$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330303a3a2f34302d3430203d3e203136353039.roa File: 326130663a316363353a6330303a3a2f34302d3430203d3e203136353039.roa (raw, json) Hash identifier: /pjSdo6P5ObrblgcKEBLlIUUBG/7q/P+4j9pwr7w/AA= Subject key identifier: 9A:5D:A8:1C:CF:80:51:42:81:5E:30:F1:98:88:D6:BB:0A:C9:9B:24 Certificate issuer: /CN=473F2085BBDEE25875BDA78FE4469ABD64842C90 Certificate serial: 7763FBED1A62AEFBFFB8B42687A5A21F4F75890E Authority key identifier: 47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330303a3a2f34302d3430203d3e203136353039.roa Signing time: Wed 08 Apr 2026 09:43:29 +0000 ROA not before: Wed 08 Apr 2026 09:38:29 +0000 ROA not after: Wed 07 Apr 2027 09:43:29 +0000 asID: 16509 IP address blocks: 2a0f:1cc5:c00::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.crl rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.mft rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 01:52:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:63:fb:ed:1a:62:ae:fb:ff:b8:b4:26:87:a5:a2:1f:4f:75:89:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473F2085BBDEE25875BDA78FE4469ABD64842C90 Validity Not Before: Apr 8 09:38:29 2026 GMT Not After : Apr 7 09:43:29 2027 GMT Subject: CN=9A5DA81CCF805142815E30F19888D6BB0AC99B24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:70:3f:3c:0e:09:69:3a:4e:c7:a5:29:9d:d6: 2a:55:1a:a4:14:4b:31:98:41:82:b5:a4:84:1e:9a: 08:8e:1e:99:70:ba:41:e0:e3:e9:d8:04:97:f0:bb: 50:e5:37:ac:06:2f:3b:77:12:1a:09:09:2e:07:91: 7c:ab:91:f3:d1:f4:2c:02:cf:e0:5e:c6:8f:be:f2: cc:b3:81:d7:90:b9:10:30:09:2b:de:4e:1c:14:40: c5:1e:4a:4f:64:6d:41:90:25:91:c5:ac:46:5b:b2: c4:50:63:66:ce:b2:69:79:fe:55:e0:20:9d:46:d3: a4:c4:93:c6:5c:6d:06:ce:07:b5:ec:a1:c0:fd:d5: 99:36:3e:fe:34:d3:1c:84:04:30:92:9a:8c:49:c2: 5a:54:54:f2:9c:c0:7b:02:7e:97:0d:aa:ac:13:f2: dd:3f:5d:97:a9:31:c4:ae:a9:2d:0a:f3:5c:82:41: ed:50:23:49:32:70:c3:c3:5f:c4:88:68:4d:4b:64: fd:35:a5:cc:d2:30:a7:1c:cf:df:63:3e:7e:2e:2d: 41:d5:83:59:5b:46:f9:0e:bd:e1:b7:73:c5:b5:02: 5d:e4:e5:4e:a8:5c:fb:db:2c:26:63:68:13:c3:22: 09:9b:e5:9a:b0:cb:f4:b3:cd:e5:21:df:09:a9:84: 7a:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:5D:A8:1C:CF:80:51:42:81:5E:30:F1:98:88:D6:BB:0A:C9:9B:24 X509v3 Authority Key Identifier: keyid:47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330303a3a2f34302d3430203d3e203136353039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:c00::/40 Signature Algorithm: sha256WithRSAEncryption 1c:0f:0a:ab:e8:a8:57:c3:a0:1d:32:6d:9e:f4:46:7f:2d:33: 7f:af:61:d7:75:db:73:9f:ab:0d:51:18:a3:dd:fb:14:34:ef: 71:71:d4:e6:ab:69:34:67:ea:08:f8:cd:34:09:eb:d5:ed:d5: e3:50:0c:3e:5c:71:fd:a2:9a:72:e2:0c:4a:6b:f0:e6:18:73: 59:df:f6:6c:aa:2e:24:d4:28:61:95:f1:c9:5f:4c:de:ae:f5: 48:03:95:f5:9a:20:6b:bd:14:5c:35:ab:84:ea:b8:03:78:b8: 05:5c:8a:1e:7a:f0:93:a2:68:14:63:ac:26:67:6f:be:74:b1: 69:f8:b7:7d:53:4d:56:35:0f:79:f3:f7:98:f9:c0:75:15:f2: e8:42:ce:05:0d:85:6f:d4:af:2c:80:81:20:d5:06:6e:35:de: f7:60:a6:27:d1:69:da:c1:11:68:d4:d2:7d:c1:e0:87:c7:b1: bc:3c:67:2e:56:89:6e:0d:f6:6c:76:82:41:44:f4:8b:a6:b5: ff:d3:2a:2a:34:51:f4:f2:c8:70:68:a5:6d:87:be:bf:32:06: 80:3a:34:7a:cd:fd:50:ab:f4:74:2e:23:77:f6:d9:e1:9f:00: b9:f1:fd:9b:85:29:28:3b:b1:c6:f1:4d:f2:36:51:ba:0f:f0: f3:cf:a2:4e -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIUd2P77Rpirvv/uLQmh6WiH091iQ4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczRjIwODVCQkRFRTI1ODc1QkRBNzhGRTQ0NjlBQkQ2 NDg0MkM5MDAeFw0yNjA0MDgwOTM4MjlaFw0yNzA0MDcwOTQzMjlaMDMxMTAvBgNV BAMTKDlBNURBODFDQ0Y4MDUxNDI4MTVFMzBGMTk4ODhENkJCMEFDOTlCMjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCccD88DglpOk7HpSmd1ipVGqQU SzGYQYK1pIQemgiOHplwukHg4+nYBJfwu1DlN6wGLzt3EhoJCS4HkXyrkfPR9CwC z+Bexo++8syzgdeQuRAwCSveThwUQMUeSk9kbUGQJZHFrEZbssRQY2bOsml5/lXg IJ1G06TEk8ZcbQbOB7XsocD91Zk2Pv400xyEBDCSmoxJwlpUVPKcwHsCfpcNqqwT 8t0/XZepMcSuqS0K81yCQe1QI0kycMPDX8SIaE1LZP01pczSMKccz99jPn4uLUHV g1lbRvkOveG3c8W1Al3k5U6oXPvbLCZjaBPDIgmb5Zqwy/SzzeUh3wmphHrdAgMB AAGjggKAMIICfDAdBgNVHQ4EFgQUml2oHM+AUUKBXjDxmIjWuwrJmyQwHwYDVR0j BBgwFoAURz8ghbve4lh1vaeP5EaavWSELJAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjgxMmQzZWYtYzVmYy00NWIwLTk1NGEtOGE1MjIxMGMy ZTkwLzIvNDczRjIwODVCQkRFRTI1ODc1QkRBNzhGRTQ0NjlBQkQ2NDg0MkM5MC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5 MzktOTVlOS0wMDc3YjgwYjRmMGUvMC80NzNGMjA4NUJCREVFMjU4NzVCREE3OEZF NDQ2OUFCRDY0ODQyQzkwLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mODEyZDNlZi1jNWZjLTQ1YjAtOTU0YS04YTUyMjEwYzJlOTAvMi8zMjYxMzA2 NjNhMzE2MzYzMzUzYTYzMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMxMzYz NTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcB Af8EEjAQMA4EAgACMAgDBgAqDxzFDDANBgkqhkiG9w0BAQsFAAOCAQEAHA8Kq+io V8OgHTJtnvRGfy0zf69h13Xbc5+rDVEYo937FDTvcXHU5qtpNGfqCPjNNAnr1e3V 41AMPlxx/aKacuIMSmvw5hhzWd/2bKouJNQoYZXxyV9M3q71SAOV9Zoga70UXDWr hOq4A3i4BVyKHnrwk6JoFGOsJmdvvnSxafi3fVNNVjUPefP3mPnAdRXy6ELOBQ2F b9SvLICBINUGbjXe92CmJ9Fp2sERaNTSfcHgh8exvDxnLlaJbg32bHaCQUT0i6a1 /9MqKjRR9PLIcGilbYe+vzIGgDo0es39UKv0dC4jd/bZ4Z8AufH9m4UpKDuxxvFN 8jZRug/w88+iTg== -----END CERTIFICATE-----Generated at Fri Apr 17 09:40:13 2026 by rpki-client