$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/326131343a373538333a663431313a3a2f34382d3438203d3e20323131353735.roa File: 326131343a373538333a663431313a3a2f34382d3438203d3e20323131353735.roa (raw, json) Hash identifier: T+RdHDe5NeQheGE3D7vM1SaQKENF6nLzJfru8VF2DHI= Subject key identifier: FC:25:D1:6A:DA:6C:FA:A6:74:50:5B:A2:56:00:EE:19:27:D8:3D:70 Certificate issuer: /CN=B149F23A3E99C4760297DD7104B400C835D86D19 Certificate serial: 11F4E7EC6F76D14168CCEDE3CF5B558BC29C3B40 Authority key identifier: B1:49:F2:3A:3E:99:C4:76:02:97:DD:71:04:B4:00:C8:35:D8:6D:19 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B149F23A3E99C4760297DD7104B400C835D86D19.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/326131343a373538333a663431313a3a2f34382d3438203d3e20323131353735.roa Signing time: Sat 28 Mar 2026 15:02:56 +0000 ROA not before: Sat 28 Mar 2026 14:57:56 +0000 ROA not after: Sat 27 Mar 2027 15:02:56 +0000 asID: 211575 IP address blocks: 2a14:7583:f411::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/B149F23A3E99C4760297DD7104B400C835D86D19.crl rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/B149F23A3E99C4760297DD7104B400C835D86D19.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B149F23A3E99C4760297DD7104B400C835D86D19.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 12:17:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:f4:e7:ec:6f:76:d1:41:68:cc:ed:e3:cf:5b:55:8b:c2:9c:3b:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B149F23A3E99C4760297DD7104B400C835D86D19 Validity Not Before: Mar 28 14:57:56 2026 GMT Not After : Mar 27 15:02:56 2027 GMT Subject: CN=FC25D16ADA6CFAA674505BA25600EE1927D83D70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cb:48:d9:4c:df:26:ca:60:76:c4:0c:53:45: 5b:ac:7a:86:21:95:c6:fc:16:71:15:9a:3f:29:4c: 33:38:2f:3d:3f:24:ac:0b:bd:54:03:32:23:2e:5b: 16:f4:b1:74:9c:47:6e:0b:c8:d0:1a:23:98:5c:69: b1:56:43:8c:f9:c7:3d:e8:f8:de:d4:c0:02:81:c7: 3b:5d:13:61:a2:98:ec:6e:4b:92:de:5f:f3:f3:29: 8d:ee:4c:3c:63:b4:dc:f2:58:69:87:cc:d8:0a:ba: e5:f6:a8:72:17:40:a7:3e:1f:de:17:b3:6f:ce:e3: 9b:af:ea:3f:6a:3f:5b:26:89:80:9b:3c:75:75:9e: df:00:39:5c:bb:7c:ce:5e:35:35:20:a7:f6:c3:7a: 08:b5:d8:c0:ec:0f:37:36:d9:7a:ef:53:df:b4:7c: aa:63:37:9a:e2:56:43:a8:e4:0e:f4:b5:f0:59:68: 25:97:b8:4c:90:87:25:94:b1:2c:86:f2:d1:35:d3: 2f:fc:e5:cf:8c:64:50:67:b7:a9:39:1f:33:72:51: f0:c4:00:8d:9b:0d:7f:30:1b:fc:44:13:7e:28:d6: b8:14:d9:75:b9:d0:c6:a9:96:95:f4:6e:85:97:86: 37:a1:e0:fd:a4:e5:d8:3f:64:86:cb:df:7f:0c:37: 77:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:25:D1:6A:DA:6C:FA:A6:74:50:5B:A2:56:00:EE:19:27:D8:3D:70 X509v3 Authority Key Identifier: keyid:B1:49:F2:3A:3E:99:C4:76:02:97:DD:71:04:B4:00:C8:35:D8:6D:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/B149F23A3E99C4760297DD7104B400C835D86D19.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B149F23A3E99C4760297DD7104B400C835D86D19.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/981f9782-898e-4b83-95e6-4ff4ab75c9dc/2/326131343a373538333a663431313a3a2f34382d3438203d3e20323131353735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:f411::/48 Signature Algorithm: sha256WithRSAEncryption a1:56:ea:77:d0:b6:69:50:e8:cd:1a:ee:ea:ea:38:d2:b0:4f: d2:92:5d:16:68:b3:38:40:47:ac:ed:1f:ca:48:56:60:64:b6: 1c:30:4c:4c:ae:e5:a5:cc:0c:6c:66:b6:38:c6:af:b4:40:5b: 6d:0a:e2:b2:1d:17:46:24:82:a3:d8:4b:f9:d2:c8:52:31:5b: 05:ea:af:f4:09:5b:32:f1:ef:95:64:3a:ad:fc:d8:ab:f1:34: ea:98:b5:44:ca:ec:9b:3f:c5:b1:dc:ed:64:f5:b5:d4:97:7f: 1b:65:c7:46:dc:1d:6f:9e:2c:f8:44:f0:c6:b9:98:d5:7c:54: 5a:07:8e:d1:49:42:b9:89:84:87:51:40:9b:77:55:38:72:df: af:92:e8:ed:6f:8c:fc:d5:4d:bd:82:b5:c1:8f:72:ec:67:62: 30:e3:ed:45:d0:0f:75:56:6f:d0:d0:fc:b8:b2:59:cb:9b:35: 17:80:90:21:99:5a:5a:a1:30:35:72:91:a6:70:64:9c:c0:43: 50:6e:10:d5:26:5a:d7:a5:ae:08:e9:4b:56:fb:5d:7f:3d:b8: 63:68:d1:eb:f3:41:1c:b3:bc:f0:ce:75:52:fc:8d:b2:1a:2b: 52:fa:66:17:0d:07:9d:09:5e:a1:ca:22:3e:de:74:aa:c9:3c: 74:3e:90:5b -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUEfTn7G920UFozO3jz1tVi8KcO0AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjE0OUYyM0EzRTk5QzQ3NjAyOTdERDcxMDRCNDAwQzgz NUQ4NkQxOTAeFw0yNjAzMjgxNDU3NTZaFw0yNzAzMjcxNTAyNTZaMDMxMTAvBgNV BAMTKEZDMjVEMTZBREE2Q0ZBQTY3NDUwNUJBMjU2MDBFRTE5MjdEODNENzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyy0jZTN8mymB2xAxTRVuseoYh lcb8FnEVmj8pTDM4Lz0/JKwLvVQDMiMuWxb0sXScR24LyNAaI5hcabFWQ4z5xz3o +N7UwAKBxztdE2GimOxuS5LeX/PzKY3uTDxjtNzyWGmHzNgKuuX2qHIXQKc+H94X s2/O45uv6j9qP1smiYCbPHV1nt8AOVy7fM5eNTUgp/bDegi12MDsDzc22XrvU9+0 fKpjN5riVkOo5A70tfBZaCWXuEyQhyWUsSyG8tE10y/85c+MZFBnt6k5HzNyUfDE AI2bDX8wG/xEE34o1rgU2XW50MaplpX0boWXhjeh4P2k5dg/ZIbL338MN3c3AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU/CXRatps+qZ0UFuiVgDuGSfYPXAwHwYDVR0j BBgwFoAUsUnyOj6ZxHYCl91xBLQAyDXYbRkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOTgxZjk3ODItODk4ZS00YjgzLTk1ZTYtNGZmNGFiNzVj OWRjLzIvQjE0OUYyM0EzRTk5QzQ3NjAyOTdERDcxMDRCNDAwQzgzNUQ4NkQxOS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9CMTQ5RjIzQTNFOTlDNDc2MDI5N0RENzEw NEI0MDBDODM1RDg2RDE5LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS85ODFmOTc4Mi04OThlLTRiODMtOTVlNi00ZmY0YWI3NWM5ZGMvMi8zMjYxMzEz NDNhMzczNTM4MzMzYTY2MzQzMTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTMxMzUzNzM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1g/QRMA0GCSqGSIb3DQEBCwUAA4IBAQCh Vup30LZpUOjNGu7q6jjSsE/Skl0WaLM4QEes7R/KSFZgZLYcMExMruWlzAxsZrY4 xq+0QFttCuKyHRdGJIKj2Ev50shSMVsF6q/0CVsy8e+VZDqt/Nir8TTqmLVEyuyb P8Wx3O1k9bXUl38bZcdG3B1vniz4RPDGuZjVfFRaB47RSUK5iYSHUUCbd1U4ct+v kujtb4z81U29grXBj3LsZ2Iw4+1F0A91Vm/Q0Py4slnLmzUXgJAhmVpaoTA1cpGm cGScwENQbhDVJlrXpa4I6UtW+11/PbhjaNHr80Ecs7zwznVS/I2yGitS+mYXDQed CV6hyiI+3nSqyTx0PpBb -----END CERTIFICATE-----Generated at Fri Apr 17 22:40:31 2026 by rpki-client