$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130363a3a2f34382d3438203d3e20323034323131.roa File: 326131343a373538363a363130363a3a2f34382d3438203d3e20323034323131.roa (raw, json) Hash identifier: 8Vi1BDc187e4orwxGy0/rqG4GuMIpMb05XZjAeVSKdg= Subject key identifier: 66:1C:AC:F6:5D:AB:58:27:28:7C:44:C8:C8:4E:D5:5C:B6:0E:71:C7 Certificate issuer: /CN=20914720382A1F52B950212C138E5E1E81BA69B7 Certificate serial: 38B385C17EBF24D0533D17084955FA93D48DB68B Authority key identifier: 20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130363a3a2f34382d3438203d3e20323034323131.roa Signing time: Fri 30 Jan 2026 13:47:49 +0000 ROA not before: Fri 30 Jan 2026 13:42:49 +0000 ROA not after: Fri 29 Jan 2027 13:47:49 +0000 asID: 204211 IP address blocks: 2a14:7586:6106::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.crl rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 10:27:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:b3:85:c1:7e:bf:24:d0:53:3d:17:08:49:55:fa:93:d4:8d:b6:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20914720382A1F52B950212C138E5E1E81BA69B7 Validity Not Before: Jan 30 13:42:49 2026 GMT Not After : Jan 29 13:47:49 2027 GMT Subject: CN=661CACF65DAB5827287C44C8C84ED55CB60E71C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:16:e8:e5:fd:44:de:a0:6b:8e:64:2e:c5:f7: 1f:3c:2a:28:61:f7:2a:22:b3:4e:66:13:96:d0:50: 6b:c5:62:14:db:0c:1d:0e:8f:3f:6a:2a:ed:7a:40: 83:36:f3:e9:00:de:51:0c:02:7e:92:03:fa:de:ee: 02:19:60:f5:e6:23:85:c2:1f:ef:1b:28:b8:ca:b7: 5a:5b:08:e7:cc:91:84:f4:66:5d:4e:30:44:62:9a: 17:85:cc:2c:03:67:6d:38:bf:9f:b8:ab:8d:7d:a6: 07:de:49:d8:58:d4:3c:0c:0c:55:20:38:42:49:cc: 7f:52:8b:c7:e5:73:ff:0f:a0:0e:01:ad:06:12:0a: 97:e0:23:75:a5:c9:b1:19:33:55:06:90:93:6e:ff: 76:1e:86:c0:07:41:d9:24:03:4f:49:de:ef:5c:93: ff:61:9a:ed:c3:84:5a:41:5d:c1:d1:91:81:e7:bb: 23:b6:b8:41:2e:26:08:d8:f0:4f:91:36:86:89:2c: 54:00:3b:6d:d4:f6:4d:a2:09:31:ed:07:0a:0b:7c: 79:f2:b7:ad:98:da:d5:8f:74:94:a7:2b:fa:25:ec: 8e:b2:9d:66:1a:d6:95:02:c6:a1:a2:3a:02:48:e9: 1e:37:63:cd:37:64:d1:da:19:b4:c3:5b:88:51:48: 4a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:1C:AC:F6:5D:AB:58:27:28:7C:44:C8:C8:4E:D5:5C:B6:0E:71:C7 X509v3 Authority Key Identifier: keyid:20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130363a3a2f34382d3438203d3e20323034323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7586:6106::/48 Signature Algorithm: sha256WithRSAEncryption bb:04:43:bb:b0:53:c9:10:6b:f9:46:df:50:6a:f6:60:4e:24: 75:93:06:c9:ae:71:c2:ff:b9:ae:13:71:0c:08:20:c0:d5:ac: c0:c5:46:32:7e:47:4d:95:f5:63:da:fb:5a:25:68:94:8b:ae: 71:14:e5:9b:0a:aa:2e:c1:ac:79:b6:4a:c6:71:18:aa:12:61: 0a:8a:1a:a9:85:11:23:dc:9b:73:a5:b1:00:54:a9:8f:dd:5a: c1:c7:24:4d:ed:e4:cb:c0:a4:fe:34:0f:06:f1:df:17:39:12: 57:7d:e6:ea:3e:4e:36:71:af:29:ab:3c:f1:29:3c:4f:95:ff: 41:b7:d1:bf:a5:89:2c:dc:8a:67:be:bf:e1:52:5a:94:87:de: 3c:e2:8d:3a:2b:54:df:66:96:4b:fc:86:04:94:ff:e3:96:4e: c9:74:e5:d1:18:b4:cc:50:19:5c:e2:a9:a5:3c:bb:a4:ba:83: b8:5b:1b:3d:5c:e8:df:15:5a:cf:60:cd:2e:be:79:0c:3b:f4: 7c:ea:00:7e:1e:99:ce:ec:74:c2:f3:88:55:2b:9a:85:ac:c9: a8:33:de:86:ab:e0:36:cf:b6:34:fc:36:66:dd:53:59:35:ca: 50:c8:27:49:a2:cc:f7:e0:75:6c:cd:34:f4:00:35:d8:35:22: 0d:4f:f1:98 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUOLOFwX6/JNBTPRcISVX6k9SNtoswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjA5MTQ3MjAzODJBMUY1MkI5NTAyMTJDMTM4RTVFMUU4 MUJBNjlCNzAeFw0yNjAxMzAxMzQyNDlaFw0yNzAxMjkxMzQ3NDlaMDMxMTAvBgNV BAMTKDY2MUNBQ0Y2NURBQjU4MjcyODdDNDRDOEM4NEVENTVDQjYwRTcxQzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuFujl/UTeoGuOZC7F9x88Kihh 9yois05mE5bQUGvFYhTbDB0Ojz9qKu16QIM28+kA3lEMAn6SA/re7gIZYPXmI4XC H+8bKLjKt1pbCOfMkYT0Zl1OMERimheFzCwDZ204v5+4q419pgfeSdhY1DwMDFUg OEJJzH9Si8flc/8PoA4BrQYSCpfgI3WlybEZM1UGkJNu/3YehsAHQdkkA09J3u9c k/9hmu3DhFpBXcHRkYHnuyO2uEEuJgjY8E+RNoaJLFQAO23U9k2iCTHtBwoLfHny t62Y2tWPdJSnK/ol7I6ynWYa1pUCxqGiOgJI6R43Y803ZNHaGbTDW4hRSErvAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUZhys9l2rWCcofETIyE7VXLYOcccwHwYDVR0j BBgwFoAUIJFHIDgqH1K5UCEsE45eHoG6abcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjUzMmI5ZWItMmZhZS00OGE4LTk3OTMtMzNlZWMwNjdj ZTM5LzMvMjA5MTQ3MjAzODJBMUY1MkI5NTAyMTJDMTM4RTVFMUU4MUJBNjlCNy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMDkxNDcyMDM4MkExRjUyQjk1MDIxMkMx MzhFNUUxRTgxQkE2OUI3LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mNTMyYjllYi0yZmFlLTQ4YTgtOTc5My0zM2VlYzA2N2NlMzkvMy8zMjYxMzEz NDNhMzczNTM4MzYzYTM2MzEzMDM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1hmEGMA0GCSqGSIb3DQEBCwUAA4IBAQC7 BEO7sFPJEGv5Rt9QavZgTiR1kwbJrnHC/7muE3EMCCDA1azAxUYyfkdNlfVj2vta JWiUi65xFOWbCqouwax5tkrGcRiqEmEKihqphREj3JtzpbEAVKmP3VrBxyRN7eTL wKT+NA8G8d8XORJXfebqPk42ca8pqzzxKTxPlf9Bt9G/pYks3Ipnvr/hUlqUh948 4o06K1TfZpZL/IYElP/jlk7JdOXRGLTMUBlc4qmlPLukuoO4Wxs9XOjfFVrPYM0u vnkMO/R86gB+HpnO7HTC84hVK5qFrMmoM96Gq+A2z7Y0/DZm3VNZNcpQyCdJosz3 4HVszTT0ADXYNSINT/GY -----END CERTIFICATE-----Generated at Mon Mar 2 02:16:41 2026 by rpki-client