$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209022.roa File: AS209022.roa (raw, json) Hash identifier: 7iSxJVJPypJrxJQIh2v0sDOiOusYISy79UXry13/9xY= Subject key identifier: C4:F5:E7:FA:28:80:3A:A8:8F:1F:C7:A0:AD:2B:98:E8:F8:9E:FF:DB Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 481555F4DE8B322E18849CF8C67E25244E3B048B Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209022.roa Signing time: Fri 05 Jun 2026 08:45:54 +0000 ROA not before: Fri 05 Jun 2026 08:40:54 +0000 ROA not after: Fri 04 Jun 2027 08:45:54 +0000 asID: 209022 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 2a07:54c4:174e::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Jun 2026 22:46:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:15:55:f4:de:8b:32:2e:18:84:9c:f8:c6:7e:25:24:4e:3b:04:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jun 5 08:40:54 2026 GMT Not After : Jun 4 08:45:54 2027 GMT Subject: CN=C4F5E7FA28803AA88F1FC7A0AD2B98E8F89EFFDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:78:45:97:de:70:e5:03:5a:d4:df:b0:63:ee: 57:91:e0:64:cf:9c:a8:43:5e:7b:97:70:e3:c0:6f: 51:65:c2:36:38:ef:9b:b5:4d:e0:52:61:65:54:74: 7c:de:5f:d6:77:e2:fa:31:18:0d:0c:0d:9e:3d:35: 8b:55:5d:a0:5e:06:62:25:e2:6e:ec:b5:9f:e3:49: 47:14:01:85:88:c8:a0:f7:79:08:f7:e5:a1:ce:c1: d7:df:ab:ec:4f:f2:01:75:18:2d:6a:0d:a6:44:14: 70:ee:05:71:15:f6:8a:12:56:00:d8:f0:a7:9f:9f: 24:37:bd:7b:e6:df:da:7e:c4:8b:91:ff:fb:ea:b9: e5:41:19:1e:2f:03:41:6a:b5:f8:de:b1:89:b9:12: ca:2c:33:b7:61:4e:1b:5e:df:47:65:d7:a9:90:93: c3:24:66:df:a1:7c:ba:bc:70:88:31:8d:ee:9c:cf: b6:2e:4c:76:3f:47:4d:ac:4b:97:fa:cd:a6:2f:fb: 6f:12:19:43:08:9f:34:31:03:ed:2e:83:91:af:f0: 0f:8f:b3:01:b0:fc:cb:f8:a5:8b:c1:66:94:10:01: e9:64:1f:17:12:dd:3d:13:9d:63:42:34:83:de:71: a7:ea:23:4b:77:6e:b2:67:a4:4e:d2:40:1f:f9:cc: aa:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:F5:E7:FA:28:80:3A:A8:8F:1F:C7:A0:AD:2B:98:E8:F8:9E:FF:DB X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209022.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 2a07:54c4:174e::/48 Signature Algorithm: sha256WithRSAEncryption 2b:85:8f:53:e0:0a:93:e0:e1:56:f4:e5:26:0e:f8:93:c2:be: b7:c6:31:78:08:5b:a5:1f:69:28:50:ac:b7:fa:1f:68:19:fa: fa:6b:1c:b9:ad:51:5f:e4:11:28:3b:a2:9f:71:11:66:46:c5: 53:96:79:b7:f4:c1:c9:bb:80:ea:7f:9a:0f:76:07:d6:1a:3e: 70:69:e5:8b:dd:8e:69:af:0b:a1:88:5c:57:46:0c:a6:5a:37: 56:06:e2:33:18:aa:da:16:b4:57:a8:c2:4d:de:66:57:f7:14: 1c:d7:57:6d:c0:20:7a:ea:00:5f:97:4b:89:05:16:0f:a8:69: 25:a0:fe:46:56:43:f2:09:38:d6:ed:97:3e:3e:84:ce:d6:27: 61:03:4e:0a:fb:1b:c2:0d:0f:00:56:db:8e:1d:9c:1a:a6:a5: 18:cf:42:dd:02:af:bb:02:be:85:12:a7:96:2f:c0:4a:25:63: 64:80:04:21:2c:69:2c:94:f1:43:f0:71:bf:e5:9b:6a:27:6d: e1:79:f2:72:73:6f:bf:ff:a8:68:44:d8:4a:89:a2:cb:07:9f: 48:7e:8d:d0:cd:58:c9:a7:f3:a8:2a:88:b5:b7:71:74:38:80: 27:60:5d:d5:6a:60:56:b9:45:29:cc:f1:f4:dc:a3:03:30:c5: fc:b9:23:8a -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUSBVV9N6LMi4YhJz4xn4lJE47BIswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNjA2MDUwODQwNTRaFw0yNzA2MDQwODQ1NTRaMDMxMTAvBgNV BAMTKEM0RjVFN0ZBMjg4MDNBQTg4RjFGQzdBMEFEMkI5OEU4Rjg5RUZGREIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeeEWX3nDlA1rU37Bj7leR4GTP nKhDXnuXcOPAb1FlwjY475u1TeBSYWVUdHzeX9Z34voxGA0MDZ49NYtVXaBeBmIl 4m7stZ/jSUcUAYWIyKD3eQj35aHOwdffq+xP8gF1GC1qDaZEFHDuBXEV9ooSVgDY 8KefnyQ3vXvm39p+xIuR//vqueVBGR4vA0FqtfjesYm5EsosM7dhThte30dl16mQ k8MkZt+hfLq8cIgxje6cz7YuTHY/R02sS5f6zaYv+28SGUMInzQxA+0ug5Gv8A+P swGw/Mv4pYvBZpQQAelkHxcS3T0TnWNCNIPecafqI0t3brJnpE7SQB/5zKoJAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUxPXn+iiAOqiPH8egrSuY6Pie/9swHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjA5MDIyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgdU wrALAwcAKgdUxBdOMA0GCSqGSIb3DQEBCwUAA4IBAQArhY9T4AqT4OFW9OUmDviT wr63xjF4CFulH2koUKy3+h9oGfr6axy5rVFf5BEoO6KfcRFmRsVTlnm39MHJu4Dq f5oPdgfWGj5waeWL3Y5prwuhiFxXRgymWjdWBuIzGKraFrRXqMJN3mZX9xQc11dt wCB66gBfl0uJBRYPqGkloP5GVkPyCTjW7Zc+PoTO1idhA04K+xvCDQ8AVtuOHZwa pqUYz0LdAq+7Ar6FEqeWL8BKJWNkgAQhLGkslPFD8HG/5ZtqJ23hefJyc2+//6ho RNhKiaLLB59Ifo3QzVjJp/OoKoi1t3F0OIAnYF3VamBWuUUpzPH03KMDMMX8uSOK -----END CERTIFICATE-----Generated at Sat Jun 13 09:26:14 2026 by rpki-client