$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766323a3a2f34382d3438203d3e20323135323432.roa File: 326130663a383563313a3766323a3a2f34382d3438203d3e20323135323432.roa (raw, json) Hash identifier: XxZQPg3bymA39RzaDkTbJBcK/NEqin5of0P6cgBF9Yw= Subject key identifier: 19:40:B2:8B:A5:92:00:2E:AC:F2:05:BB:75:EF:17:33:AF:FA:30:1C Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Certificate serial: 0E25545907599884C68051AD7E017DDA1A210EF4 Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766323a3a2f34382d3438203d3e20323135323432.roa Signing time: Thu 04 Jun 2026 03:36:09 +0000 ROA not before: Thu 04 Jun 2026 03:31:09 +0000 ROA not after: Thu 03 Jun 2027 03:36:09 +0000 asID: 215242 IP address blocks: 2a0f:85c1:7f2::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 05:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:25:54:59:07:59:98:84:c6:80:51:ad:7e:01:7d:da:1a:21:0e:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Validity Not Before: Jun 4 03:31:09 2026 GMT Not After : Jun 3 03:36:09 2027 GMT Subject: CN=1940B28BA592002EACF205BB75EF1733AFFA301C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:d9:be:86:7d:dd:fd:78:50:13:50:5f:5c:6e: 60:60:47:43:0e:9c:b1:39:8f:7c:2f:ba:9c:06:f2: f7:bd:b1:ac:a1:b5:7d:08:af:53:3b:74:72:4a:aa: 15:80:ed:4f:46:1b:90:db:d6:20:5b:ea:1a:e0:13: 19:92:eb:fe:2c:99:0a:85:66:60:88:a3:15:13:16: 37:77:e8:7c:d1:2f:b9:f1:59:98:93:84:0b:23:fc: a7:00:ec:f1:2c:08:12:39:4f:01:5d:51:75:8b:fd: 9a:c9:4d:c5:30:3b:d2:40:db:6d:e3:26:ce:4b:8f: c3:83:90:70:c3:bc:ea:18:24:90:4c:b4:c4:a7:4c: 26:e7:2e:c7:95:84:7b:5b:2c:a6:de:ee:85:03:34: 7a:60:33:03:48:4d:8b:63:26:43:e7:59:33:f9:cc: be:e5:52:be:36:3e:4c:51:ed:5f:c1:22:57:6e:01: 28:f7:e7:8d:ad:45:66:9a:69:f7:8e:db:cc:36:31: f5:08:5b:b8:c7:31:76:d8:8a:28:53:5e:06:2b:66: 3f:83:ab:6d:2a:be:4d:e7:fd:d9:8f:e2:d1:12:5b: 0b:29:31:66:85:92:a7:36:23:57:fa:c4:3d:aa:ed: 1c:07:0b:c2:fa:0d:a0:5c:0f:c2:fd:40:73:fd:43: ee:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:40:B2:8B:A5:92:00:2E:AC:F2:05:BB:75:EF:17:33:AF:FA:30:1C X509v3 Authority Key Identifier: keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766323a3a2f34382d3438203d3e20323135323432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:7f2::/48 Signature Algorithm: sha256WithRSAEncryption 30:c9:12:ed:7c:e1:7e:ef:9d:1f:23:2d:4a:7f:09:81:27:13: af:5c:f3:a9:9a:48:27:0a:92:4e:39:c5:08:72:5e:9c:fe:b3: 17:83:cf:6f:9e:78:73:8b:98:e5:16:6d:45:f4:de:97:88:b9: 19:a6:d6:36:56:57:b5:47:b6:8e:95:81:89:d9:0c:50:f6:aa: 15:56:10:cd:77:b1:79:33:33:0e:53:74:03:4d:a4:f3:de:23: 1b:48:da:ad:99:c1:16:e6:b9:31:7c:97:50:9f:00:c5:2c:e5: 3c:5b:26:ca:57:39:f0:6c:79:16:c5:04:da:e1:35:e7:b9:a8: 9d:97:65:2a:4c:09:f0:c6:9b:f1:81:c7:2c:58:fe:50:10:b1: 63:ee:0e:f5:f8:88:13:a2:14:3d:d1:d7:dc:7b:22:07:60:98: 9b:43:5f:16:4f:e0:c2:9d:46:3f:5d:07:56:53:29:22:59:a8: 74:69:72:70:13:c9:53:d8:35:4c:58:20:1f:31:3a:64:68:f8: 1e:86:ca:60:33:9b:62:03:ff:c6:04:eb:4c:38:3b:38:1b:15: af:39:6b:d9:99:bd:13:8e:ee:06:3d:97:b9:5c:b3:c1:d8:28: 52:3e:4a:06:95:7c:c8:fd:ce:a2:51:a1:57:33:6b:c7:c7:2f: a8:08:ab:9f -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUDiVUWQdZmITGgFGtfgF92hohDvQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0 OUMxODM3NzAeFw0yNjA2MDQwMzMxMDlaFw0yNzA2MDMwMzM2MDlaMDMxMTAvBgNV BAMTKDE5NDBCMjhCQTU5MjAwMkVBQ0YyMDVCQjc1RUYxNzMzQUZGQTMwMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa2b6Gfd39eFATUF9cbmBgR0MO nLE5j3wvupwG8ve9sayhtX0Ir1M7dHJKqhWA7U9GG5Db1iBb6hrgExmS6/4smQqF ZmCIoxUTFjd36HzRL7nxWZiThAsj/KcA7PEsCBI5TwFdUXWL/ZrJTcUwO9JA223j Js5Lj8ODkHDDvOoYJJBMtMSnTCbnLseVhHtbLKbe7oUDNHpgMwNITYtjJkPnWTP5 zL7lUr42PkxR7V/BIlduASj3542tRWaaafeO28w2MfUIW7jHMXbYiihTXgYrZj+D q20qvk3n/dmP4tESWwspMWaFkqc2I1f6xD2q7RwHC8L6DaBcD8L9QHP9Q+6pAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUGUCyi6WSAC6s8gW7de8XM6/6MBwwHwYDVR0j BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0 MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3 MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2 NjNhMzgzNTYzMzEzYTM3NjYzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz NTMyMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8jANBgkqhkiG9w0BAQsFAAOCAQEAMMkS 7Xzhfu+dHyMtSn8JgScTr1zzqZpIJwqSTjnFCHJenP6zF4PPb554c4uY5RZtRfTe l4i5GabWNlZXtUe2jpWBidkMUPaqFVYQzXexeTMzDlN0A02k894jG0jarZnBFua5 MXyXUJ8AxSzlPFsmylc58Gx5FsUE2uE157monZdlKkwJ8Mab8YHHLFj+UBCxY+4O 9fiIE6IUPdHX3HsiB2CYm0NfFk/gwp1GP10HVlMpIlmodGlycBPJU9g1TFggHzE6 ZGj4HobKYDObYgP/xgTrTDg7OBsVrzlr2Zm9E47uBj2XuVyzwdgoUj5KBpV8yP3O olGhVzNrx8cvqAirnw== -----END CERTIFICATE-----Generated at Sat Jun 13 15:34:26 2026 by rpki-client