$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa File: 326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa (raw, json) Hash identifier: jAqeRW+G0tj75/HjlTu9upVrXQ/2AvwaP0ubMorKA1Q= Subject key identifier: E0:80:6E:20:68:AD:EB:7B:67:46:D9:7C:A9:6D:5C:CE:D6:D4:A4:CD Certificate issuer: /CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Certificate serial: C4C7F6DFF24B104A602C4CDE3F21D29BAAA965 Authority key identifier: 0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa Signing time: Thu 10 Jul 2025 15:42:14 +0000 ROA not before: Thu 10 Jul 2025 15:37:14 +0000 ROA not after: Thu 09 Jul 2026 15:42:14 +0000 asID: 216452 IP address blocks: 2a14:7581:d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 06 Aug 2025 14:37:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: c4:c7:f6:df:f2:4b:10:4a:60:2c:4c:de:3f:21:d2:9b:aa:a9:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Validity Not Before: Jul 10 15:37:14 2025 GMT Not After : Jul 9 15:42:14 2026 GMT Subject: CN=E0806E2068ADEB7B6746D97CA96D5CCED6D4A4CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e1:6e:84:0f:80:85:0c:a1:a5:06:13:4f:d3: b4:c9:b9:c8:56:2c:78:2e:7c:19:ce:81:a3:d4:e7: 00:65:db:9b:f7:37:bd:c3:7b:11:dc:c1:cd:bf:29: 95:b4:82:29:34:61:c1:e1:f5:7e:b1:32:05:1b:d4: 3b:cb:88:14:47:42:f6:e9:22:3b:24:57:ae:c5:42: 91:2c:b2:f2:4a:5d:f0:41:e3:8c:63:8b:8f:85:de: 37:11:b0:66:2d:5c:b1:f9:d7:46:66:30:a5:33:0e: b7:8f:85:4b:b5:0b:a3:f7:fd:7d:b9:55:fb:16:6d: 8e:1e:4a:c6:ff:18:dd:0c:2e:92:f2:1a:bd:46:a7: 01:36:1f:a3:ed:5c:e7:a5:2e:c5:26:09:46:40:0e: 8c:0c:7e:38:d1:e0:38:c0:6f:54:01:de:f0:53:29: 13:be:e5:13:89:bd:07:d2:0b:54:f2:fb:cd:45:cd: cb:a6:b1:e3:47:2f:d8:fc:31:dd:77:45:bc:c5:6a: 59:68:23:ff:3d:35:57:c2:00:17:1b:17:ac:d4:61: 7c:20:d3:1b:eb:45:6e:b2:51:f2:b0:12:65:71:2a: 36:6a:c6:5c:66:00:80:c7:75:de:eb:32:dc:b8:2c: a8:57:b9:5f:05:12:ed:54:21:aa:7f:8b:c9:ae:93: c5:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:80:6E:20:68:AD:EB:7B:67:46:D9:7C:A9:6D:5C:CE:D6:D4:A4:CD X509v3 Authority Key Identifier: keyid:0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34302d3438203d3e20323136343532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:d00::/40 Signature Algorithm: sha256WithRSAEncryption 50:5d:6a:80:dd:83:8d:52:93:58:b3:28:e2:97:cc:b6:75:24: ef:f5:f7:14:4b:a8:b8:82:53:27:ea:52:54:f8:05:5a:b6:b0: e0:d4:84:bd:b5:1f:69:f8:be:dd:a7:e7:d9:57:5f:eb:58:87: 7e:21:d1:50:16:dd:d7:a0:9a:52:48:b9:89:7c:a0:79:55:9b: fe:d8:17:b6:23:fa:41:3d:08:fa:74:67:8a:04:5b:f9:fd:bb: dd:73:7e:81:91:97:89:5f:6a:7b:6e:a9:eb:c7:2c:55:73:b7: 89:cf:33:00:6a:98:ee:ed:5a:81:9f:e9:55:6f:35:35:02:c1: 2d:8b:d5:b8:06:7f:d2:e4:c6:90:26:75:57:c4:cc:98:ef:b4: 2b:c5:14:44:7c:1e:d9:c7:14:a5:f9:86:f9:d7:c0:b7:d2:c3: 6f:7d:95:a4:2c:a8:dd:bc:23:bf:5c:7b:6c:d1:c9:7e:91:12: 9c:72:ab:bf:fb:f7:6d:eb:ca:e9:f9:5b:c1:c5:02:50:66:6a: 46:cd:e8:60:63:8e:22:59:1b:5e:12:c7:51:a8:98:10:e8:1a: e2:07:c1:ad:ef:09:a8:55:fb:f4:98:63:7e:16:e4:57:ca:b9: e8:79:d4:30:1a:d6:c4:66:6b:93:c3:cf:95:61:ed:a4:e2:9c: ba:07:ad:e0 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUAMTH9t/ySxBKYCxM3j8h0puqqWUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZG QjgyM0U0NTAeFw0yNTA3MTAxNTM3MTRaFw0yNjA3MDkxNTQyMTRaMDMxMTAvBgNV BAMTKEUwODA2RTIwNjhBREVCN0I2NzQ2RDk3Q0E5NkQ1Q0NFRDZENEE0Q0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb4W6ED4CFDKGlBhNP07TJuchW LHgufBnOgaPU5wBl25v3N73DexHcwc2/KZW0gik0YcHh9X6xMgUb1DvLiBRHQvbp IjskV67FQpEssvJKXfBB44xji4+F3jcRsGYtXLH510ZmMKUzDrePhUu1C6P3/X25 VfsWbY4eSsb/GN0MLpLyGr1GpwE2H6PtXOelLsUmCUZADowMfjjR4DjAb1QB3vBT KRO+5ROJvQfSC1Ty+81FzcumseNHL9j8Md13RbzFalloI/89NVfCABcbF6zUYXwg 0xvrRW6yUfKwEmVxKjZqxlxmAIDHdd7rMty4LKhXuV8FEu1UIap/i8muk8XBAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQU4IBuIGit63tnRtl8qW1cztbUpM0wHwYDVR0j BBgwFoAUCothqETWwsevOO3L0WXQ7/uCPkUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzJjNDA1ZjEtYzMyZC00N2NlLTg5NDMtMDc1MmVkMTNk OGVmLzEvMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZGQjgyM0U0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wQThCNjFBODQ0RDZDMkM3QUYzOEVEQ0JE MTY1RDBFRkZCODIzRTQ1LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MmM0MDVmMS1jMzJkLTQ3Y2UtODk0My0wNzUyZWQxM2Q4ZWYvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTY0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEz NjM0MzUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYENMA0GCSqGSIb3DQEBCwUAA4IBAQBQXWqA 3YONUpNYsyjil8y2dSTv9fcUS6i4glMn6lJU+AVatrDg1IS9tR9p+L7dp+fZV1/r WId+IdFQFt3XoJpSSLmJfKB5VZv+2Be2I/pBPQj6dGeKBFv5/bvdc36BkZeJX2p7 bqnrxyxVc7eJzzMAapju7VqBn+lVbzU1AsEti9W4Bn/S5MaQJnVXxMyY77QrxRRE fB7ZxxSl+Yb518C30sNvfZWkLKjdvCO/XHts0cl+kRKccqu/+/dt68rp+VvBxQJQ ZmpGzehgY44iWRteEsdRqJgQ6BriB8Gt7wmoVfv0mGN+FuRXyrnoedQwGtbEZmuT w8+VYe2k4py6B63g -----END CERTIFICATE-----Generated at Wed Aug 6 00:36:25 2025 by rpki-client