$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130393a353463363a613030303a3a2f34382d3438203d3e20323037303833.roa File: 326130393a353463363a613030303a3a2f34382d3438203d3e20323037303833.roa (raw, json) Hash identifier: m1bmZADWaFSqISstluOgnFmiNNWi+ceaNIihU+5eF1g= Subject key identifier: 28:A9:44:B8:DE:16:2C:4C:4F:3B:0E:A2:F3:44:0E:6D:3F:80:20:A1 Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36 Certificate serial: 18714D5B33BEFE76D2D10B2D82A4F51DF981E2BC Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130393a353463363a613030303a3a2f34382d3438203d3e20323037303833.roa Signing time: Tue 22 Apr 2025 14:54:49 +0000 ROA not before: Tue 22 Apr 2025 14:49:49 +0000 ROA not after: Tue 21 Apr 2026 14:54:49 +0000 asID: 207083 IP address blocks: 2a09:54c6:a000::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 27 Apr 2025 07:09:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:71:4d:5b:33:be:fe:76:d2:d1:0b:2d:82:a4:f5:1d:f9:81:e2:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36 Validity Not Before: Apr 22 14:49:49 2025 GMT Not After : Apr 21 14:54:49 2026 GMT Subject: CN=28A944B8DE162C4C4F3B0EA2F3440E6D3F8020A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ad:50:9c:11:a5:0b:07:88:d9:b6:cd:94:41: 23:f4:91:7e:3b:f7:56:e0:c9:51:71:d5:24:9a:0e: 7f:50:e6:c7:5a:38:b0:8a:58:f1:3e:2e:2b:04:e7: 61:02:91:91:0b:01:c0:3c:a8:0c:f0:ab:8e:5e:04: 36:30:3b:75:fb:83:9a:d2:b4:41:4a:e3:f5:e9:00: 71:bf:c8:95:2a:aa:9f:c4:b6:8b:a5:f3:a5:c3:05: 8f:90:58:e4:26:80:01:33:d2:6d:89:60:5a:96:60: 00:9b:3a:c4:48:e1:8e:ea:1d:8b:44:62:50:33:50: ca:5e:ef:03:e9:46:c0:10:d5:82:59:6a:55:88:da: bc:ca:c5:d2:40:90:26:86:dc:8a:30:ba:31:95:4b: bc:e7:cf:3e:9f:c0:fc:d8:43:b7:f5:db:2d:19:37: fc:56:1c:65:05:9d:84:50:58:0f:46:e1:8a:f3:22: a6:9a:0e:fa:fe:ba:4b:8f:26:14:23:02:1d:27:21: ce:78:5f:a3:e3:5d:84:a5:53:6a:98:ec:db:77:27: d3:23:74:b0:cc:7e:6f:59:d6:96:79:ff:fa:ce:83: 1f:2e:3d:1b:9e:e7:87:4c:6c:49:49:03:32:0b:0a: b3:ab:91:52:9b:7d:78:4d:60:a1:a1:d2:6f:07:1d: 95:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:A9:44:B8:DE:16:2C:4C:4F:3B:0E:A2:F3:44:0E:6D:3F:80:20:A1 X509v3 Authority Key Identifier: keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130393a353463363a613030303a3a2f34382d3438203d3e20323037303833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:54c6:a000::/48 Signature Algorithm: sha256WithRSAEncryption 6c:c4:40:86:74:fa:9d:d6:f7:8f:f7:54:51:24:43:1e:e7:bc: b2:01:e5:f7:aa:77:c1:cf:9e:d2:ac:81:89:77:84:bd:71:b3: aa:58:d8:55:3f:46:fa:5c:3c:2d:75:68:f3:11:90:d0:6a:4b: 45:db:ad:36:b4:96:b4:90:29:ec:30:9c:b3:70:59:a8:02:81: 98:af:49:35:0c:40:3b:33:72:82:12:70:ae:a3:ca:dd:99:81: 14:45:96:29:79:b4:f4:64:12:a8:a2:f8:82:2b:c1:2f:c5:c6: 49:02:1d:ed:58:6b:22:34:b5:f8:dc:d8:2b:99:7e:5a:e7:5c: 4a:a1:50:13:49:70:18:c1:3b:5b:7a:41:91:4b:92:3d:21:0b: 3b:1a:c4:53:98:27:e8:08:17:93:47:1c:17:9e:d9:7a:6a:b0: f0:c4:3a:ed:93:f2:95:8d:1c:3b:3f:2e:7e:99:bd:4c:2d:71: e4:3d:bd:c5:a4:a2:d6:de:15:b6:14:ec:6b:ec:f6:c3:e5:b9: 23:e8:75:47:cf:c8:46:c2:04:e2:55:4e:36:c7:2f:0f:1c:8e: 85:b0:67:17:f9:18:0e:07:68:f6:26:eb:9f:9c:e8:1e:4d:2a: c5:47:bd:69:e1:14:00:76:94:31:40:2c:8e:cc:bd:bc:67:ae: 71:f2:09:38 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIUGHFNWzO+/nbS0QstgqT1HfmB4rwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx OEMyM0IzNjAeFw0yNTA0MjIxNDQ5NDlaFw0yNjA0MjExNDU0NDlaMDMxMTAvBgNV BAMTKDI4QTk0NEI4REUxNjJDNEM0RjNCMEVBMkYzNDQwRTZEM0Y4MDIwQTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChrVCcEaULB4jZts2UQSP0kX47 91bgyVFx1SSaDn9Q5sdaOLCKWPE+LisE52ECkZELAcA8qAzwq45eBDYwO3X7g5rS tEFK4/XpAHG/yJUqqp/Etoul86XDBY+QWOQmgAEz0m2JYFqWYACbOsRI4Y7qHYtE YlAzUMpe7wPpRsAQ1YJZalWI2rzKxdJAkCaG3IowujGVS7znzz6fwPzYQ7f12y0Z N/xWHGUFnYRQWA9G4YrzIqaaDvr+ukuPJhQjAh0nIc54X6PjXYSlU2qY7Nt3J9Mj dLDMfm9Z1pZ5//rOgx8uPRue54dMbElJAzILCrOrkVKbfXhNYKGh0m8HHZVVAgMB AAGjggJ6MIICdjAdBgNVHQ4EFgQUKKlEuN4WLExPOw6i80QObT+AIKEwHwYDVR0j BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5 OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy M0IzNi5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzMvMzI2MTMwMzkzYTM1MzQ2MzM2 M2E2MTMwMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMwMzgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACoJVMagADANBgkqhkiG9w0BAQsFAAOCAQEAbMRAhnT6ndb3j/dU USRDHue8sgHl96p3wc+e0qyBiXeEvXGzqljYVT9G+lw8LXVo8xGQ0GpLRdutNrSW tJAp7DCcs3BZqAKBmK9JNQxAOzNyghJwrqPK3ZmBFEWWKXm09GQSqKL4givBL8XG SQId7VhrIjS1+NzYK5l+WudcSqFQE0lwGME7W3pBkUuSPSELOxrEU5gn6AgXk0cc F57Zemqw8MQ67ZPylY0cOz8ufpm9TC1x5D29xaSi1t4VthTsa+z2w+W5I+h1R8/I RsIE4lVONscvDxyOhbBnF/kYDgdo9ibrn5zoHk0qxUe9aeEUAHaUMUAsjsy9vGeu cfIJOA== -----END CERTIFICATE-----Generated at Sat Apr 26 19:25:07 2025 by rpki-client