$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766343a3a2f34382d3438203d3e20323135323432.roa File: 326130663a383563313a3766343a3a2f34382d3438203d3e20323135323432.roa (raw, json) Hash identifier: Sqqkf1ajVYDwVw2KSKZnr/tFVnDaWUIPFwaxuN/hzVk= Subject key identifier: 9F:8A:AF:1A:C0:7D:C4:B3:39:4B:E5:EE:81:EA:0A:5F:D1:44:3A:4A Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Certificate serial: 32F22675F7C6463D519CDD67EED6521966E8CD8C Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766343a3a2f34382d3438203d3e20323135323432.roa Signing time: Fri 01 Aug 2025 10:45:01 +0000 ROA not before: Fri 01 Aug 2025 10:40:01 +0000 ROA not after: Fri 31 Jul 2026 10:45:01 +0000 asID: 215242 IP address blocks: 2a0f:85c1:7f4::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 19:28:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:f2:26:75:f7:c6:46:3d:51:9c:dd:67:ee:d6:52:19:66:e8:cd:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Validity Not Before: Aug 1 10:40:01 2025 GMT Not After : Jul 31 10:45:01 2026 GMT Subject: CN=9F8AAF1AC07DC4B3394BE5EE81EA0A5FD1443A4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e8:bc:67:1a:33:3f:e4:05:43:63:83:08:4f: 91:87:85:7c:25:42:20:97:24:9b:e7:2c:be:1f:e0: 52:4c:b9:90:e8:98:9d:06:c8:46:79:ed:1f:0e:23: af:25:c9:e3:ef:8d:fa:a6:25:80:4d:25:e7:48:56: 80:ca:2e:2f:88:29:f1:a6:2b:60:53:e6:99:ff:1f: cc:8f:40:44:51:6d:87:a6:f7:da:d1:e3:32:05:5e: 1c:c7:56:3a:d1:b1:7f:aa:f7:21:57:70:fd:00:b8: 8c:06:aa:4a:49:0e:f8:c7:8a:8e:7b:b3:4b:3e:75: aa:63:36:47:0d:8b:fb:21:21:97:eb:d6:66:0d:b8: 90:67:86:21:87:52:73:8d:74:ea:06:e7:59:e2:72: 6b:7a:82:07:27:36:97:4d:0f:e5:18:be:d4:28:4e: 9d:3b:78:6d:2b:11:c5:a3:39:72:34:bf:cb:72:de: 09:06:5f:b3:63:fe:fb:6a:71:1a:5d:58:de:59:a1: c7:f3:43:0f:7f:53:d8:48:ff:44:df:89:c7:22:2b: 00:04:52:1b:c7:d5:7e:ac:9f:38:fc:03:1b:8a:dd: 56:49:36:15:2b:b9:1f:e1:09:9c:5d:4b:f2:b3:68: 12:e1:44:ea:3c:6c:e3:02:b9:23:7f:ab:90:61:96: 1d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:8A:AF:1A:C0:7D:C4:B3:39:4B:E5:EE:81:EA:0A:5F:D1:44:3A:4A X509v3 Authority Key Identifier: keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766343a3a2f34382d3438203d3e20323135323432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:7f4::/48 Signature Algorithm: sha256WithRSAEncryption 29:ed:86:7d:5c:8f:bf:a8:23:65:e5:43:cb:55:8a:c6:a6:22: bc:ad:67:d5:60:7d:81:d0:20:a2:16:8f:80:04:3f:2a:1a:a2: b4:61:73:fc:17:a6:86:ee:f0:b6:5e:b9:d4:f6:4f:ce:9c:df: 72:2c:14:82:e7:5a:36:e8:20:93:0e:d1:c5:7b:4c:96:6c:f4: 20:b7:f9:1a:c7:63:4e:24:be:b8:24:85:57:4c:c8:5b:c1:54: d6:1f:8e:b2:80:44:9e:38:ad:24:1f:2d:be:c2:df:94:a4:03: f6:bd:91:da:d3:b4:64:1c:0e:4c:50:69:15:73:e9:43:3f:8c: 26:ec:b0:c6:db:43:dd:14:f3:7b:a2:b6:eb:de:ec:d1:22:da: 29:41:28:e2:20:c6:bf:39:68:9e:79:b7:36:2c:13:0c:e3:d9: 48:40:0b:a4:f0:b5:6e:42:01:e6:bf:d4:0c:05:65:a8:82:e8: 13:96:c9:9e:11:2c:2d:40:28:95:75:49:3c:3e:28:d9:e1:a2: 43:e3:9a:1b:f2:8b:e7:81:d6:a7:fa:67:d9:a9:65:55:c4:f4: e5:bb:f7:04:51:95:63:9e:28:83:c3:44:51:0e:80:3a:c5:ba: 14:96:05:6c:cb:0c:a3:5e:f5:89:b2:d3:ff:d2:8a:f6:03:f7: f3:ae:76:86 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUMvImdffGRj1RnN1n7tZSGWbozYwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0 OUMxODM3NzAeFw0yNTA4MDExMDQwMDFaFw0yNjA3MzExMDQ1MDFaMDMxMTAvBgNV BAMTKDlGOEFBRjFBQzA3REM0QjMzOTRCRTVFRTgxRUEwQTVGRDE0NDNBNEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO6LxnGjM/5AVDY4MIT5GHhXwl QiCXJJvnLL4f4FJMuZDomJ0GyEZ57R8OI68lyePvjfqmJYBNJedIVoDKLi+IKfGm K2BT5pn/H8yPQERRbYem99rR4zIFXhzHVjrRsX+q9yFXcP0AuIwGqkpJDvjHio57 s0s+dapjNkcNi/shIZfr1mYNuJBnhiGHUnONdOoG51nicmt6ggcnNpdND+UYvtQo Tp07eG0rEcWjOXI0v8ty3gkGX7Nj/vtqcRpdWN5ZocfzQw9/U9hI/0TficciKwAE UhvH1X6snzj8AxuK3VZJNhUruR/hCZxdS/KzaBLhROo8bOMCuSN/q5Bhlh0HAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUn4qvGsB9xLM5S+XugeoKX9FEOkowHwYDVR0j BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0 MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3 MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2 NjNhMzgzNTYzMzEzYTM3NjYzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz NTMyMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH9DANBgkqhkiG9w0BAQsFAAOCAQEAKe2G fVyPv6gjZeVDy1WKxqYivK1n1WB9gdAgohaPgAQ/KhqitGFz/Bemhu7wtl651PZP zpzfciwUgudaNuggkw7RxXtMlmz0ILf5GsdjTiS+uCSFV0zIW8FU1h+OsoBEnjit JB8tvsLflKQD9r2R2tO0ZBwOTFBpFXPpQz+MJuywxttD3RTze6K2697s0SLaKUEo 4iDGvzlonnm3NiwTDOPZSEALpPC1bkIB5r/UDAVlqILoE5bJnhEsLUAolXVJPD4o 2eGiQ+OaG/KL54HWp/pn2allVcT05bv3BFGVY54og8NEUQ6AOsW6FJYFbMsMo171 ibLT/9KK9gP38652hg== -----END CERTIFICATE-----Generated at Wed Nov 5 10:47:00 2025 by rpki-client