$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS147020.roa File: AS147020.roa (raw, json) Hash identifier: T8wLp9MdTN2xQPxqz7FHvzjDpI6XbIPDhLTDr+23bdc= Subject key identifier: B8:82:EF:35:61:A0:4A:4B:66:99:AF:8C:DC:7D:D0:6A:1C:E7:9C:F2 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 063C5B4C9B42172E35F4DC7D75D0862588702FFE Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS147020.roa Signing time: Fri 05 Jun 2026 08:45:54 +0000 ROA not before: Fri 05 Jun 2026 08:40:54 +0000 ROA not after: Fri 04 Jun 2027 08:45:54 +0000 asID: 147020 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Jun 2026 22:46:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:3c:5b:4c:9b:42:17:2e:35:f4:dc:7d:75:d0:86:25:88:70:2f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jun 5 08:40:54 2026 GMT Not After : Jun 4 08:45:54 2027 GMT Subject: CN=B882EF3561A04A4B6699AF8CDC7DD06A1CE79CF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:7d:73:b8:b7:1a:f3:b7:26:8e:ae:ef:bb:91: b8:f9:2c:d8:31:a9:55:2a:21:c9:c5:f0:59:17:c2: 28:67:bd:4a:61:b9:52:c1:01:b0:e2:19:bd:b9:19: a5:63:56:52:b1:f0:a9:3f:02:44:6b:b8:c7:67:d0: 2f:40:7d:83:43:00:b5:39:06:a3:a8:06:06:b2:dc: a8:86:2c:e1:fc:23:29:27:c8:97:28:b9:ca:5c:c3: 7c:33:09:a9:3f:84:c2:d3:9e:bd:3e:5c:21:03:1b: b6:cc:bf:fe:e8:a2:c1:3a:09:6c:b2:f9:92:93:94: a2:da:3c:32:47:80:78:c0:e4:63:ae:27:c8:b2:ba: 6c:dd:35:0a:67:d4:67:a6:cc:29:d3:dc:d4:58:2e: a0:b9:f3:b9:43:19:d2:27:9a:67:92:ee:e4:e2:ae: c9:7e:f2:6f:92:2b:8f:65:89:b3:18:c0:52:cd:ea: 18:70:cc:49:2d:8c:6f:ef:f2:51:66:94:c8:a3:29: cd:ed:a4:e9:ea:eb:4f:d3:b9:7a:e7:5e:63:36:a9: 26:ff:0d:0a:1d:ca:17:a7:d5:c3:0e:bb:6d:27:0a: 0f:b7:36:d6:8a:7a:87:fb:95:b4:df:21:0f:ae:e1: 77:a4:31:4e:a0:7e:75:71:bb:39:f8:50:12:a2:5b: 1d:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:82:EF:35:61:A0:4A:4B:66:99:AF:8C:DC:7D:D0:6A:1C:E7:9C:F2 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS147020.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 4b:f2:18:d0:78:4a:d1:43:2b:23:db:49:99:f4:c1:e4:8b:69: 8f:26:90:af:88:eb:fa:93:66:2d:ee:99:b2:d5:54:a7:8b:2c: 24:d9:42:08:37:fa:6a:e8:fb:e2:da:96:b3:df:a0:44:a6:bc: 9f:d5:26:7b:83:c1:e5:03:a1:84:10:bd:18:db:62:8f:60:e2: f1:48:6b:02:4d:f4:f2:f7:a6:ba:91:de:27:3a:b6:48:3b:9e: b9:98:3d:3d:58:10:bf:4b:33:99:5f:6d:ea:8e:a6:44:1d:36: 97:d4:36:98:52:1f:16:ae:f3:a5:5a:e8:29:14:56:38:19:6a: 65:ad:57:a3:97:bd:30:3d:34:07:3c:59:d0:c8:fb:39:db:79: 1d:a7:a9:9f:5b:d8:75:70:56:d2:ef:9b:a7:9b:66:34:ee:c5: 43:61:28:68:f6:85:89:f3:3c:7c:29:cd:61:85:a6:3a:4d:9b: 7e:04:47:c4:1c:e8:f9:14:66:66:af:6f:cc:6c:08:e9:83:24: 34:da:cf:bf:1d:9b:47:ff:55:57:6b:b4:30:fb:cc:f4:90:c1: a0:19:9a:39:cd:50:69:47:2e:ca:95:72:82:22:82:e2:34:fb: 90:73:d4:13:c7:01:80:e4:12:c2:e7:06:35:ca:d2:39:f6:78: af:17:52:20 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUBjxbTJtCFy419Nx9ddCGJYhwL/4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNjA2MDUwODQwNTRaFw0yNzA2MDQwODQ1NTRaMDMxMTAvBgNV BAMTKEI4ODJFRjM1NjFBMDRBNEI2Njk5QUY4Q0RDN0REMDZBMUNFNzlDRjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJfXO4txrztyaOru+7kbj5LNgx qVUqIcnF8FkXwihnvUphuVLBAbDiGb25GaVjVlKx8Kk/AkRruMdn0C9AfYNDALU5 BqOoBgay3KiGLOH8IyknyJcoucpcw3wzCak/hMLTnr0+XCEDG7bMv/7oosE6CWyy +ZKTlKLaPDJHgHjA5GOuJ8iyumzdNQpn1GemzCnT3NRYLqC587lDGdInmmeS7uTi rsl+8m+SK49libMYwFLN6hhwzEktjG/v8lFmlMijKc3tpOnq60/TuXrnXmM2qSb/ DQodyhen1cMOu20nCg+3NtaKeof7lbTfIQ+u4XekMU6gfnVxuzn4UBKiWx3bAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUuILvNWGgSktmma+M3H3QahznnPIwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMTQ3MDIwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBL8hjQeErRQysj20mZ9MHki2mPJpCviOv6 k2Yt7pmy1VSniywk2UIIN/pq6Pvi2paz36BEpryf1SZ7g8HlA6GEEL0Y22KPYOLx SGsCTfTy96a6kd4nOrZIO565mD09WBC/SzOZX23qjqZEHTaX1DaYUh8WrvOlWugp FFY4GWplrVejl70wPTQHPFnQyPs523kdp6mfW9h1cFbS75unm2Y07sVDYSho9oWJ 8zx8Kc1hhaY6TZt+BEfEHOj5FGZmr2/MbAjpgyQ02s+/HZtH/1VXa7Qw+8z0kMGg GZo5zVBpRy7KlXKCIoLiNPuQc9QTxwGA5BLC5wY1ytI59nivF1Ig -----END CERTIFICATE-----Generated at Sat Jun 13 09:26:13 2026 by rpki-client