rIki7+/TSWPick9qT+xHFr5kN9VKvhURsTjzO2WIZ0Q8zdCHiB YbdgCd6nMcPs6sm3blNFR667eKclR9eTpp7rnihpQrLzpDZYX7zRUo4J6nwSmxN+ rAvNyWLU4wGOLYB9D9slQKXWvNZvRoUdnyloMJ71iLkJ8Z16JzJm+1kbHRK9AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUnLuGOMwswDPhFuXVS6u7lzm/HjMwHwYDVR0j BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4 NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz NDNhMzczNTM4MzEzYTM0MzgzNTY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzYzNzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gUheMA0GCSqGSIb3DQEBCwUAA4IBAQAm g8rsyibbT7vC1nHxhmEcx/dQTQBpROlYUV0xyI/q15IfuRohFHYPicuf9ppWM6HO 8OOyjo71Ydn//0lXuKRjF5yJk8LdI6PJKEEkWCa20ufmjJ6cZF2rD55814iuWts7 N1iEcCXH3J6tFJv+woha4GXTATeqVVCALF3OKpHxtW5qQKEaTSo0UA/3b9ys7WQ5 FnUz6PyX3sKRK+ceLbjvG7Vfh2oPYwSsh0S5QlrJSPT1j2zhEbHD7AVOJzu7hbd7 Vl/URWXMr1x2I76Dkfvz8M8bb3RQFg+CSNXLDXTyWwA9j1VhVN1qSVckTGySHIhS rIKh1y4/Fk8bjRHWD7Ct -----END CERTIFICATE-----Generated at Tue Nov 4 23:04:54 2025 by rpki-client