$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330313a3a2f34382d3438203d3e20323038373534.roa File: 326130663a316363353a6330313a3a2f34382d3438203d3e20323038373534.roa (raw, json) Hash identifier: JkPR+6DL2BF+IXmgtcu5Xr/cIcwDqQ5FmBNhSSiWfvU= Subject key identifier: F1:2A:15:72:09:4A:9C:2E:9B:1C:E5:0B:16:B5:32:8C:58:A0:DA:63 Certificate issuer: /CN=473F2085BBDEE25875BDA78FE4469ABD64842C90 Certificate serial: 76FFE6E3319F25907455266068F415C410CDBAA5 Authority key identifier: 47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330313a3a2f34382d3438203d3e20323038373534.roa Signing time: Wed 08 Apr 2026 12:14:24 +0000 ROA not before: Wed 08 Apr 2026 12:09:24 +0000 ROA not after: Wed 07 Apr 2027 12:14:24 +0000 asID: 208754 IP address blocks: 2a0f:1cc5:c01::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.crl rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.mft rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 01:52:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:ff:e6:e3:31:9f:25:90:74:55:26:60:68:f4:15:c4:10:cd:ba:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473F2085BBDEE25875BDA78FE4469ABD64842C90 Validity Not Before: Apr 8 12:09:24 2026 GMT Not After : Apr 7 12:14:24 2027 GMT Subject: CN=F12A1572094A9C2E9B1CE50B16B5328C58A0DA63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:4d:a3:3b:8a:5a:ce:16:5b:c2:1b:a4:d9:14: 6a:cf:c1:2b:29:7a:91:49:a5:ef:62:a0:88:34:eb: f2:2f:62:b2:e5:11:5a:91:71:88:21:04:67:4a:10: 8c:36:ef:92:1d:ce:e2:fc:e7:c6:c1:dc:70:56:a5: 22:39:71:7d:41:41:fc:4e:4e:e7:1c:f3:d0:11:d3: 8f:a3:19:56:45:51:7c:2b:66:52:2c:d2:78:6d:9c: 01:20:94:3d:a9:4c:3e:59:68:b9:9e:d5:9c:dc:8d: 9e:ee:a6:4d:ca:1d:78:88:3c:05:39:de:f7:33:87: 3e:a7:15:09:a3:c9:b5:9f:c2:98:73:90:b7:92:2b: 7e:f6:af:1c:4b:79:a8:84:91:37:d8:f1:56:5b:56: c8:ff:94:57:9c:82:9e:4c:15:e4:68:9b:a9:2c:8b: e7:51:86:55:b2:73:d1:6e:da:52:64:11:11:f7:6f: 1a:a7:c2:1e:55:bd:be:c2:dc:1a:53:e0:26:de:37: 92:ab:ef:08:81:03:9f:23:9d:ea:dd:6a:dc:5d:2e: d7:e2:95:bc:81:27:56:38:aa:bf:b9:85:3c:71:8c: 93:9f:d5:ea:ea:39:7a:66:b8:1f:06:e3:3b:80:3f: 75:ee:14:93:06:60:a1:60:c7:c5:cd:c2:09:1f:2e: 6e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:2A:15:72:09:4A:9C:2E:9B:1C:E5:0B:16:B5:32:8C:58:A0:DA:63 X509v3 Authority Key Identifier: keyid:47:3F:20:85:BB:DE:E2:58:75:BD:A7:8F:E4:46:9A:BD:64:84:2C:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/473F2085BBDEE25875BDA78FE4469ABD64842C90.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/473F2085BBDEE25875BDA78FE4469ABD64842C90.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f812d3ef-c5fc-45b0-954a-8a52210c2e90/2/326130663a316363353a6330313a3a2f34382d3438203d3e20323038373534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:c01::/48 Signature Algorithm: sha256WithRSAEncryption a3:de:be:e1:f8:8c:9c:24:5c:96:63:25:0a:29:a6:00:37:e4: 6f:20:cd:ba:f8:ee:50:05:a4:81:1e:ee:c7:d6:06:80:fe:3a: 6f:c8:f4:bc:df:b3:e8:2b:b3:7f:5c:e0:b4:44:55:f3:e2:85: ee:0a:8d:15:e3:f0:b8:2c:80:ee:c8:10:29:7c:8d:1b:9e:06: d5:5d:04:e6:c5:08:56:3a:c9:e7:6b:9b:b5:4c:a2:fc:74:2b: c0:0e:9c:e7:a1:9a:c3:46:d9:9c:f6:b8:4b:8d:14:1f:39:d4: b3:7b:43:68:eb:92:ce:cf:c5:29:b0:a7:a2:f2:eb:5a:ee:78: 61:07:ae:d2:6f:55:e0:e8:2a:3e:29:88:54:dd:0d:e9:30:bd: 32:cf:96:14:be:12:1c:c6:e7:7b:b3:33:7c:fa:c5:ac:62:2d: 26:58:b0:7d:d7:fb:4f:96:6d:18:ff:38:ef:85:cb:2c:0c:04: 70:b9:31:bd:95:8c:a7:fc:2f:69:a0:12:0d:fb:31:f1:98:2d: 65:c3:dc:2d:cc:81:a3:9b:87:a9:dc:5d:02:19:fc:a5:e3:7f: 1c:46:8a:22:0a:a6:fb:b0:bd:1a:14:ff:00:e0:6c:74:5f:64: 13:4c:06:18:ce:34:53:d9:98:05:32:07:a8:c1:cb:c3:25:87: 61:60:92:ae -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUdv/m4zGfJZB0VSZgaPQVxBDNuqUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczRjIwODVCQkRFRTI1ODc1QkRBNzhGRTQ0NjlBQkQ2 NDg0MkM5MDAeFw0yNjA0MDgxMjA5MjRaFw0yNzA0MDcxMjE0MjRaMDMxMTAvBgNV BAMTKEYxMkExNTcyMDk0QTlDMkU5QjFDRTUwQjE2QjUzMjhDNThBMERBNjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpTaM7ilrOFlvCG6TZFGrPwSsp epFJpe9ioIg06/IvYrLlEVqRcYghBGdKEIw275IdzuL858bB3HBWpSI5cX1BQfxO Tucc89AR04+jGVZFUXwrZlIs0nhtnAEglD2pTD5ZaLme1ZzcjZ7upk3KHXiIPAU5 3vczhz6nFQmjybWfwphzkLeSK372rxxLeaiEkTfY8VZbVsj/lFecgp5MFeRom6ks i+dRhlWyc9Fu2lJkERH3bxqnwh5Vvb7C3BpT4CbeN5Kr7wiBA58jnerdatxdLtfi lbyBJ1Y4qr+5hTxxjJOf1erqOXpmuB8G4zuAP3XuFJMGYKFgx8XNwgkfLm7DAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQU8SoVcglKnC6bHOULFrUyjFig2mMwHwYDVR0j BBgwFoAURz8ghbve4lh1vaeP5EaavWSELJAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjgxMmQzZWYtYzVmYy00NWIwLTk1NGEtOGE1MjIxMGMy ZTkwLzIvNDczRjIwODVCQkRFRTI1ODc1QkRBNzhGRTQ0NjlBQkQ2NDg0MkM5MC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5 MzktOTVlOS0wMDc3YjgwYjRmMGUvMC80NzNGMjA4NUJCREVFMjU4NzVCREE3OEZF NDQ2OUFCRDY0ODQyQzkwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mODEyZDNlZi1jNWZjLTQ1YjAtOTU0YS04YTUyMjEwYzJlOTAvMi8zMjYxMzA2 NjNhMzE2MzYzMzUzYTYzMzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz ODM3MzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPHMUMATANBgkqhkiG9w0BAQsFAAOCAQEAo96+ 4fiMnCRclmMlCimmADfkbyDNuvjuUAWkgR7ux9YGgP46b8j0vN+z6Cuzf1zgtERV 8+KF7gqNFePwuCyA7sgQKXyNG54G1V0E5sUIVjrJ52ubtUyi/HQrwA6c56Gaw0bZ nPa4S40UHznUs3tDaOuSzs/FKbCnovLrWu54YQeu0m9V4OgqPimIVN0N6TC9Ms+W FL4SHMbne7MzfPrFrGItJliwfdf7T5ZtGP8474XLLAwEcLkxvZWMp/wvaaASDfsx 8ZgtZcPcLcyBo5uHqdxdAhn8peN/HEaKIgqm+7C9GhT/AOBsdF9kE0wGGM40U9mY BTIHqMHLwyWHYWCSrg== -----END CERTIFICATE-----Generated at Fri Apr 17 10:18:05 2026 by rpki-client