$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/326130663a316363363a623130303a3a2f34382d3438203d3e20323034323131.roa File: 326130663a316363363a623130303a3a2f34382d3438203d3e20323034323131.roa (raw, json) Hash identifier: kcBH+Ogl01nsOgG3HryBqdbGSLDfahkEBR0qTx6CAUE= Subject key identifier: 3F:D0:1F:F3:5A:B7:A2:4B:E0:23:D7:CB:D7:F1:24:3B:3D:43:95:49 Certificate issuer: /CN=9F7042C3B38A2A4DAB756337122AD2B927DD6DE0 Certificate serial: 6448A8EE405C1F83DD08509926F8236DF519072E Authority key identifier: 9F:70:42:C3:B3:8A:2A:4D:AB:75:63:37:12:2A:D2:B9:27:DD:6D:E0 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/326130663a316363363a623130303a3a2f34382d3438203d3e20323034323131.roa Signing time: Fri 31 Oct 2025 14:02:58 +0000 ROA not before: Fri 31 Oct 2025 13:57:58 +0000 ROA not after: Fri 30 Oct 2026 14:02:58 +0000 asID: 204211 IP address blocks: 2a0f:1cc6:b100::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.crl rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.mft rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.cer rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.crl rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.mft rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.cer rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 13:52:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:48:a8:ee:40:5c:1f:83:dd:08:50:99:26:f8:23:6d:f5:19:07:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9F7042C3B38A2A4DAB756337122AD2B927DD6DE0 Validity Not Before: Oct 31 13:57:58 2025 GMT Not After : Oct 30 14:02:58 2026 GMT Subject: CN=3FD01FF35AB7A24BE023D7CBD7F1243B3D439549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:20:45:7c:be:da:12:c5:2f:1d:f4:b0:7f:38: 83:41:15:5e:9a:94:a1:4f:66:6e:68:b4:32:0f:71: 0e:b1:62:95:81:d9:3a:f3:64:f1:d1:98:41:24:3b: d0:00:fc:41:4d:5d:00:29:0a:36:85:41:9c:d4:6f: 7b:34:2b:47:31:d9:ca:e1:43:6b:56:8c:72:0a:5b: 86:52:5a:97:a5:24:9d:15:ab:53:87:f1:02:db:26: 0e:33:64:eb:44:59:a4:06:07:9b:40:b7:72:43:a0: 90:ee:91:fc:d2:7b:91:99:a7:9d:6a:e3:38:ab:a4: a5:06:0d:3d:dc:50:ba:75:43:58:f7:1a:b6:48:3c: 56:ef:da:06:ea:a5:5b:e6:01:4c:61:cd:a8:78:d3: 15:90:fb:29:cc:f9:75:f0:f4:4d:fe:dd:67:83:4a: 45:03:67:65:d4:d0:49:41:d7:33:8a:af:a2:4a:e5: 01:be:ec:ea:54:95:98:8d:48:5d:2f:41:88:fd:56: c4:9e:e2:a5:37:7a:34:da:ad:97:ed:f3:90:0a:40: 25:cf:4b:e2:d8:03:06:44:6b:40:c3:58:ad:a5:65: 59:7c:5a:88:45:50:46:3b:27:f5:f5:5b:bf:a9:83: cb:39:19:53:91:ae:33:2e:9c:6a:f9:fa:19:2b:08: e4:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:D0:1F:F3:5A:B7:A2:4B:E0:23:D7:CB:D7:F1:24:3B:3D:43:95:49 X509v3 Authority Key Identifier: keyid:9F:70:42:C3:B3:8A:2A:4D:AB:75:63:37:12:2A:D2:B9:27:DD:6D:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/326130663a316363363a623130303a3a2f34382d3438203d3e20323034323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc6:b100::/48 Signature Algorithm: sha256WithRSAEncryption 3d:0c:d7:16:64:da:a8:f2:92:43:d8:b2:ff:11:9c:c5:62:3a: 65:d2:bf:af:87:1d:59:02:6c:af:2f:ed:ba:f3:85:77:8e:47: d4:a4:09:05:83:89:0d:3a:a9:f0:bf:df:25:65:3c:86:57:11: 3e:f0:f4:d9:47:c9:fc:05:c2:67:1f:f5:41:6f:7f:df:98:ed: e0:55:a0:42:82:c8:44:fa:99:25:9e:b1:61:c2:e4:00:14:f3: cd:76:31:0a:0d:fa:9f:fb:ae:50:c1:5e:ff:d4:b1:fd:28:5c: 20:9f:eb:dd:9b:64:f4:a1:d5:24:f5:fc:4b:6a:43:96:40:a8: d2:83:ed:14:a0:37:1b:60:8f:b7:4c:55:b4:8d:12:12:e0:fc: 8b:4e:65:a8:79:54:6f:78:c6:4a:62:19:ec:1d:d9:79:b4:89: d7:1b:11:f6:c3:00:3f:fd:67:0f:61:52:43:84:fc:c0:3d:92: d3:f3:73:ba:12:31:2e:4e:63:19:7e:09:77:d5:42:89:af:9a: 57:a1:10:5e:61:6f:64:28:4a:25:e3:e5:db:31:98:57:28:2e: 14:22:1c:a0:c0:d1:c2:ed:73:1f:d4:d4:0b:a3:63:6e:b2:bc: 5c:c5:81:15:0b:30:47:9e:3f:a7:c9:be:3a:3b:96:ca:0f:e0: 53:2e:49:6e -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUZEio7kBcH4PdCFCZJvgjbfUZBy4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUY3MDQyQzNCMzhBMkE0REFCNzU2MzM3MTIyQUQyQjky N0RENkRFMDAeFw0yNTEwMzExMzU3NThaFw0yNjEwMzAxNDAyNThaMDMxMTAvBgNV BAMTKDNGRDAxRkYzNUFCN0EyNEJFMDIzRDdDQkQ3RjEyNDNCM0Q0Mzk1NDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpIEV8vtoSxS8d9LB/OINBFV6a lKFPZm5otDIPcQ6xYpWB2TrzZPHRmEEkO9AA/EFNXQApCjaFQZzUb3s0K0cx2crh Q2tWjHIKW4ZSWpelJJ0Vq1OH8QLbJg4zZOtEWaQGB5tAt3JDoJDukfzSe5GZp51q 4zirpKUGDT3cULp1Q1j3GrZIPFbv2gbqpVvmAUxhzah40xWQ+ynM+XXw9E3+3WeD SkUDZ2XU0ElB1zOKr6JK5QG+7OpUlZiNSF0vQYj9VsSe4qU3ejTarZft85AKQCXP S+LYAwZEa0DDWK2lZVl8WohFUEY7J/X1W7+pg8s5GVORrjMunGr5+hkrCOSbAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUP9Af81q3okvgI9fL1/EkOz1DlUkwHwYDVR0j BBgwFoAUn3BCw7OKKk2rdWM3EirSuSfdbeAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjUzMmI5ZWItMmZhZS00OGE4LTk3OTMtMzNlZWMwNjdj ZTM5LzAvOUY3MDQyQzNCMzhBMkE0REFCNzU2MzM3MTIyQUQyQjkyN0RENkRFMC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84N2Q4ZGI3MS1hNWJlLTQ2 NGMtYThiOS04YjdiMzc0YWUzZmEvMi85RjcwNDJDM0IzOEEyQTREQUI3NTYzMzcx MjJBRDJCOTI3REQ2REUwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mNTMyYjllYi0yZmFlLTQ4YTgtOTc5My0zM2VlYzA2N2NlMzkvMC8zMjYxMzA2 NjNhMzE2MzYzMzYzYTYyMzEzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKg8cxrEAMA0GCSqGSIb3DQEBCwUAA4IBAQA9 DNcWZNqo8pJD2LL/EZzFYjpl0r+vhx1ZAmyvL+2684V3jkfUpAkFg4kNOqnwv98l ZTyGVxE+8PTZR8n8BcJnH/VBb3/fmO3gVaBCgshE+pklnrFhwuQAFPPNdjEKDfqf +65QwV7/1LH9KFwgn+vdm2T0odUk9fxLakOWQKjSg+0UoDcbYI+3TFW0jRIS4PyL TmWoeVRveMZKYhnsHdl5tInXGxH2wwA//WcPYVJDhPzAPZLT83O6EjEuTmMZfgl3 1UKJr5pXoRBeYW9kKEol4+XbMZhXKC4UIhygwNHC7XMf1NQLo2NusrxcxYEVCzBH nj+nyb46O5bKD+BTLklu -----END CERTIFICATE-----Generated at Wed Nov 5 03:36:23 2025 by rpki-client