$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa File: 326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa (raw, json) Hash identifier: CNfVsinVsceZGjOaXQsHUjsBZSefgQTBz85mK3PRJtU= Subject key identifier: 78:F2:30:6A:61:34:90:86:90:4A:A9:DB:B4:78:71:61:4C:F5:C4:0E Certificate issuer: /CN=FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8 Certificate serial: 7B1F78C120DE44187A8633ABE5AFAC7958FFD9E5 Authority key identifier: FA:71:0E:21:BC:41:E9:82:7D:52:D6:6D:E9:8E:F8:E9:AC:E9:B1:E8 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa Signing time: Fri 18 Jul 2025 23:35:10 +0000 ROA not before: Fri 18 Jul 2025 23:30:10 +0000 ROA not after: Fri 17 Jul 2026 23:35:10 +0000 asID: 212516 IP address blocks: 2a14:7584:4f00::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 22 Jul 2025 09:50:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:1f:78:c1:20:de:44:18:7a:86:33:ab:e5:af:ac:79:58:ff:d9:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8 Validity Not Before: Jul 18 23:30:10 2025 GMT Not After : Jul 17 23:35:10 2026 GMT Subject: CN=78F2306A61349086904AA9DBB47871614CF5C40E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:4b:46:3c:f0:1c:c2:2c:fb:48:9e:f1:87:df: 67:0a:a0:12:6f:99:6a:2d:97:55:b9:1f:c4:d0:82: f9:2a:2d:43:f4:0d:c2:f5:a1:d6:89:4b:04:66:8d: a1:1e:fa:e3:9e:15:e7:89:be:66:88:d7:ec:97:d9: 30:a7:62:62:b5:8f:ab:a1:37:16:59:9c:f2:61:bb: 70:46:67:d4:a3:08:52:cf:49:a9:d1:c6:af:d7:cb: 95:21:26:67:8d:99:57:8f:71:77:f2:3d:0e:11:11: e4:7c:eb:34:d9:e5:53:01:c7:f7:c4:fd:e6:ca:7d: fe:df:2b:0d:f9:48:af:b4:83:fe:c0:02:20:97:73: b2:1f:06:40:96:64:71:6e:87:af:d3:e1:e1:21:e4: 0b:4c:95:bf:74:40:bf:70:88:73:c1:97:b3:9e:71: 7c:a8:b7:5f:f1:71:8b:29:71:c8:b8:a9:da:a2:0e: 37:bb:2f:91:fe:84:1d:59:8b:48:53:22:a1:f7:da: ec:e2:42:28:8b:10:24:e2:1f:b4:10:b3:a1:26:07: 21:1d:63:d1:ff:a6:f4:12:bb:58:18:2b:5e:b4:04: 4a:9e:f2:25:16:8a:9c:e1:95:85:ef:af:9e:38:2c: b0:3f:98:48:3d:19:97:ab:96:86:51:10:91:1a:46: 10:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:F2:30:6A:61:34:90:86:90:4A:A9:DB:B4:78:71:61:4C:F5:C4:0E X509v3 Authority Key Identifier: keyid:FA:71:0E:21:BC:41:E9:82:7D:52:D6:6D:E9:8E:F8:E9:AC:E9:B1:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/FA710E21BC41E9827D52D66DE98EF8E9ACE9B1E8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/3/326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4f00::/40 Signature Algorithm: sha256WithRSAEncryption a8:84:eb:8c:7a:7a:38:bb:d2:47:ed:72:ac:d1:91:52:b5:d0: 61:2b:25:d6:85:db:89:85:4b:db:a6:88:83:68:26:5a:de:3f: 53:5e:8d:75:f5:d4:75:f2:56:6f:a2:1c:8a:b4:15:8a:d6:52: 97:00:b1:bb:f2:d9:26:85:9d:a1:92:97:ff:ab:49:81:63:50: 6c:8b:de:d9:9a:20:72:c1:ed:7f:a8:63:2d:55:a6:22:04:de: 01:ef:8a:73:1b:ab:b3:86:18:3e:2a:56:25:98:05:18:3e:ff: 17:2c:1e:96:95:cc:e9:2f:ef:b2:d2:69:03:1b:d7:eb:08:0c: 93:f4:7e:8b:07:8e:95:65:30:4b:8f:33:0e:a0:93:b4:71:b2: db:ae:0c:85:83:a1:a7:66:da:2f:e7:27:d5:41:23:9d:67:44: a3:ef:19:6b:bb:95:85:73:8c:7a:f0:26:48:cc:8f:3d:4d:56: d8:81:43:7b:33:95:e4:4e:13:c9:aa:ff:9b:cc:7c:ed:68:b3: 72:65:d0:af:e4:b6:ad:dc:61:5e:71:7b:74:08:ab:3d:68:52: c5:89:8b:e7:2f:fe:81:a9:8a:4e:74:48:e8:f0:3f:a2:dd:17: ea:0c:ca:f9:f8:44:34:56:9b:21:38:25:58:2a:34:f3:26:99: 26:1a:59:94 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUex94wSDeRBh6hjOr5a+seVj/2eUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkE3MTBFMjFCQzQxRTk4MjdENTJENjZERTk4RUY4RTlB Q0U5QjFFODAeFw0yNTA3MTgyMzMwMTBaFw0yNjA3MTcyMzM1MTBaMDMxMTAvBgNV BAMTKDc4RjIzMDZBNjEzNDkwODY5MDRBQTlEQkI0Nzg3MTYxNENGNUM0MEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTS0Y88BzCLPtInvGH32cKoBJv mWotl1W5H8TQgvkqLUP0DcL1odaJSwRmjaEe+uOeFeeJvmaI1+yX2TCnYmK1j6uh NxZZnPJhu3BGZ9SjCFLPSanRxq/Xy5UhJmeNmVePcXfyPQ4REeR86zTZ5VMBx/fE /ebKff7fKw35SK+0g/7AAiCXc7IfBkCWZHFuh6/T4eEh5AtMlb90QL9wiHPBl7Oe cXyot1/xcYspcci4qdqiDje7L5H+hB1Zi0hTIqH32uziQiiLECTiH7QQs6EmByEd Y9H/pvQSu1gYK160BEqe8iUWipzhlYXvr544LLA/mEg9GZerloZREJEaRhBfAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUePIwamE0kIaQSqnbtHhxYUz1xA4wHwYDVR0j BBgwFoAU+nEOIbxB6YJ9UtZt6Y746azpsegwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzMvRkE3MTBFMjFCQzQxRTk4MjdENTJENjZERTk4RUY4RTlBQ0U5QjFFOC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GQTcxMEUyMUJDNDFFOTgyN0Q1MkQ2NkRF OThFRjhFOUFDRTlCMUU4LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMy8zMjYxMzEz NDNhMzczNTM4MzQzYTM0NjYzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz MTMyMzUzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1hE8wDQYJKoZIhvcNAQELBQADggEBAKiE 64x6eji70kftcqzRkVK10GErJdaF24mFS9umiINoJlreP1NejXX11HXyVm+iHIq0 FYrWUpcAsbvy2SaFnaGSl/+rSYFjUGyL3tmaIHLB7X+oYy1VpiIE3gHvinMbq7OG GD4qViWYBRg+/xcsHpaVzOkv77LSaQMb1+sIDJP0fosHjpVlMEuPMw6gk7Rxstuu DIWDoadm2i/nJ9VBI51nRKPvGWu7lYVzjHrwJkjMjz1NVtiBQ3szleROE8mq/5vM fO1os3Jl0K/ktq3cYV5xe3QIqz1oUsWJi+cv/oGpik50SOjwP6LdF+oMyvn4RDRW myE4JVgqNPMmmSYaWZQ= -----END CERTIFICATE-----Generated at Mon Jul 21 19:17:00 2025 by rpki-client