$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS204857.roa File: AS204857.roa (raw, json) Hash identifier: sO4+WsYj0ykO2T+AuPgjvWgbzqn6JYSWLMhzO3RDzXg= Subject key identifier: C1:B6:C0:23:2F:3C:61:F2:6B:C1:FB:FF:62:E1:5B:74:BF:98:61:2D Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 1BEF154BBF7B2977490C840D0B37693155EB3502 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS204857.roa Signing time: Fri 05 Jun 2026 08:45:51 +0000 ROA not before: Fri 05 Jun 2026 08:40:51 +0000 ROA not after: Fri 04 Jun 2027 08:45:51 +0000 asID: 204857 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Jun 2026 22:46:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:ef:15:4b:bf:7b:29:77:49:0c:84:0d:0b:37:69:31:55:eb:35:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jun 5 08:40:51 2026 GMT Not After : Jun 4 08:45:51 2027 GMT Subject: CN=C1B6C0232F3C61F26BC1FBFF62E15B74BF98612D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:13:88:d4:c6:14:08:60:91:58:1d:91:8b:26: 6d:18:51:66:93:a1:e8:bf:bc:36:78:d1:3e:58:4b: 44:9e:0b:7f:6f:8d:4f:d5:b6:af:85:17:d6:80:b9: 1e:95:d4:ad:3b:19:51:c0:91:07:3f:72:12:3e:2c: 64:15:e8:5b:f2:b6:f7:32:27:ed:de:2e:e5:d2:c8: 3e:fc:b1:90:d7:ca:93:cb:46:ab:44:c1:9f:b9:9b: 80:7f:a3:eb:ce:ba:40:1d:36:02:f9:45:90:ce:b5: d8:ac:24:fa:b7:b4:24:5e:80:a0:1c:55:09:4b:f2: b2:f8:e6:e4:48:eb:6d:79:e3:0f:38:f0:00:14:92: 9c:b5:73:33:c4:08:6d:6c:e6:ec:0f:16:3b:77:60: 09:b1:51:39:ee:7e:1e:d5:0a:13:ad:f8:fa:5c:37: f0:7f:e6:93:43:92:8c:89:c0:82:41:11:3a:22:38: 78:7e:99:59:5e:20:9d:4c:ac:ff:f7:64:d0:f8:53: e4:61:8e:cc:00:45:91:2f:7f:3d:ae:73:3d:7f:0e: 58:d8:82:8a:dd:69:02:e8:39:c8:d5:64:11:9f:9f: 3b:06:be:31:16:05:63:4b:d3:1b:0d:22:2e:c5:97: 31:b1:ff:bb:10:7e:d5:63:14:b0:1c:df:75:08:b2: f7:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:B6:C0:23:2F:3C:61:F2:6B:C1:FB:FF:62:E1:5B:74:BF:98:61:2D X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS204857.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 30:6c:d0:95:d7:58:d1:92:e6:3c:93:d6:96:4c:c5:05:cc:89: 6a:33:29:32:79:6b:52:69:7b:ee:91:eb:2b:08:ab:8e:07:7a: dd:52:5a:b8:d3:78:18:07:8f:9e:5f:a2:20:5c:62:e1:c2:ad: 13:ec:a5:b5:e2:bc:8a:a3:8d:fc:6a:14:02:63:36:e3:f3:79: 66:09:0e:73:c0:e1:fe:ac:47:ef:b4:03:fd:e7:ff:a5:b0:0e: fd:d6:29:54:2d:4a:90:e5:5c:f0:00:73:36:91:0f:40:87:f0: 71:6b:3a:d5:36:80:90:ac:00:ea:96:a0:8a:a2:81:2b:c6:6e: 93:28:6a:8b:17:9e:f4:d2:f7:aa:72:f3:d1:7a:45:d1:89:a6: 27:0f:77:6b:e5:d2:13:3c:a6:48:ac:45:a9:74:6f:9a:ed:46: 8c:97:36:48:e3:4b:02:02:f7:35:4b:4e:71:06:2d:5d:49:bf: 6e:2d:d4:49:48:1d:18:99:ff:85:7f:f1:34:bb:c6:2b:a8:ba: 75:8a:8a:95:eb:39:bf:03:e6:76:0b:45:05:73:f8:87:28:e7: 10:cb:da:b0:19:da:89:ea:0b:29:0f:fb:33:d4:a6:35:65:4f: c5:e7:73:15:6d:83:60:b6:4d:f2:63:9e:cb:0c:d8:44:fc:84: 9c:d5:11:cf -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUG+8VS797KXdJDIQNCzdpMVXrNQIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNjA2MDUwODQwNTFaFw0yNzA2MDQwODQ1NTFaMDMxMTAvBgNV BAMTKEMxQjZDMDIzMkYzQzYxRjI2QkMxRkJGRjYyRTE1Qjc0QkY5ODYxMkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7E4jUxhQIYJFYHZGLJm0YUWaT oei/vDZ40T5YS0SeC39vjU/Vtq+FF9aAuR6V1K07GVHAkQc/chI+LGQV6Fvytvcy J+3eLuXSyD78sZDXypPLRqtEwZ+5m4B/o+vOukAdNgL5RZDOtdisJPq3tCRegKAc VQlL8rL45uRI62154w848AAUkpy1czPECG1s5uwPFjt3YAmxUTnufh7VChOt+Ppc N/B/5pNDkoyJwIJBEToiOHh+mVleIJ1MrP/3ZND4U+RhjswARZEvfz2ucz1/DljY gordaQLoOcjVZBGfnzsGvjEWBWNL0xsNIi7FlzGx/7sQftVjFLAc33UIsvfvAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUwbbAIy88YfJrwfv/YuFbdL+YYS0wHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjA0ODU3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAwbNCV11jRkuY8k9aWTMUFzIlqMykyeWtS aXvukesrCKuOB3rdUlq403gYB4+eX6IgXGLhwq0T7KW14ryKo438ahQCYzbj83lm CQ5zwOH+rEfvtAP95/+lsA791ilULUqQ5VzwAHM2kQ9Ah/BxazrVNoCQrADqlqCK ooErxm6TKGqLF5700veqcvPRekXRiaYnD3dr5dITPKZIrEWpdG+a7UaMlzZI40sC Avc1S05xBi1dSb9uLdRJSB0Ymf+Ff/E0u8YrqLp1ioqV6zm/A+Z2C0UFc/iHKOcQ y9qwGdqJ6gspD/sz1KY1ZU/F53MVbYNgtk3yY57LDNhE/ISc1RHP -----END CERTIFICATE-----Generated at Sat Jun 13 06:44:56 2026 by rpki-client