$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS216212.roa File: AS216212.roa (raw, json) Hash identifier: cKz3I5SXcua2u7cEeq6BA6CunE2uQt5PQr2MIceOlbI= Subject key identifier: C9:6E:5E:F9:F9:08:18:5C:07:8D:01:0D:CE:0E:D1:5B:85:B1:EC:40 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 0A2E2088DF62EB9B008BAD8931AC642630DEC63E Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS216212.roa Signing time: Fri 05 Jun 2026 08:45:54 +0000 ROA not before: Fri 05 Jun 2026 08:40:54 +0000 ROA not after: Fri 04 Jun 2027 08:45:54 +0000 asID: 216212 IP address blocks: 2a07:54c4:b10::/44 maxlen: 48 2a07:54c4:1080::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Jun 2026 22:46:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:2e:20:88:df:62:eb:9b:00:8b:ad:89:31:ac:64:26:30:de:c6:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jun 5 08:40:54 2026 GMT Not After : Jun 4 08:45:54 2027 GMT Subject: CN=C96E5EF9F908185C078D010DCE0ED15B85B1EC40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:9d:57:6b:09:a3:e0:8f:32:49:4f:76:08:66: c5:1a:d4:38:85:87:09:b0:ee:84:0c:92:2e:a5:99: c7:0e:17:4f:41:39:02:c0:aa:52:50:a0:1d:eb:33: 35:e8:0f:a8:16:3e:ae:95:fa:6d:1f:dc:76:c7:ea: e4:6c:0f:74:2b:27:f5:43:fd:7d:9b:b8:fe:4d:94: 19:b5:19:45:3e:67:c0:65:82:24:6f:6b:fe:7e:fd: 2a:58:ee:97:97:7a:d9:b3:ee:2c:ba:a2:2c:2e:f8: b6:0d:78:80:cf:82:59:e8:84:6a:07:07:02:ba:5f: 85:7a:af:47:a1:40:cd:c3:81:f4:50:95:2c:a3:6c: 15:99:cc:4a:4d:6d:08:9b:e3:a3:dc:3b:97:5b:d9: 90:ba:97:7a:1e:e1:6f:77:65:d9:3a:0d:12:2b:95: 5c:85:58:7b:d3:47:7c:73:41:83:8a:19:c5:44:57: 35:91:e2:91:a8:43:ca:d6:25:90:7e:a3:61:5c:36: 42:95:12:60:54:32:c2:59:31:d6:63:e2:c7:73:a2: 10:9f:2e:e1:94:7a:91:76:47:81:ab:86:88:fc:4b: e5:c6:cc:1e:ba:e3:a2:a7:5b:81:10:38:15:00:31: f7:58:99:15:3d:8c:b7:f5:a6:e1:36:38:d9:ae:9b: 72:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:6E:5E:F9:F9:08:18:5C:07:8D:01:0D:CE:0E:D1:5B:85:B1:EC:40 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS216212.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c4:b10::/44 2a07:54c4:1080::/44 Signature Algorithm: sha256WithRSAEncryption b4:b1:39:fd:88:a7:87:90:dd:21:a5:fd:3e:90:84:ab:8f:47: bb:47:88:a5:5b:65:5d:f8:1e:87:c3:5a:4a:ea:91:b7:39:28: 73:05:7d:45:75:0a:52:55:b4:37:41:b2:80:40:72:a7:00:e5: 39:c1:8e:81:06:34:f9:61:eb:69:cc:0b:87:d3:f9:0d:7d:11: 82:dc:03:eb:de:5b:9d:f3:ab:5e:c1:12:54:a4:18:1a:e2:61: 52:9c:93:d9:de:de:ac:e5:c4:de:44:89:d8:4f:71:48:f3:66: 56:9c:fa:e7:a1:d5:1c:d2:ba:a9:84:3b:c4:a5:fd:c5:52:1c: 9b:a1:89:05:81:cb:94:b5:b6:ed:97:2b:b8:f7:b6:c3:40:e4: b4:04:80:ae:7d:2c:ec:82:ce:5e:e5:8c:1b:b4:e5:48:7f:28: ba:e8:21:b3:f8:0d:20:38:14:de:14:19:4c:ef:f4:a7:84:10: 58:56:fe:1c:0b:28:e3:c1:b2:ad:75:f0:68:d6:36:a6:76:8c: b8:6d:85:b0:02:5d:a5:9e:44:69:c6:af:b8:65:6b:df:68:c7: ac:ad:2c:f2:25:67:81:8b:73:d9:67:5a:54:aa:d3:65:72:26: b8:a8:17:19:88:53:3b:50:7b:04:f2:a7:1c:d1:b7:84:ce:6b: 7f:e0:97:01 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUCi4giN9i65sAi62JMaxkJjDexj4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNjA2MDUwODQwNTRaFw0yNzA2MDQwODQ1NTRaMDMxMTAvBgNV BAMTKEM5NkU1RUY5RjkwODE4NUMwNzhEMDEwRENFMEVEMTVCODVCMUVDNDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdnVdrCaPgjzJJT3YIZsUa1DiF hwmw7oQMki6lmccOF09BOQLAqlJQoB3rMzXoD6gWPq6V+m0f3HbH6uRsD3QrJ/VD /X2buP5NlBm1GUU+Z8BlgiRva/5+/SpY7peXetmz7iy6oiwu+LYNeIDPglnohGoH BwK6X4V6r0ehQM3DgfRQlSyjbBWZzEpNbQib46PcO5db2ZC6l3oe4W93Zdk6DRIr lVyFWHvTR3xzQYOKGcVEVzWR4pGoQ8rWJZB+o2FcNkKVEmBUMsJZMdZj4sdzohCf LuGUepF2R4Grhoj8S+XGzB6646KnW4EQOBUAMfdYmRU9jLf1puE2ONmum3IXAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUyW5e+fkIGFwHjQENzg7RW4Wx7EAwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjE2MjEyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgdU xAsQAwcEKgdUxBCAMA0GCSqGSIb3DQEBCwUAA4IBAQC0sTn9iKeHkN0hpf0+kISr j0e7R4ilW2Vd+B6Hw1pK6pG3OShzBX1FdQpSVbQ3QbKAQHKnAOU5wY6BBjT5Yetp zAuH0/kNfRGC3APr3lud86tewRJUpBga4mFSnJPZ3t6s5cTeRInYT3FI82ZWnPrn odUc0rqphDvEpf3FUhyboYkFgcuUtbbtlyu497bDQOS0BICufSzsgs5e5YwbtOVI fyi66CGz+A0gOBTeFBlM7/SnhBBYVv4cCyjjwbKtdfBo1jamdoy4bYWwAl2lnkRp xq+4ZWvfaMesrSzyJWeBi3PZZ1pUqtNlcia4qBcZiFM7UHsE8qcc0beEzmt/4JcB -----END CERTIFICATE-----Generated at Sat Jun 13 09:26:44 2026 by rpki-client