$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323035343633.roa File: 326130663a383563313a3766313a3a2f34382d3438203d3e20323035343633.roa (raw, json) Hash identifier: QtxzWf2JsAYGrlxsDmcE2oi7tthkDrQ3wvK+rgUOQxg= Subject key identifier: 54:6C:86:97:66:23:85:3C:D3:83:DA:47:B5:F1:A4:67:70:B4:F2:50 Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Certificate serial: 1DE17F1FC5F2568F296D428DE7EB90AFDBBC1F2B Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323035343633.roa Signing time: Fri 01 Aug 2025 10:45:01 +0000 ROA not before: Fri 01 Aug 2025 10:40:01 +0000 ROA not after: Fri 31 Jul 2026 10:45:01 +0000 asID: 205463 IP address blocks: 2a0f:85c1:7f1::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 06 Aug 2025 06:31:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:e1:7f:1f:c5:f2:56:8f:29:6d:42:8d:e7:eb:90:af:db:bc:1f:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Validity Not Before: Aug 1 10:40:01 2025 GMT Not After : Jul 31 10:45:01 2026 GMT Subject: CN=546C86976623853CD383DA47B5F1A46770B4F250 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:96:77:3c:a4:6e:74:14:f7:ac:cb:aa:62:50: 86:46:81:6b:76:be:e9:33:d4:ac:0a:c3:55:bb:87: 6f:cd:74:80:b2:c7:7a:b5:0c:64:b7:36:44:8f:3b: d5:70:75:50:ab:3e:c6:c5:58:2a:56:c6:8f:1a:f6: 36:35:28:30:19:bf:b2:4e:94:e1:64:bc:72:2f:05: 12:3a:3f:81:56:58:d6:34:b4:9b:67:d7:c3:af:fc: ee:5e:42:a2:56:95:fe:d8:eb:e0:91:3d:e4:3b:d5: 28:a3:f6:af:9e:36:dd:0b:72:fa:fd:95:5c:92:af: b1:b7:aa:ef:21:05:0a:19:ab:99:8f:f6:0b:19:22: 47:3a:71:96:10:ac:93:35:68:00:8b:17:5c:ef:6e: 76:54:61:94:5b:29:e8:14:d5:60:2f:6b:33:1a:58: da:c4:20:a3:8d:25:bb:f1:2f:bd:60:c4:cd:7c:fb: 91:26:0a:44:12:44:0a:d1:61:7c:64:7f:eb:99:02: fd:e6:f0:14:91:51:fd:97:5f:0e:c4:a1:71:7d:ea: e3:d7:24:47:a1:2a:11:df:41:7e:3a:1b:f6:40:f0: 79:9a:40:ed:c9:ad:94:90:09:6d:d5:29:a8:96:00: 81:a2:9e:1e:1c:7e:6a:82:1e:3b:3e:23:18:33:5b: 7e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:6C:86:97:66:23:85:3C:D3:83:DA:47:B5:F1:A4:67:70:B4:F2:50 X509v3 Authority Key Identifier: keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323035343633.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:7f1::/48 Signature Algorithm: sha256WithRSAEncryption 58:a7:0c:3a:6b:05:58:a0:51:5f:63:55:a5:40:0f:10:f0:0e: db:c0:25:ca:54:ac:61:c6:d5:f8:e9:3a:f5:e9:2b:7f:fc:8d: 81:98:09:91:f2:19:82:ae:f2:07:10:c6:06:86:c7:c4:c1:b0: 4a:33:5a:be:9a:98:98:70:36:f0:25:f8:9d:65:0f:62:5f:1d: 19:5c:34:d6:07:62:53:69:19:14:03:3f:80:8e:93:c9:29:ee: 4b:ef:d8:61:d2:90:e0:05:94:99:6b:f0:6b:7d:74:71:41:84: c7:d6:86:8c:dd:5a:8e:a6:4a:1a:69:ac:7c:d2:4f:61:a4:b6: 23:a2:3b:a5:fe:f7:e5:6c:a4:1e:4e:e4:55:78:d6:c3:3e:32: bc:b3:c4:87:b9:36:3f:8e:df:92:de:71:20:a7:05:e3:e8:53: 9d:1d:81:e6:36:d4:78:66:51:8c:d1:b9:91:b0:3a:bc:cb:c4: 69:ca:b3:f6:28:96:8f:33:42:e9:1b:71:f5:49:19:26:f1:31: 12:e2:c8:80:1a:57:ae:3e:d5:d8:65:73:9a:1b:ed:69:96:7a: c1:a0:0d:b2:59:3e:33:7c:48:cb:e2:bb:9c:cd:7f:b1:1a:5f: 2a:dc:b8:ee:76:8e:e9:80:5a:98:20:e1:e1:b4:90:13:35:6f: d9:e1:f7:6b -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUHeF/H8XyVo8pbUKN5+uQr9u8HyswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0 OUMxODM3NzAeFw0yNTA4MDExMDQwMDFaFw0yNjA3MzExMDQ1MDFaMDMxMTAvBgNV BAMTKDU0NkM4Njk3NjYyMzg1M0NEMzgzREE0N0I1RjFBNDY3NzBCNEYyNTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDlnc8pG50FPesy6piUIZGgWt2 vukz1KwKw1W7h2/NdICyx3q1DGS3NkSPO9VwdVCrPsbFWCpWxo8a9jY1KDAZv7JO lOFkvHIvBRI6P4FWWNY0tJtn18Ov/O5eQqJWlf7Y6+CRPeQ71Sij9q+eNt0Lcvr9 lVySr7G3qu8hBQoZq5mP9gsZIkc6cZYQrJM1aACLF1zvbnZUYZRbKegU1WAvazMa WNrEIKONJbvxL71gxM18+5EmCkQSRArRYXxkf+uZAv3m8BSRUf2XXw7EoXF96uPX JEehKhHfQX46G/ZA8HmaQO3JrZSQCW3VKaiWAIGinh4cfmqCHjs+IxgzW351AgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUVGyGl2YjhTzTg9pHtfGkZ3C08lAwHwYDVR0j BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0 MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3 MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2 NjNhMzgzNTYzMzEzYTM3NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz NTM0MzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8TANBgkqhkiG9w0BAQsFAAOCAQEAWKcM OmsFWKBRX2NVpUAPEPAO28AlylSsYcbV+Ok69ekrf/yNgZgJkfIZgq7yBxDGBobH xMGwSjNavpqYmHA28CX4nWUPYl8dGVw01gdiU2kZFAM/gI6TySnuS+/YYdKQ4AWU mWvwa310cUGEx9aGjN1ajqZKGmmsfNJPYaS2I6I7pf735WykHk7kVXjWwz4yvLPE h7k2P47fkt5xIKcF4+hTnR2B5jbUeGZRjNG5kbA6vMvEacqz9iiWjzNC6Rtx9UkZ JvExEuLIgBpXrj7V2GVzmhvtaZZ6waANslk+M3xIy+K7nM1/sRpfKty47naO6YBa mCDh4bSQEzVv2eH3aw== -----END CERTIFICATE-----Generated at Tue Aug 5 20:18:50 2025 by rpki-client