$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209022.roa File: AS209022.roa (raw, json) Hash identifier: hx+VgAsGq6MjJJMBKHlFClbZz4SgvMp7SGgKSG8P34o= Subject key identifier: D3:B7:25:1E:C1:43:F8:96:5B:EF:79:BB:21:F4:54:8A:83:95:FB:5C Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 2BF9FECA4AE16C0BF474C94C81A0F9C399DF9E89 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209022.roa Signing time: Fri 04 Jul 2025 07:51:28 +0000 ROA not before: Fri 04 Jul 2025 07:46:28 +0000 ROA not after: Fri 03 Jul 2026 07:51:28 +0000 asID: 209022 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 2a07:54c4:174e::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 18:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:f9:fe:ca:4a:e1:6c:0b:f4:74:c9:4c:81:a0:f9:c3:99:df:9e:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:28 2025 GMT Not After : Jul 3 07:51:28 2026 GMT Subject: CN=D3B7251EC143F8965BEF79BB21F4548A8395FB5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a8:b7:2e:57:e3:6c:0a:5c:48:54:38:8c:37: 7e:6c:61:c0:d3:a6:1e:31:44:cd:19:d1:dc:76:85: 7c:6d:fe:e1:89:02:4a:aa:aa:b2:89:5e:0d:3a:33: 69:d1:39:92:30:41:95:cd:c9:46:7d:29:61:1a:a0: 0c:5c:c8:db:d1:b3:9f:1f:5d:32:73:89:d8:e2:23: 15:5d:ec:36:c1:dc:ae:cf:e1:1e:97:73:89:ca:68: c5:f3:a4:90:e0:72:28:e2:34:ba:18:d5:8c:78:d9: a2:ce:0c:59:9c:a9:32:8d:00:44:e8:90:f9:60:d7: 64:3e:38:a6:f8:d6:28:7b:15:fe:35:26:d6:7b:37: a2:5d:5a:7f:6f:22:03:87:25:18:0e:75:b4:56:04: 25:3c:1a:f0:5c:91:a0:43:a5:da:6a:c6:9f:ef:f9: ad:4f:c2:9d:fc:de:7c:4a:14:9c:5a:e8:59:93:e5: 12:0f:27:79:0f:94:69:0e:39:a9:5d:0b:0f:d3:2e: 25:d1:db:67:c4:a6:1b:72:61:e7:10:6f:d9:c1:a6: 82:16:59:3b:a9:1f:f1:dd:11:9b:ad:ed:b3:85:13: 08:e9:c9:e8:e6:a9:1b:0a:5e:8a:3c:48:a6:75:48: 2a:4b:e7:50:a4:e9:a2:b3:ad:05:55:0c:71:13:12: 67:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:B7:25:1E:C1:43:F8:96:5B:EF:79:BB:21:F4:54:8A:83:95:FB:5C X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209022.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 2a07:54c4:174e::/48 Signature Algorithm: sha256WithRSAEncryption 5a:4f:24:cb:a5:e1:1a:0c:6f:b0:e5:6d:0f:9c:29:93:9b:96: e1:cc:f4:af:10:b9:af:44:f3:56:97:d3:ae:1b:eb:71:7a:bd: 92:5c:96:5e:b8:64:84:c5:cf:76:37:97:cd:59:28:df:e4:fd: 75:44:52:c5:65:f5:c1:52:2b:93:d2:b5:a0:54:22:b6:64:48: 10:f8:5a:4a:ed:cf:de:b6:aa:2a:4e:3a:c6:b8:20:2e:45:8c: 77:a1:8f:18:5c:77:84:07:33:43:cf:6b:97:b3:69:e3:fe:c7: f8:32:3c:ff:08:35:54:4d:eb:23:00:36:f6:8e:50:5b:bf:27: c1:1f:a1:5d:25:b8:cc:5c:46:55:8e:d1:43:ee:15:14:68:a7: a5:83:b8:8b:5e:d2:4f:21:d4:c4:51:22:00:ac:7a:dc:87:09: ba:af:08:0d:4e:02:d6:4c:92:42:9b:ee:08:9b:7a:71:50:67: 93:8b:98:b3:c5:4d:0b:c5:30:19:7d:07:24:16:8f:3a:14:00: 38:b9:87:36:71:42:83:33:e4:2b:01:45:69:6a:0e:8f:1b:b3: 4d:c5:25:b1:74:41:b2:2b:6e:9e:a9:05:12:7d:fe:63:2a:7e: d4:bd:1f:d4:18:f3:2b:14:38:b2:75:da:23:fb:53:96:6f:96: a0:5b:0f:40 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUK/n+ykrhbAv0dMlMgaD5w5nfnokwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjhaFw0yNjA3MDMwNzUxMjhaMDMxMTAvBgNV BAMTKEQzQjcyNTFFQzE0M0Y4OTY1QkVGNzlCQjIxRjQ1NDhBODM5NUZCNUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWqLcuV+NsClxIVDiMN35sYcDT ph4xRM0Z0dx2hXxt/uGJAkqqqrKJXg06M2nROZIwQZXNyUZ9KWEaoAxcyNvRs58f XTJzidjiIxVd7DbB3K7P4R6Xc4nKaMXzpJDgcijiNLoY1Yx42aLODFmcqTKNAETo kPlg12Q+OKb41ih7Ff41JtZ7N6JdWn9vIgOHJRgOdbRWBCU8GvBckaBDpdpqxp/v +a1Pwp383nxKFJxa6FmT5RIPJ3kPlGkOOaldCw/TLiXR22fEphtyYecQb9nBpoIW WTupH/HdEZut7bOFEwjpyejmqRsKXoo8SKZ1SCpL51Ck6aKzrQVVDHETEmdpAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQU07clHsFD+JZb73m7IfRUioOV+1wwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjA5MDIyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgdU wrALAwcAKgdUxBdOMA0GCSqGSIb3DQEBCwUAA4IBAQBaTyTLpeEaDG+w5W0PnCmT m5bhzPSvELmvRPNWl9OuG+txer2SXJZeuGSExc92N5fNWSjf5P11RFLFZfXBUiuT 0rWgVCK2ZEgQ+FpK7c/etqoqTjrGuCAuRYx3oY8YXHeEBzNDz2uXs2nj/sf4Mjz/ CDVUTesjADb2jlBbvyfBH6FdJbjMXEZVjtFD7hUUaKelg7iLXtJPIdTEUSIArHrc hwm6rwgNTgLWTJJCm+4Im3pxUGeTi5izxU0LxTAZfQckFo86FAA4uYc2cUKDM+Qr AUVpag6PG7NNxSWxdEGyK26eqQUSff5jKn7UvR/UGPMrFDiyddoj+1OWb5agWw9A -----END CERTIFICATE-----Generated at Wed Nov 5 03:04:04 2025 by rpki-client