$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/326131343a373538343a343130303a3a2f34302d3438203d3e20323136333039.roa File: 326131343a373538343a343130303a3a2f34302d3438203d3e20323136333039.roa (raw, json) Hash identifier: J9Fi36nQGqAgueP6UU6iZv8HlrGSaFogPoGVrEhPYYg= Subject key identifier: 46:F1:D5:76:34:E4:AF:09:CB:33:18:08:22:7B:A0:1F:88:80:5D:34 Certificate issuer: /CN=FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8 Certificate serial: 2868D9B0EC00E5BB050E96CDA9C8542635D8D75B Authority key identifier: FA:71:0E:21:BC:41:E9:82:7D:52:D6:6D:E9:8E:F8:E9:AC:E9:B1:E8 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/326131343a373538343a343130303a3a2f34302d3438203d3e20323136333039.roa Signing time: Fri 18 Jul 2025 23:35:09 +0000 ROA not before: Fri 18 Jul 2025 23:30:09 +0000 ROA not after: Fri 17 Jul 2026 23:35:09 +0000 asID: 216309 IP address blocks: 2a14:7584:4100::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 22 Jul 2025 09:50:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:68:d9:b0:ec:00:e5:bb:05:0e:96:cd:a9:c8:54:26:35:d8:d7:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8 Validity Not Before: Jul 18 23:30:09 2025 GMT Not After : Jul 17 23:35:09 2026 GMT Subject: CN=46F1D57634E4AF09CB331808227BA01F88805D34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:89:df:e4:9e:91:90:f7:e4:13:a9:2a:4d:ce: 75:d1:e5:48:5d:3b:d6:c8:88:5c:6c:b8:fe:63:24: 3b:30:1d:a5:68:70:6f:7e:3c:91:7b:bf:94:b7:08: 84:3d:26:a7:03:e8:ed:b1:36:10:1c:70:04:1d:05: d9:fb:52:a3:94:95:29:84:f3:b2:f9:e0:e0:da:97: a1:16:98:42:a5:27:eb:dc:c4:c1:d4:7f:1a:12:b1: 15:71:f5:74:86:56:7a:b1:d1:02:08:ec:ad:8f:a9: 38:6d:4b:c6:a9:b6:b3:33:dd:b8:99:51:e1:e0:34: 5f:3c:82:e2:e0:86:ca:d8:c3:12:ba:f9:6e:12:a8: 19:b4:ef:0e:4e:ef:64:bd:31:40:d2:b2:5f:b7:6d: 61:e8:99:d7:df:53:da:a8:be:46:35:14:ec:59:25: 7b:c2:a5:4e:e0:7d:d7:44:0e:d1:3a:93:6b:58:5f: f3:71:3e:24:d7:4f:b2:e9:c7:2b:39:97:cb:1c:06: 5e:13:25:55:13:4a:d1:5a:f0:d5:1c:3f:65:39:74: ba:24:1d:bc:d0:bf:ad:7f:c4:a9:ca:47:2c:06:1d: 35:cb:35:88:61:ae:5d:4a:a0:33:39:7d:db:bc:6b: 04:e3:4c:64:7b:fa:03:30:ad:97:ca:ec:f8:2f:90: 72:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:F1:D5:76:34:E4:AF:09:CB:33:18:08:22:7B:A0:1F:88:80:5D:34 X509v3 Authority Key Identifier: keyid:FA:71:0E:21:BC:41:E9:82:7D:52:D6:6D:E9:8E:F8:E9:AC:E9:B1:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/326131343a373538343a343130303a3a2f34302d3438203d3e20323136333039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4100::/40 Signature Algorithm: sha256WithRSAEncryption 63:b1:fa:de:d9:da:e9:85:de:fa:fe:75:6b:97:0a:bc:22:f3: f6:82:7b:5c:c2:48:3b:20:5b:3a:68:5f:aa:0a:4d:f5:7b:11: c2:f9:27:e7:b9:1e:3b:dd:8a:f7:be:88:bd:a8:94:69:2c:b0: a4:f2:31:f7:a9:20:6f:90:f9:0a:d7:14:85:fc:57:b6:16:bb: 75:74:ec:56:5b:50:76:3b:f4:5c:d8:79:dc:89:dc:96:44:cf: 41:76:4e:c8:ac:8c:9e:f8:3e:c7:7a:82:ad:4e:98:34:c3:e8: 62:44:1a:73:9c:35:1e:36:d7:03:5f:6e:74:3e:26:5d:fa:2a: 92:4f:38:3e:52:ea:c4:cd:9d:cc:b3:db:80:20:c1:71:67:7e: 07:81:ed:d1:b4:91:aa:0e:24:be:eb:24:8a:1b:04:65:2b:23: 83:6e:b0:10:55:ca:9c:49:73:48:c9:e5:4a:0c:7b:2c:4f:9a: 20:04:c6:3a:47:e9:0d:ab:aa:73:6d:a6:26:40:b8:bb:03:33: e7:76:cf:0f:1f:5c:6f:bc:62:8e:62:05:41:85:12:76:ed:fb: bf:9a:b1:ac:fc:f0:60:27:dc:9e:de:4d:e4:54:fb:76:c9:4a: da:be:61:7e:09:67:00:fd:6a:11:36:97:20:9d:30:bc:5c:07: d8:a1:77:dd -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUKGjZsOwA5bsFDpbNqchUJjXY11swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkE3MTBFMjFCQzQxRTk4MjdENTJENjZERTk4RUY4RTlB Q0U5QjFFODAeFw0yNTA3MTgyMzMwMDlaFw0yNjA3MTcyMzM1MDlaMDMxMTAvBgNV BAMTKDQ2RjFENTc2MzRFNEFGMDlDQjMzMTgwODIyN0JBMDFGODg4MDVEMzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiid/knpGQ9+QTqSpNznXR5Uhd O9bIiFxsuP5jJDswHaVocG9+PJF7v5S3CIQ9JqcD6O2xNhAccAQdBdn7UqOUlSmE 87L54ODal6EWmEKlJ+vcxMHUfxoSsRVx9XSGVnqx0QII7K2PqThtS8aptrMz3biZ UeHgNF88guLghsrYwxK6+W4SqBm07w5O72S9MUDSsl+3bWHomdffU9qovkY1FOxZ JXvCpU7gfddEDtE6k2tYX/NxPiTXT7Lpxys5l8scBl4TJVUTStFa8NUcP2U5dLok HbzQv61/xKnKRywGHTXLNYhhrl1KoDM5fdu8awTjTGR7+gMwrZfK7PgvkHJTAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQURvHVdjTkrwnLMxgIInugH4iAXTQwHwYDVR0j BBgwFoAU+nEOIbxB6YJ9UtZt6Y746azpsegwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzMvRkE3MTBFMjFCQzQxRTk4MjdENTJENjZERTk4RUY4RTlBQ0U5QjFFOC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GQTcxMEUyMUJDNDFFOTgyN0Q1MkQ2NkRF OThFRjhFOUFDRTlCMUU4LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMy8zMjYxMzEz NDNhMzczNTM4MzQzYTM0MzEzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz MTM2MzMzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1hEEwDQYJKoZIhvcNAQELBQADggEBAGOx +t7Z2umF3vr+dWuXCrwi8/aCe1zCSDsgWzpoX6oKTfV7EcL5J+e5Hjvdive+iL2o lGkssKTyMfepIG+Q+QrXFIX8V7YWu3V07FZbUHY79FzYedyJ3JZEz0F2TsisjJ74 Psd6gq1OmDTD6GJEGnOcNR421wNfbnQ+Jl36KpJPOD5S6sTNncyz24AgwXFnfgeB 7dG0kaoOJL7rJIobBGUrI4NusBBVypxJc0jJ5UoMeyxPmiAExjpH6Q2rqnNtpiZA uLsDM+d2zw8fXG+8Yo5iBUGFEnbt+7+asaz88GAn3J7eTeRU+3bJStq+YX4JZwD9 ahE2lyCdMLxcB9ihd90= -----END CERTIFICATE-----Generated at Mon Jul 21 19:38:41 2025 by rpki-client