$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/326131343a373538313a396632303a3a2f34342d3434203d3e20323135323838.roa File: 326131343a373538313a396632303a3a2f34342d3434203d3e20323135323838.roa (raw, json) Hash identifier: Si3nvIvR6vlJSP9N899TEpLNTv8CH8Xf9C307NCghTQ= Subject key identifier: 04:E1:1A:46:05:06:55:1F:E9:61:39:92:8F:45:A8:97:8E:9D:A5:2D Certificate issuer: /CN=4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6 Certificate serial: 3EB43DF5C78296A1600C535967F5F886781D7307 Authority key identifier: 40:50:A1:7B:AE:1C:5F:37:63:D4:5A:38:DC:FE:AC:E0:FE:22:2B:D6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/326131343a373538313a396632303a3a2f34342d3434203d3e20323135323838.roa Signing time: Fri 24 Oct 2025 07:25:57 +0000 ROA not before: Fri 24 Oct 2025 07:20:57 +0000 ROA not after: Fri 23 Oct 2026 07:25:57 +0000 asID: 215288 IP address blocks: 2a14:7581:9f20::/44 maxlen: 44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.crl rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 17:38:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:b4:3d:f5:c7:82:96:a1:60:0c:53:59:67:f5:f8:86:78:1d:73:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6 Validity Not Before: Oct 24 07:20:57 2025 GMT Not After : Oct 23 07:25:57 2026 GMT Subject: CN=04E11A460506551FE96139928F45A8978E9DA52D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:5d:82:8c:ad:58:5e:04:20:18:39:24:57:ae: c6:5a:7c:c3:d1:8d:04:8f:27:2a:53:f2:89:c2:08: 59:93:0c:2e:a7:3e:90:9d:64:b6:89:4f:04:58:dd: 0c:83:ff:87:b4:4f:44:5f:b9:c0:53:93:56:cb:24: d5:1e:ac:71:51:7a:e4:93:fc:e6:36:bc:f9:f0:37: c4:c2:70:22:84:6b:6b:9f:21:49:3b:23:2e:e0:41: 67:f2:19:67:8e:01:11:a7:5c:c7:cb:8e:33:66:65: d7:3e:ee:ba:44:07:74:d2:02:69:95:53:06:3c:50: 31:b6:cb:be:3f:4c:98:17:89:64:d0:9d:71:02:75: 03:4e:ec:09:b4:56:be:58:98:af:be:38:0f:96:4d: 98:2f:5b:9b:53:a7:f2:c1:e8:24:2b:21:48:53:db: 50:61:c0:7d:97:f4:4e:99:e9:1a:5a:02:75:0f:fb: 76:00:c8:16:0a:02:b3:c0:cc:82:a6:ee:39:e9:97: cd:01:cb:3b:24:0d:53:b5:d3:04:09:56:48:11:fc: ee:78:e0:62:1c:a8:72:fe:e2:9e:73:9d:f0:dc:28: e5:a0:fc:5b:6c:56:39:c0:9b:28:d5:af:9b:47:c5: 8b:81:71:da:a8:4f:f7:cf:70:0c:5a:f9:79:38:bf: 1d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:E1:1A:46:05:06:55:1F:E9:61:39:92:8F:45:A8:97:8E:9D:A5:2D X509v3 Authority Key Identifier: keyid:40:50:A1:7B:AE:1C:5F:37:63:D4:5A:38:DC:FE:AC:E0:FE:22:2B:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/326131343a373538313a396632303a3a2f34342d3434203d3e20323135323838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9f20::/44 Signature Algorithm: sha256WithRSAEncryption 6f:48:54:85:9a:8c:4f:a4:ab:7a:62:f1:1a:3a:76:31:c3:dc: 32:b3:18:0d:9b:f3:77:32:ad:b1:a5:48:d2:a1:d3:e8:f9:83: 9a:b9:fe:f3:00:0b:23:be:a1:e1:e9:86:97:fe:a7:c6:00:6e: 4d:ce:6c:dd:2d:61:26:85:e8:74:46:d3:e3:20:bd:df:e0:a4: 34:ae:c4:36:63:77:2a:b8:4e:4e:8d:04:f8:48:41:93:38:51: a2:79:f8:a4:6c:c6:69:c0:48:f7:ad:ba:65:a5:0f:22:9e:48: b3:5c:d5:e6:ac:40:35:6b:05:24:49:8b:1d:ae:37:f4:c8:ed: e2:03:b1:02:22:ab:5b:c9:84:94:b5:b7:41:52:8d:84:5c:95: ce:c8:ba:49:f2:6a:98:90:46:3c:0b:fa:80:d1:21:21:cd:25: 12:4b:75:fd:5d:4e:a7:32:e3:76:73:cb:d9:74:d4:a3:39:b1: 6e:e5:d4:26:57:0c:ca:47:e1:a1:57:5c:af:83:39:eb:27:41: 1e:41:7d:22:a2:ee:0a:6c:65:64:27:1b:5e:d8:e4:ed:03:01: ba:34:0a:81:ff:52:11:62:51:b7:10:a9:ec:8d:59:bf:b4:06: 29:b6:ff:94:23:36:ac:bd:d3:1c:d1:0f:34:c4:cc:bd:78:4d: a0:f7:d0:24 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUPrQ99ceClqFgDFNZZ/X4hngdcwcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA1MEExN0JBRTFDNUYzNzYzRDQ1QTM4RENGRUFDRTBG RTIyMkJENjAeFw0yNTEwMjQwNzIwNTdaFw0yNjEwMjMwNzI1NTdaMDMxMTAvBgNV BAMTKDA0RTExQTQ2MDUwNjU1MUZFOTYxMzk5MjhGNDVBODk3OEU5REE1MkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmXYKMrVheBCAYOSRXrsZafMPR jQSPJypT8onCCFmTDC6nPpCdZLaJTwRY3QyD/4e0T0RfucBTk1bLJNUerHFReuST /OY2vPnwN8TCcCKEa2ufIUk7Iy7gQWfyGWeOARGnXMfLjjNmZdc+7rpEB3TSAmmV UwY8UDG2y74/TJgXiWTQnXECdQNO7Am0Vr5YmK++OA+WTZgvW5tTp/LB6CQrIUhT 21BhwH2X9E6Z6RpaAnUP+3YAyBYKArPAzIKm7jnpl80ByzskDVO10wQJVkgR/O54 4GIcqHL+4p5znfDcKOWg/FtsVjnAmyjVr5tHxYuBcdqoT/fPcAxa+Xk4vx3rAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUBOEaRgUGVR/pYTmSj0Wol46dpS0wHwYDVR0j BBgwFoAUQFChe64cXzdj1Fo43P6s4P4iK9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzg2YjY1YjEtNDVlOS00ZmIyLWFkYzUtODdiYTcxMWUy MWI3LzEvNDA1MEExN0JBRTFDNUYzNzYzRDQ1QTM4RENGRUFDRTBGRTIyMkJENi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC80MDUwQTE3QkFFMUM1RjM3NjNENDVBMzhE Q0ZFQUNFMEZFMjIyQkQ2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9jODZiNjViMS00NWU5LTRmYjItYWRjNS04N2JhNzExZTIxYjcvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM5NjYzMjMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz MTM1MzIzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gZ8gMA0GCSqGSIb3DQEBCwUAA4IBAQBv SFSFmoxPpKt6YvEaOnYxw9wysxgNm/N3Mq2xpUjSodPo+YOauf7zAAsjvqHh6YaX /qfGAG5NzmzdLWEmheh0RtPjIL3f4KQ0rsQ2Y3cquE5OjQT4SEGTOFGiefikbMZp wEj3rbplpQ8inkizXNXmrEA1awUkSYsdrjf0yO3iA7ECIqtbyYSUtbdBUo2EXJXO yLpJ8mqYkEY8C/qA0SEhzSUSS3X9XU6nMuN2c8vZdNSjObFu5dQmVwzKR+GhV1yv gznrJ0EeQX0iou4KbGVkJxte2OTtAwG6NAqB/1IRYlG3EKnsjVm/tAYptv+UIzas vdMc0Q80xMy9eE2g99Ak -----END CERTIFICATE-----Generated at Wed Nov 5 08:21:43 2025 by rpki-client