$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34342d3438203d3e203331383938.roa File: 326131343a373538313a6430303a3a2f34342d3438203d3e203331383938.roa (raw, json) Hash identifier: OYFGGb9dMqAtV18cBeD3NbZ0TuwCvJXmn37LZwaW7zg= Subject key identifier: DA:6C:A3:D1:72:0D:C5:47:E2:D1:16:18:0F:2C:B5:A2:01:93:BA:4B Certificate issuer: /CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Certificate serial: 4277D8ACF87AA7017F8BFE840B2CEE57E3A9CC56 Authority key identifier: 0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34342d3438203d3e203331383938.roa Signing time: Fri 11 Jul 2025 02:42:14 +0000 ROA not before: Fri 11 Jul 2025 02:37:14 +0000 ROA not after: Fri 10 Jul 2026 02:42:14 +0000 asID: 31898 IP address blocks: 2a14:7581:d00::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 10:37:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:77:d8:ac:f8:7a:a7:01:7f:8b:fe:84:0b:2c:ee:57:e3:a9:cc:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Validity Not Before: Jul 11 02:37:14 2025 GMT Not After : Jul 10 02:42:14 2026 GMT Subject: CN=DA6CA3D1720DC547E2D116180F2CB5A20193BA4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:65:d1:b8:07:c6:0d:34:91:54:fb:ef:c7:f1: cd:42:00:a1:d5:5e:ae:f5:3f:45:d2:4e:ef:a9:1e: ea:05:ff:19:6c:15:14:c0:4f:c6:86:39:d6:d6:6d: 24:12:78:c5:5e:cd:d6:d9:ff:7c:55:d4:cd:b2:64: 33:8a:0e:84:e9:27:73:18:91:6b:c3:ee:aa:96:81: cf:1d:b2:75:40:00:92:b1:c4:00:40:b4:5b:1d:f3: 28:29:f8:2c:cb:88:7c:ea:d8:cc:22:e0:df:66:28: 7b:42:ef:5b:86:d6:47:d7:e1:7a:be:13:4d:2d:24: db:4d:57:69:5c:32:71:1d:66:ae:96:00:fa:af:f5: 41:fd:fb:8c:85:4d:67:da:4a:99:e8:23:db:4e:50: 3f:03:43:8b:ae:89:22:20:bc:c7:e4:58:39:b3:f1: 9e:cc:a0:ba:80:dd:85:63:c6:28:bd:9f:9f:de:93: 82:53:7f:2d:45:58:55:84:f0:b1:a7:81:8d:fa:43: eb:44:b0:cb:e2:58:9e:29:9c:a0:c0:bf:dc:59:a6: 2e:a8:84:5c:1e:e8:94:4f:fb:f1:67:1f:26:18:73: 85:df:a6:5e:cc:a6:a0:ff:c1:a4:e0:4c:3c:40:e7: f4:7c:1c:54:b5:55:1f:65:af:9d:54:36:b3:81:b0: 11:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:6C:A3:D1:72:0D:C5:47:E2:D1:16:18:0F:2C:B5:A2:01:93:BA:4B X509v3 Authority Key Identifier: keyid:0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538313a6430303a3a2f34342d3438203d3e203331383938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:d00::/44 Signature Algorithm: sha256WithRSAEncryption 75:17:88:f3:b8:ce:c7:86:08:5d:2a:4b:aa:17:bf:05:dc:f9: cb:3e:f2:14:20:3b:bf:5a:62:c5:23:76:be:fe:c3:7b:71:e4: b1:57:17:19:53:4c:46:26:7f:89:27:be:ab:fc:d4:c9:2d:bd: bb:62:82:84:c3:65:29:55:06:87:c5:ae:07:5b:33:e7:6a:64: 05:1e:33:60:e4:4f:1a:5b:49:1b:6a:99:32:15:d5:70:88:cc: d4:18:3a:7e:e7:de:eb:c3:f2:1e:bf:c2:3a:4f:d9:e3:40:34: 0e:6f:fe:5c:6b:78:1d:ae:1e:6a:89:8b:fc:6d:ac:87:75:1a: 23:52:66:01:6a:8e:64:1b:3d:91:3b:55:0d:c3:c2:dc:10:5f: 98:06:91:f3:6f:77:7c:49:ee:94:5e:00:6c:85:40:b0:3e:06: 9e:46:a5:61:80:70:a3:ee:36:59:90:ec:ca:7f:fc:e9:95:6d: 0f:99:40:9b:0f:7e:5a:b6:c6:ed:71:26:d2:67:90:25:38:d3: 11:12:ac:8e:75:37:6c:fb:ee:d7:3a:7b:5e:2e:d0:77:5d:68: 8a:22:fc:00:f3:9d:ed:37:b7:89:5a:f7:57:86:ec:1d:79:8c: 89:3a:27:77:90:d6:8a:de:83:33:ed:ab:a0:26:9e:61:03:db: 77:b8:ae:14 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgIUQnfYrPh6pwF/i/6ECyzuV+OpzFYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZG QjgyM0U0NTAeFw0yNTA3MTEwMjM3MTRaFw0yNjA3MTAwMjQyMTRaMDMxMTAvBgNV BAMTKERBNkNBM0QxNzIwREM1NDdFMkQxMTYxODBGMkNCNUEyMDE5M0JBNEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHZdG4B8YNNJFU++/H8c1CAKHV Xq71P0XSTu+pHuoF/xlsFRTAT8aGOdbWbSQSeMVezdbZ/3xV1M2yZDOKDoTpJ3MY kWvD7qqWgc8dsnVAAJKxxABAtFsd8ygp+CzLiHzq2Mwi4N9mKHtC71uG1kfX4Xq+ E00tJNtNV2lcMnEdZq6WAPqv9UH9+4yFTWfaSpnoI9tOUD8DQ4uuiSIgvMfkWDmz 8Z7MoLqA3YVjxii9n5/ek4JTfy1FWFWE8LGngY36Q+tEsMviWJ4pnKDAv9xZpi6o hFwe6JRP+/FnHyYYc4Xfpl7MpqD/waTgTDxA5/R8HFS1VR9lr51UNrOBsBH7AgMB AAGjggKBMIICfTAdBgNVHQ4EFgQU2myj0XINxUfi0RYYDyy1ogGTukswHwYDVR0j BBgwFoAUCothqETWwsevOO3L0WXQ7/uCPkUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzJjNDA1ZjEtYzMyZC00N2NlLTg5NDMtMDc1MmVkMTNk OGVmLzEvMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZGQjgyM0U0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wQThCNjFBODQ0RDZDMkM3QUYzOEVEQ0JE MTY1RDBFRkZCODIzRTQ1LmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MmM0MDVmMS1jMzJkLTQ3Y2UtODk0My0wNzUyZWQxM2Q4ZWYvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTY0MzAzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMzMzEz ODM5Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB Af8EEzARMA8EAgACMAkDBwQqFHWBDQAwDQYJKoZIhvcNAQELBQADggEBAHUXiPO4 zseGCF0qS6oXvwXc+cs+8hQgO79aYsUjdr7+w3tx5LFXFxlTTEYmf4knvqv81Mkt vbtigoTDZSlVBofFrgdbM+dqZAUeM2DkTxpbSRtqmTIV1XCIzNQYOn7n3uvD8h6/ wjpP2eNANA5v/lxreB2uHmqJi/xtrId1GiNSZgFqjmQbPZE7VQ3DwtwQX5gGkfNv d3xJ7pReAGyFQLA+Bp5GpWGAcKPuNlmQ7Mp//OmVbQ+ZQJsPflq2xu1xJtJnkCU4 0xESrI51N2z77tc6e14u0HddaIoi/ADzne03t4la91eG7B15jIk6J3eQ1oregzPt q6AmnmED23e4rhQ= -----END CERTIFICATE-----Generated at Tue Nov 4 22:44:33 2025 by rpki-client