$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/326130663a316363363a623130313a3a2f34382d3438203d3e20323034323131.roa File: 326130663a316363363a623130313a3a2f34382d3438203d3e20323034323131.roa (raw, json) Hash identifier: yR4jIuH1uOto53/FVJqoU4dWw+RXmC+xa4CHfSkTFrE= Subject key identifier: 1F:83:A0:17:A8:A4:05:B4:4A:AC:B5:3D:A7:B3:73:F5:78:14:FA:09 Certificate issuer: /CN=9F7042C3B38A2A4DAB756337122AD2B927DD6DE0 Certificate serial: 5670B5E769BD2193136252E6D1902D7D29BFB255 Authority key identifier: 9F:70:42:C3:B3:8A:2A:4D:AB:75:63:37:12:2A:D2:B9:27:DD:6D:E0 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/326130663a316363363a623130313a3a2f34382d3438203d3e20323034323131.roa Signing time: Wed 05 Nov 2025 02:10:42 +0000 ROA not before: Wed 05 Nov 2025 02:05:42 +0000 ROA not after: Wed 04 Nov 2026 02:10:42 +0000 asID: 204211 IP address blocks: 2a0f:1cc6:b101::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.crl rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.mft rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.cer rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.crl rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.mft rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.cer rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 02:40:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:70:b5:e7:69:bd:21:93:13:62:52:e6:d1:90:2d:7d:29:bf:b2:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9F7042C3B38A2A4DAB756337122AD2B927DD6DE0 Validity Not Before: Nov 5 02:05:42 2025 GMT Not After : Nov 4 02:10:42 2026 GMT Subject: CN=1F83A017A8A405B44AACB53DA7B373F57814FA09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:35:64:a2:bf:6f:11:9f:19:34:ed:35:0e:82: 08:fa:ac:4f:0a:3d:eb:90:f4:2a:24:a3:5b:d9:84: 9c:9e:e2:e7:6d:ca:cb:b3:4f:f6:ad:96:ac:63:78: 37:e8:48:62:d0:9c:c5:d6:2b:b2:be:b6:53:eb:f0: fb:76:98:4f:bb:30:7e:81:b9:25:67:1b:91:64:f1: b3:25:55:8d:c2:54:5b:6f:46:9f:ae:1f:02:a3:07: 34:8c:fb:7b:18:f8:82:a6:0f:db:1d:a7:86:9f:89: 91:72:8f:bd:e0:0f:a3:03:53:a2:31:d9:b4:94:4d: 5b:7c:12:26:65:59:42:12:80:85:c3:35:7f:01:36: 6d:fb:c1:f8:db:8e:54:84:8e:4a:8f:ba:8c:5f:a9: 96:a2:a4:db:15:78:80:4a:fe:74:df:85:bf:f1:f4: 14:1d:4f:f2:14:a8:96:7a:58:7c:e6:39:29:37:3d: ff:2b:19:82:68:07:63:3d:36:2c:9b:b8:7f:6a:fd: b8:a6:1a:23:7b:43:b3:4c:16:1a:6a:b3:bf:8e:fe: e9:50:31:c1:71:c7:08:ac:95:cd:d2:3a:03:be:d7: 19:74:59:bf:12:76:0e:6c:78:06:8f:be:fa:3e:a2: 32:98:d9:c9:c4:f0:3c:c9:40:f8:f9:73:cf:48:7a: 91:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:83:A0:17:A8:A4:05:B4:4A:AC:B5:3D:A7:B3:73:F5:78:14:FA:09 X509v3 Authority Key Identifier: keyid:9F:70:42:C3:B3:8A:2A:4D:AB:75:63:37:12:2A:D2:B9:27:DD:6D:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/9F7042C3B38A2A4DAB756337122AD2B927DD6DE0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/0/326130663a316363363a623130313a3a2f34382d3438203d3e20323034323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc6:b101::/48 Signature Algorithm: sha256WithRSAEncryption 88:13:af:3c:c6:0d:b1:4e:46:c0:5a:2f:ad:23:40:69:99:4c: d6:15:a6:82:08:68:8b:7b:10:9c:60:d8:72:fe:33:5d:86:09: e9:a0:fd:f7:67:e3:43:ba:e8:ec:17:44:ac:c6:bc:d3:47:2f: 3f:f8:7d:8b:5d:bf:52:1f:5d:7e:3e:c2:95:34:70:ef:32:df: 5b:de:da:43:54:62:f4:0f:df:4a:8b:d6:d2:94:78:51:66:b0: 80:17:12:cb:46:b7:b6:dd:c6:59:48:ab:4d:97:57:c1:a9:27: 50:04:db:21:ff:1d:27:de:dd:ca:4e:31:a7:ca:4a:40:62:06: e0:0a:ca:c2:b5:ac:05:d4:48:bf:07:ba:12:d8:74:07:f6:dc: 2e:b2:e9:b4:49:43:d6:10:1a:ae:14:92:6e:83:be:5c:b0:2b: 39:e7:e6:9e:79:c2:00:03:4e:be:a8:fc:df:d6:52:7f:1e:11: e3:41:e5:07:a7:2b:b9:0f:10:33:c0:7e:38:5f:ba:4c:09:0d: d1:d2:58:47:b6:02:df:f5:53:84:1c:3f:49:12:ff:bd:fd:ba: 3c:07:ec:49:e9:50:18:17:f0:36:e4:7e:e2:7d:94:50:68:cc: 5d:78:06:dd:48:a5:55:89:2a:b0:f2:a9:31:f5:84:15:15:34: 3f:ab:fa:05 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUVnC152m9IZMTYlLm0ZAtfSm/slUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUY3MDQyQzNCMzhBMkE0REFCNzU2MzM3MTIyQUQyQjky N0RENkRFMDAeFw0yNTExMDUwMjA1NDJaFw0yNjExMDQwMjEwNDJaMDMxMTAvBgNV BAMTKDFGODNBMDE3QThBNDA1QjQ0QUFDQjUzREE3QjM3M0Y1NzgxNEZBMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjNWSiv28Rnxk07TUOggj6rE8K PeuQ9Coko1vZhJye4udtysuzT/atlqxjeDfoSGLQnMXWK7K+tlPr8Pt2mE+7MH6B uSVnG5Fk8bMlVY3CVFtvRp+uHwKjBzSM+3sY+IKmD9sdp4afiZFyj73gD6MDU6Ix 2bSUTVt8EiZlWUISgIXDNX8BNm37wfjbjlSEjkqPuoxfqZaipNsVeIBK/nTfhb/x 9BQdT/IUqJZ6WHzmOSk3Pf8rGYJoB2M9NiybuH9q/bimGiN7Q7NMFhpqs7+O/ulQ McFxxwislc3SOgO+1xl0Wb8Sdg5seAaPvvo+ojKY2cnE8DzJQPj5c89IepHpAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUH4OgF6ikBbRKrLU9p7Nz9XgU+gkwHwYDVR0j BBgwFoAUn3BCw7OKKk2rdWM3EirSuSfdbeAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjUzMmI5ZWItMmZhZS00OGE4LTk3OTMtMzNlZWMwNjdj ZTM5LzAvOUY3MDQyQzNCMzhBMkE0REFCNzU2MzM3MTIyQUQyQjkyN0RENkRFMC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84N2Q4ZGI3MS1hNWJlLTQ2 NGMtYThiOS04YjdiMzc0YWUzZmEvMi85RjcwNDJDM0IzOEEyQTREQUI3NTYzMzcx MjJBRDJCOTI3REQ2REUwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mNTMyYjllYi0yZmFlLTQ4YTgtOTc5My0zM2VlYzA2N2NlMzkvMC8zMjYxMzA2 NjNhMzE2MzYzMzYzYTYyMzEzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKg8cxrEBMA0GCSqGSIb3DQEBCwUAA4IBAQCI E688xg2xTkbAWi+tI0BpmUzWFaaCCGiLexCcYNhy/jNdhgnpoP33Z+NDuujsF0Ss xrzTRy8/+H2LXb9SH11+PsKVNHDvMt9b3tpDVGL0D99Ki9bSlHhRZrCAFxLLRre2 3cZZSKtNl1fBqSdQBNsh/x0n3t3KTjGnykpAYgbgCsrCtawF1Ei/B7oS2HQH9twu sum0SUPWEBquFJJug75csCs55+aeecIAA06+qPzf1lJ/HhHjQeUHpyu5DxAzwH44 X7pMCQ3R0lhHtgLf9VOEHD9JEv+9/bo8B+xJ6VAYF/A25H7ifZRQaMxdeAbdSKVV iSqw8qkx9YQVFTQ/q/oF -----END CERTIFICATE-----Generated at Wed Nov 5 16:53:55 2025 by rpki-client