$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa File: 326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa (raw, json) Hash identifier: +2h0a7wgr0VV5Yf9tenQW+2b3nKEqNnM1bACdpjItzE= Subject key identifier: 88:BC:0E:74:E2:65:1B:81:5D:7E:0D:76:ED:4A:A3:95:1B:5A:B4:FB Certificate issuer: /CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Certificate serial: 7CF227B38E04CE80C4079B33A3DD1927A62138BD Authority key identifier: 0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa Signing time: Thu 11 Jun 2026 15:42:17 +0000 ROA not before: Thu 11 Jun 2026 15:37:17 +0000 ROA not after: Thu 10 Jun 2027 15:42:17 +0000 asID: 216452 IP address blocks: 2a14:7581:d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 14:43:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:f2:27:b3:8e:04:ce:80:c4:07:9b:33:a3:dd:19:27:a6:21:38:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Validity Not Before: Jun 11 15:37:17 2026 GMT Not After : Jun 10 15:42:17 2027 GMT Subject: CN=88BC0E74E2651B815D7E0D76ED4AA3951B5AB4FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:97:cf:0b:46:62:0f:e9:ea:72:dd:96:06:ef: 55:d8:4a:40:08:58:3c:c7:a9:8f:9d:e6:ea:09:ca: a4:a3:e8:55:75:41:2d:ed:87:4d:fa:e6:84:55:b0: 7e:2b:0e:0d:f0:cc:c5:53:f2:85:ad:85:45:64:59: 34:08:e5:dc:f3:11:5a:e2:dc:5d:c9:8e:20:d9:04: 2e:fd:51:ee:eb:da:22:09:df:d4:c5:8a:16:88:1c: a0:3b:c8:be:e6:ca:64:f0:16:6f:9a:1c:bd:fe:07: 33:13:24:9c:4d:23:b9:e9:25:d3:51:c1:cf:b0:d2: ae:8c:6e:a5:61:5a:ae:36:b0:3c:c6:b4:67:8e:0d: 2e:bb:fe:46:38:dc:49:ae:4d:5a:e6:ea:37:a6:b5: 6f:cf:1a:96:5b:2c:74:89:69:2d:71:ef:ec:d4:9b: 3f:fb:bd:ca:5f:b4:3d:b6:49:7b:ae:0b:76:3d:20: e6:e3:e0:4f:dc:24:d5:f4:ec:b7:6f:c4:0f:b2:f5: f5:f2:33:d6:67:91:e8:7a:d4:19:0e:8e:41:8a:a3: ba:b9:a4:63:8a:fc:20:71:51:56:eb:d0:e0:37:e4: da:3b:8d:b3:e3:22:9a:a9:43:3f:6a:5f:46:c7:11: 94:4f:d4:2d:e1:3d:a6:2e:80:19:00:c5:98:e5:24: 44:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:BC:0E:74:E2:65:1B:81:5D:7E:0D:76:ED:4A:A3:95:1B:5A:B4:FB X509v3 Authority Key Identifier: keyid:0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:d00::/40 Signature Algorithm: sha256WithRSAEncryption 79:50:10:a9:17:8c:19:7e:a7:d7:b9:96:34:4a:94:ad:f7:29: 34:10:02:dc:6f:07:45:f1:e0:e4:c3:b7:b1:3d:40:75:3e:09: 9a:ca:74:07:f0:89:30:58:0b:5d:bc:a7:38:84:d8:70:d1:3e: 76:c8:82:df:33:b4:da:1e:93:c8:c8:cb:24:db:ff:1c:17:f5: b7:82:38:87:9f:97:89:48:68:30:9e:8c:94:2e:bd:4a:e2:0a: 20:ca:ba:f0:d4:c5:69:6c:2c:d9:c3:a1:cb:61:44:ce:ab:aa: d3:fa:4f:f9:2c:6d:d2:9c:de:1b:f0:6e:d1:e8:df:76:9f:84: 63:3f:6e:13:21:39:b3:f5:ac:03:ec:4a:17:20:63:3a:c6:fb: 78:e9:52:b8:f1:e2:98:97:ff:98:5b:08:29:73:0f:62:13:42: 9c:a0:75:55:88:4d:71:99:cb:d4:39:61:04:68:cf:a7:7f:c7: f2:b4:d0:5c:4c:25:2f:7c:cd:0a:63:4c:61:54:57:91:f1:c2: d4:c9:19:3a:d1:5d:41:00:68:d3:d4:a6:0c:1a:53:8f:3c:74: 30:1b:9f:b1:c3:b9:dc:03:4a:f5:5b:9a:f9:0d:24:a6:fd:99: b2:70:ba:66:e1:be:0e:ab:83:19:27:9b:c7:fb:5d:62:38:10: 7c:c0:03:8d -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUfPIns44EzoDEB5szo90ZJ6YhOL0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZG QjgyM0U0NTAeFw0yNjA2MTExNTM3MTdaFw0yNzA2MTAxNTQyMTdaMDMxMTAvBgNV BAMTKDg4QkMwRTc0RTI2NTFCODE1RDdFMEQ3NkVENEFBMzk1MUI1QUI0RkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEl88LRmIP6epy3ZYG71XYSkAI WDzHqY+d5uoJyqSj6FV1QS3th0365oRVsH4rDg3wzMVT8oWthUVkWTQI5dzzEVri 3F3JjiDZBC79Ue7r2iIJ39TFihaIHKA7yL7mymTwFm+aHL3+BzMTJJxNI7npJdNR wc+w0q6MbqVhWq42sDzGtGeODS67/kY43EmuTVrm6jemtW/PGpZbLHSJaS1x7+zU mz/7vcpftD22SXuuC3Y9IObj4E/cJNX07LdvxA+y9fXyM9Znkeh61BkOjkGKo7q5 pGOK/CBxUVbr0OA35No7jbPjIpqpQz9qX0bHEZRP1C3hPaYugBkAxZjlJES5AgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUiLwOdOJlG4Fdfg127UqjlRtatPswHwYDVR0j BBgwFoAUCothqETWwsevOO3L0WXQ7/uCPkUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzJjNDA1ZjEtYzMyZC00N2NlLTg5NDMtMDc1MmVkMTNk OGVmLzEvMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZGQjgyM0U0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wQThCNjFBODQ0RDZDMkM3QUYzOEVEQ0JE MTY1RDBFRkZCODIzRTQ1LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MmM0MDVmMS1jMzJkLTQ3Y2UtODk0My0wNzUyZWQxM2Q4ZWYvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTY0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEz NjM0MzUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYENMA0GCSqGSIb3DQEBCwUAA4IBAQB5UBCp F4wZfqfXuZY0SpSt9yk0EALcbwdF8eDkw7exPUB1PgmaynQH8IkwWAtdvKc4hNhw 0T52yILfM7TaHpPIyMsk2/8cF/W3gjiHn5eJSGgwnoyULr1K4gogyrrw1MVpbCzZ w6HLYUTOq6rT+k/5LG3SnN4b8G7R6N92n4RjP24TITmz9awD7EoXIGM6xvt46VK4 8eKYl/+YWwgpcw9iE0KcoHVViE1xmcvUOWEEaM+nf8fytNBcTCUvfM0KY0xhVFeR 8cLUyRk60V1BAGjT1KYMGlOPPHQwG5+xw7ncA0r1W5r5DSSm/ZmycLpm4b4Oq4MZ J5vH+11iOBB8wAON -----END CERTIFICATE-----Generated at Sun Jun 14 07:09:44 2026 by rpki-client