$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d9bd3888-9302-4b6f-a017-2b4bba5e57bb/1/326131343a373538313a333039303a3a2f34342d3434203d3e20323034323131.roa File: 326131343a373538313a333039303a3a2f34342d3434203d3e20323034323131.roa (raw, json) Hash identifier: an2CTnY48XCjuCGH81CGgjVXZdlCvh7kWv6euA7rsaw= Subject key identifier: 2B:51:BB:AB:43:FC:34:A2:75:92:B3:97:4A:B3:91:AE:4D:54:67:22 Certificate issuer: /CN=202A82DA6E73CE4262E18BAED60A3FA6C88923F0 Certificate serial: 3F2DA45587800AF52CA83563A39AAD6B37D12301 Authority key identifier: 20:2A:82:DA:6E:73:CE:42:62:E1:8B:AE:D6:0A:3F:A6:C8:89:23:F0 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/202A82DA6E73CE4262E18BAED60A3FA6C88923F0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d9bd3888-9302-4b6f-a017-2b4bba5e57bb/1/326131343a373538313a333039303a3a2f34342d3434203d3e20323034323131.roa Signing time: Fri 31 Oct 2025 11:47:33 +0000 ROA not before: Fri 31 Oct 2025 11:42:33 +0000 ROA not after: Fri 30 Oct 2026 11:47:33 +0000 asID: 204211 IP address blocks: 2a14:7581:3090::/44 maxlen: 44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d9bd3888-9302-4b6f-a017-2b4bba5e57bb/1/202A82DA6E73CE4262E18BAED60A3FA6C88923F0.crl rsync://rsync.paas.rpki.ripe.net/repository/d9bd3888-9302-4b6f-a017-2b4bba5e57bb/1/202A82DA6E73CE4262E18BAED60A3FA6C88923F0.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/202A82DA6E73CE4262E18BAED60A3FA6C88923F0.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 14:17:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:2d:a4:55:87:80:0a:f5:2c:a8:35:63:a3:9a:ad:6b:37:d1:23:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=202A82DA6E73CE4262E18BAED60A3FA6C88923F0 Validity Not Before: Oct 31 11:42:33 2025 GMT Not After : Oct 30 11:47:33 2026 GMT Subject: CN=2B51BBAB43FC34A27592B3974AB391AE4D546722 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:7b:80:50:fd:83:7c:ac:cc:ef:eb:dd:e4:ce: 9e:49:55:d6:a9:21:5a:17:d4:d7:f8:df:74:64:eb: 88:78:72:af:18:57:07:b6:54:c9:48:52:1d:de:e8: 5e:68:ff:fe:8e:ee:31:f5:4d:9a:de:2c:fc:1d:cb: fd:28:7c:c2:63:29:4a:e2:60:cb:f4:00:14:be:8b: b6:77:73:c1:3f:d8:82:66:43:f6:fd:cd:3f:fa:7f: 8e:1c:bf:07:31:26:07:95:26:9e:47:e5:50:9d:9c: 0e:0f:8c:0c:3a:9a:de:99:cb:31:9e:37:78:34:db: db:fb:cb:b0:08:75:12:ea:d1:25:c2:5e:89:ea:06: b8:3b:4f:7b:4a:68:2e:3e:e7:d7:2a:9f:f8:39:7a: 0b:37:73:e4:62:26:a3:ba:3b:90:2c:13:cd:e4:a6: 76:2f:48:b7:43:52:47:5b:27:d4:0d:c3:86:a6:db: c0:29:76:e1:13:90:4f:b8:c5:e6:3e:82:24:5f:26: 3f:6f:be:27:d4:bb:dc:9c:06:ff:14:15:c2:42:37: ed:73:5f:8a:22:2e:81:95:8b:a3:1e:55:a4:7b:62: f7:40:da:9e:b3:1d:5b:f1:af:6d:48:7b:ec:cd:71: b2:4e:2e:d3:92:bd:bb:f1:da:c2:46:68:90:9a:19: 05:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:51:BB:AB:43:FC:34:A2:75:92:B3:97:4A:B3:91:AE:4D:54:67:22 X509v3 Authority Key Identifier: keyid:20:2A:82:DA:6E:73:CE:42:62:E1:8B:AE:D6:0A:3F:A6:C8:89:23:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d9bd3888-9302-4b6f-a017-2b4bba5e57bb/1/202A82DA6E73CE4262E18BAED60A3FA6C88923F0.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/202A82DA6E73CE4262E18BAED60A3FA6C88923F0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d9bd3888-9302-4b6f-a017-2b4bba5e57bb/1/326131343a373538313a333039303a3a2f34342d3434203d3e20323034323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:3090::/44 Signature Algorithm: sha256WithRSAEncryption 06:b7:c2:77:46:d6:bc:b1:6a:88:27:bf:32:2c:6b:1b:87:14: ee:9c:d3:b9:9a:5a:ce:b3:72:56:69:de:5b:06:68:8e:89:08: 69:2c:8e:97:5f:95:df:13:a2:bc:26:38:c9:a0:da:c8:50:89: d6:d1:ec:36:fa:c2:fb:46:39:d5:6b:ff:e3:30:39:2e:82:ad: a8:1f:1a:2d:5f:d8:94:9a:7a:57:e9:34:d2:17:39:fd:dd:35: c9:c0:3c:51:66:64:a8:b8:28:46:da:75:15:ac:49:06:94:c3: 6d:ad:0a:06:2c:76:ec:d5:00:c4:3a:0b:24:1d:c0:3b:b1:a3: e9:8f:5e:1f:c5:e0:9c:70:a1:c8:10:c0:a7:83:d7:b7:32:c4: ff:47:d4:bd:28:8c:76:c0:97:5c:12:09:95:6d:d3:5d:f1:f1: 12:b9:2d:69:60:7d:8a:d9:8c:a5:f9:b8:ab:ca:e3:af:d1:3a: d4:f9:43:57:5d:93:ab:1a:82:62:e2:7d:06:1d:1e:2d:bf:7f: c9:fc:06:8f:6e:3f:a8:94:84:82:7d:8f:76:06:0b:99:43:57: eb:cd:82:43:08:79:ed:04:e2:95:45:6c:50:2e:3d:65:1e:88: 20:fb:d6:5b:27:69:ba:df:eb:37:78:30:0a:fa:38:bd:f1:c1: 62:ca:6f:87 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUPy2kVYeACvUsqDVjo5qtazfRIwEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjAyQTgyREE2RTczQ0U0MjYyRTE4QkFFRDYwQTNGQTZD ODg5MjNGMDAeFw0yNTEwMzExMTQyMzNaFw0yNjEwMzAxMTQ3MzNaMDMxMTAvBgNV BAMTKDJCNTFCQkFCNDNGQzM0QTI3NTkyQjM5NzRBQjM5MUFFNEQ1NDY3MjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpe4BQ/YN8rMzv693kzp5JVdap IVoX1Nf433Rk64h4cq8YVwe2VMlIUh3e6F5o//6O7jH1TZreLPwdy/0ofMJjKUri YMv0ABS+i7Z3c8E/2IJmQ/b9zT/6f44cvwcxJgeVJp5H5VCdnA4PjAw6mt6ZyzGe N3g029v7y7AIdRLq0SXCXonqBrg7T3tKaC4+59cqn/g5egs3c+RiJqO6O5AsE83k pnYvSLdDUkdbJ9QNw4am28ApduETkE+4xeY+giRfJj9vvifUu9ycBv8UFcJCN+1z X4oiLoGVi6MeVaR7YvdA2p6zHVvxr21Ie+zNcbJOLtOSvbvx2sJGaJCaGQVZAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUK1G7q0P8NKJ1krOXSrORrk1UZyIwHwYDVR0j BBgwFoAUICqC2m5zzkJi4Yuu1go/psiJI/AwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDliZDM4ODgtOTMwMi00YjZmLWEwMTctMmI0YmJhNWU1 N2JiLzEvMjAyQTgyREE2RTczQ0U0MjYyRTE4QkFFRDYwQTNGQTZDODg5MjNGMC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMDJBODJEQTZFNzNDRTQyNjJFMThCQUVE NjBBM0ZBNkM4ODkyM0YwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kOWJkMzg4OC05MzAyLTRiNmYtYTAxNy0yYjRiYmE1ZTU3YmIvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTMzMzAzOTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz MDM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gTCQMA0GCSqGSIb3DQEBCwUAA4IBAQAG t8J3Rta8sWqIJ78yLGsbhxTunNO5mlrOs3JWad5bBmiOiQhpLI6XX5XfE6K8JjjJ oNrIUInW0ew2+sL7RjnVa//jMDkugq2oHxotX9iUmnpX6TTSFzn93TXJwDxRZmSo uChG2nUVrEkGlMNtrQoGLHbs1QDEOgskHcA7saPpj14fxeCccKHIEMCng9e3MsT/ R9S9KIx2wJdcEgmVbdNd8fESuS1pYH2K2Yyl+biryuOv0TrU+UNXXZOrGoJi4n0G HR4tv3/J/AaPbj+olISCfY92BguZQ1frzYJDCHntBOKVRWxQLj1lHogg+9ZbJ2m6 3+s3eDAK+ji98cFiym+H -----END CERTIFICATE-----Generated at Tue Nov 4 22:31:49 2025 by rpki-client