$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330303a3a2f34302d3430203d3e20323038373534.roa File: 326130663a316363353a6330303a3a2f34302d3430203d3e20323038373534.roa (raw, json) Hash identifier: 7R/AqvSPd+mjbQXVUntn+5w6+Rg2rnPKWKoHVT2xT+M= Subject key identifier: BC:0F:B6:3C:CE:8D:21:AB:62:81:B9:F6:F4:68:06:40:C6:82:EC:D4 Certificate issuer: /CN=473F2085BBDEE25875BDA78FE4469ABD64842C90 Certificate serial: 7DC8D576771DD2BB584941F3B132A5E017ED3C7A Authority key identifier: 47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330303a3a2f34302d3430203d3e20323038373534.roa Signing time: Sun 22 Feb 2026 08:56:25 +0000 ROA not before: Sun 22 Feb 2026 08:51:25 +0000 ROA not after: Sun 21 Feb 2027 08:56:25 +0000 asID: 208754 IP address blocks: 2a0f:1cc5:c00::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.crl rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.mft rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 01 Mar 2026 23:08:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:c8:d5:76:77:1d:d2:bb:58:49:41:f3:b1:32:a5:e0:17:ed:3c:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473F2085BBDEE25875BDA78FE4469ABD64842C90 Validity Not Before: Feb 22 08:51:25 2026 GMT Not After : Feb 21 08:56:25 2027 GMT Subject: CN=BC0FB63CCE8D21AB6281B9F6F4680640C682ECD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:23:34:e1:3d:1a:20:30:41:b4:0e:70:98:2b: dc:e1:f8:cd:dd:f5:b9:c7:98:c2:0c:0a:1b:2c:89: d3:7a:01:60:37:8a:74:4c:14:1f:cd:96:09:28:82: da:19:90:b1:cc:b9:2f:86:cd:7a:34:68:c7:8a:fe: e0:08:0a:6e:e4:8b:a5:87:cb:6f:c4:b1:10:98:85: e5:f2:c5:46:66:04:d4:0e:bd:1d:16:18:e8:40:7f: 2e:39:e6:ce:63:2e:31:29:a6:d4:94:7d:98:21:35: 28:9a:49:73:ac:9a:dd:ba:5b:b6:68:21:1a:ee:5d: 53:95:b0:fb:e0:fb:ce:e2:4a:f5:6f:13:a2:22:3c: 85:f7:08:e4:f7:45:71:8a:e9:82:57:fb:0e:38:9b: 41:5e:eb:a0:89:97:5f:be:cb:25:2c:98:da:3f:32: 01:19:81:eb:db:ef:01:6c:ca:b5:44:71:92:cf:ad: b7:1f:a1:59:d9:56:76:e7:fb:b3:0f:b6:a6:d8:bd: 2c:26:94:9f:ea:be:65:3f:17:e5:95:7b:94:19:55: ea:df:ef:98:51:f5:02:be:4c:16:a4:92:d5:63:17: 23:a0:1d:90:7c:60:a0:8e:d7:79:1b:75:52:7c:75: 87:36:27:57:e6:4c:dd:4f:03:77:19:94:6b:77:70: f6:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:0F:B6:3C:CE:8D:21:AB:62:81:B9:F6:F4:68:06:40:C6:82:EC:D4 X509v3 Authority Key Identifier: keyid:47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330303a3a2f34302d3430203d3e20323038373534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:c00::/40 Signature Algorithm: sha256WithRSAEncryption ba:69:ac:ea:8b:83:26:1a:6c:6b:53:8d:10:a2:63:2e:7b:95: ce:52:96:c2:a5:8a:7e:61:3e:23:3c:b4:f7:00:7d:e6:e5:9d: a7:66:7e:9c:9d:06:41:66:7f:ef:8d:92:7b:3e:27:dc:8f:30: f5:ac:28:de:bf:46:54:23:00:e5:db:cd:57:11:49:0f:5b:4f: 1e:b9:1f:9e:36:64:f1:62:db:e6:f2:1e:73:2e:cb:ae:a4:b6: c2:a1:a5:b9:28:52:0a:a4:14:70:5c:0e:fb:66:bc:c0:3e:6a: b8:85:f4:fd:65:9d:25:6d:1c:fb:5a:af:ef:0a:b4:b9:75:94: 4b:4b:35:29:9c:01:42:22:df:27:d5:04:98:d2:fd:50:33:c3: 9d:e9:ca:f5:4b:4b:67:d2:e3:33:b6:7d:e6:4a:5c:49:5e:f9: 9c:1f:3b:01:ef:af:2e:db:f5:e8:6f:b0:59:ae:62:e0:7a:07: 45:8e:36:45:8e:2a:33:41:3b:aa:9f:a1:20:71:eb:fd:99:70: ca:78:25:0a:bb:15:7b:06:9d:67:86:50:7d:4d:6d:20:c0:29: 35:ea:e5:f8:e6:70:76:c9:72:23:fb:ae:e5:f5:86:44:a4:0c: 2e:39:61:66:b5:85:23:50:91:ca:6b:7f:2b:a0:13:7e:0a:59: 36:39:68:c7 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUfcjVdncd0rtYSUHzsTKl4BftPHowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczRjIwODVCQkRFRTI1ODc1QkRBNzhGRTQ0NjlBQkQ2 NDg0MkM5MDAeFw0yNjAyMjIwODUxMjVaFw0yNzAyMjEwODU2MjVaMDMxMTAvBgNV BAMTKEJDMEZCNjNDQ0U4RDIxQUI2MjgxQjlGNkY0NjgwNjQwQzY4MkVDRDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtIzThPRogMEG0DnCYK9zh+M3d 9bnHmMIMChssidN6AWA3inRMFB/NlgkogtoZkLHMuS+GzXo0aMeK/uAICm7ki6WH y2/EsRCYheXyxUZmBNQOvR0WGOhAfy455s5jLjEpptSUfZghNSiaSXOsmt26W7Zo IRruXVOVsPvg+87iSvVvE6IiPIX3COT3RXGK6YJX+w44m0Fe66CJl1++yyUsmNo/ MgEZgevb7wFsyrVEcZLPrbcfoVnZVnbn+7MPtqbYvSwmlJ/qvmU/F+WVe5QZVerf 75hR9QK+TBakktVjFyOgHZB8YKCO13kbdVJ8dYc2J1fmTN1PA3cZlGt3cPaLAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUvA+2PM6NIatigbn29GgGQMaC7NQwHwYDVR0j BBgwFoAURz8ghbve4lh1vaeP5EaavWSELJAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjgxMmQzZWYtYzVmYy00NWIwLTk1NGEtOGE1MjIxMGMy ZTkwLzIvNDczRjIwODVCQkRFRTI1ODc1QkRBNzhGRTQ0NjlBQkQ2NDg0MkM5MC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5 MzktOTVlOS0wMDc3YjgwYjRmMGUvMC80NzNGMjA4NUJCREVFMjU4NzVCREE3OEZF NDQ2OUFCRDY0ODQyQzkwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mODEyZDNlZi1jNWZjLTQ1YjAtOTU0YS04YTUyMjEwYzJlOTAvMi8zMjYxMzA2 NjNhMzE2MzYzMzUzYTYzMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzAz ODM3MzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoPHMUMMA0GCSqGSIb3DQEBCwUAA4IBAQC6aazq i4MmGmxrU40QomMue5XOUpbCpYp+YT4jPLT3AH3m5Z2nZn6cnQZBZn/vjZJ7Pifc jzD1rCjev0ZUIwDl281XEUkPW08euR+eNmTxYtvm8h5zLsuupLbCoaW5KFIKpBRw XA77ZrzAPmq4hfT9ZZ0lbRz7Wq/vCrS5dZRLSzUpnAFCIt8n1QSY0v1QM8Od6cr1 S0tn0uMztn3mSlxJXvmcHzsB768u2/Xob7BZrmLgegdFjjZFjiozQTuqn6Egcev9 mXDKeCUKuxV7Bp1nhlB9TW0gwCk16uX45nB2yXIj+67l9YZEpAwuOWFmtYUjUJHK a38roBN+Clk2OWjH -----END CERTIFICATE-----Generated at Sun Mar 1 16:23:35 2026 by rpki-client