$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS200242.roa File: AS200242.roa (raw, json) Hash identifier: 0YKVqUD7v4WxtpzAeff+jxCbBPG4Z1EoD5jmJRE1EP8= Subject key identifier: 74:AF:13:54:FC:B5:B4:1E:05:67:56:DD:07:DC:9C:03:CA:FE:5F:37 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 325C294BEFBB4AEDD58A83DE843A6803AFAD3542 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS200242.roa Signing time: Fri 04 Jul 2025 07:51:28 +0000 ROA not before: Fri 04 Jul 2025 07:46:28 +0000 ROA not after: Fri 03 Jul 2026 07:51:28 +0000 asID: 200242 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 23:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:5c:29:4b:ef:bb:4a:ed:d5:8a:83:de:84:3a:68:03:af:ad:35:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:28 2025 GMT Not After : Jul 3 07:51:28 2026 GMT Subject: CN=74AF1354FCB5B41E056756DD07DC9C03CAFE5F37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:c7:92:49:21:88:5b:63:27:fa:87:d7:a9:13: 01:96:31:ca:42:19:1f:be:98:b5:d2:c6:5b:7a:ba: f3:ef:2e:4c:d6:93:8f:88:b6:96:df:f5:0d:9b:1f: 6a:ee:17:d4:2e:f7:3f:25:01:ce:8a:3c:9b:3e:b0: 77:3a:27:9c:f4:b9:5b:1a:4a:8d:cd:76:ea:bd:04: 29:87:95:b4:fb:66:40:2d:80:db:41:b2:78:10:c1: 65:d1:62:b4:27:78:99:96:c3:73:b5:29:74:16:96: 5f:c4:43:cd:0b:2a:73:61:53:0f:07:d3:32:86:50: 32:4c:43:25:13:75:bd:06:dd:f1:29:e2:75:3d:9a: cd:0f:a0:d7:e4:fa:7a:5b:6c:ad:ca:f6:0b:59:c8: ba:f0:b5:3b:0c:70:05:38:4a:57:2e:b4:20:a3:4b: a7:c1:7f:84:82:74:23:4b:b8:dd:c7:a6:f9:0d:ad: dd:ca:f8:f6:97:1e:4c:87:2a:10:13:41:c1:44:82: e3:a7:a8:d5:37:59:48:9d:8d:0e:3b:a5:d0:2a:ea: 32:78:b1:e0:b3:d8:b3:30:44:b6:e6:13:53:2a:40: 04:17:62:69:d6:8b:2d:d2:52:5d:57:8a:75:15:45: 73:ba:94:e9:39:6c:e5:01:b7:d8:0b:00:0e:4f:3f: c2:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:AF:13:54:FC:B5:B4:1E:05:67:56:DD:07:DC:9C:03:CA:FE:5F:37 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS200242.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 11:42:20:16:e7:02:af:93:9e:1d:e6:85:a9:99:c4:6e:6e:e6: 75:97:9d:b7:92:2e:72:dd:15:34:4d:ad:eb:bd:e7:95:6d:06: e9:a0:1c:89:82:5a:86:52:46:cd:bb:36:b9:05:6a:49:09:84: 07:42:f6:df:c7:5b:46:bc:5f:18:4b:f1:4a:38:c2:16:c0:29: a1:58:81:e8:5e:8c:cb:f7:01:03:81:0a:a7:f9:c9:ba:dd:2b: a9:a8:9a:bc:87:db:bf:a0:50:81:eb:f3:9f:64:59:ee:8a:31: 58:4b:a2:c3:2a:f9:2b:9e:72:ff:bd:a8:e6:98:e1:20:bd:24: 5b:59:ae:d2:74:1b:fb:3d:e4:2f:dd:15:5d:cb:aa:7d:55:10: 98:17:c4:98:47:69:49:81:42:05:15:56:9f:d1:f3:64:9b:f4: 6b:f6:12:0b:82:2e:ed:89:57:f9:14:0f:fd:bb:a7:9c:82:b4: 71:24:f3:02:f4:44:a2:be:39:33:cf:d1:e8:51:b4:a6:04:04: c9:2b:d9:67:cc:53:f5:c3:d5:a8:8d:09:c3:59:62:39:fb:55: 37:1b:85:fe:07:be:fc:43:e6:c5:53:bd:ae:11:39:2b:c6:6b: e4:a6:79:cc:6c:3f:c8:7d:25:4a:1f:49:9e:1b:49:ce:23:a1: 61:f8:d6:95 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUMlwpS++7Su3VioPehDpoA6+tNUIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjhaFw0yNjA3MDMwNzUxMjhaMDMxMTAvBgNV BAMTKDc0QUYxMzU0RkNCNUI0MUUwNTY3NTZERDA3REM5QzAzQ0FGRTVGMzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcx5JJIYhbYyf6h9epEwGWMcpC GR++mLXSxlt6uvPvLkzWk4+Itpbf9Q2bH2ruF9Qu9z8lAc6KPJs+sHc6J5z0uVsa So3Nduq9BCmHlbT7ZkAtgNtBsngQwWXRYrQneJmWw3O1KXQWll/EQ80LKnNhUw8H 0zKGUDJMQyUTdb0G3fEp4nU9ms0PoNfk+npbbK3K9gtZyLrwtTsMcAU4SlcutCCj S6fBf4SCdCNLuN3HpvkNrd3K+PaXHkyHKhATQcFEguOnqNU3WUidjQ47pdAq6jJ4 seCz2LMwRLbmE1MqQAQXYmnWiy3SUl1XinUVRXO6lOk5bOUBt9gLAA5PP8KZAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUdK8TVPy1tB4FZ1bdB9ycA8r+XzcwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjAwMjQyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQARQiAW5wKvk54d5oWpmcRubuZ1l523ki5y 3RU0Ta3rveeVbQbpoByJglqGUkbNuza5BWpJCYQHQvbfx1tGvF8YS/FKOMIWwCmh WIHoXozL9wEDgQqn+cm63SupqJq8h9u/oFCB6/OfZFnuijFYS6LDKvkrnnL/vajm mOEgvSRbWa7SdBv7PeQv3RVdy6p9VRCYF8SYR2lJgUIFFVaf0fNkm/Rr9hILgi7t iVf5FA/9u6ecgrRxJPMC9ESivjkzz9HoUbSmBATJK9lnzFP1w9WojQnDWWI5+1U3 G4X+B778Q+bFU72uETkrxmvkpnnMbD/IfSVKH0meG0nOI6Fh+NaV -----END CERTIFICATE-----Generated at Wed Nov 5 08:46:56 2025 by rpki-client