$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/326130363a313238333a386230373a3a2f34382d313238203d3e20323133343133.roa File: 326130363a313238333a386230373a3a2f34382d313238203d3e20323133343133.roa (raw, json) Hash identifier: +LsHR6M/sTp/p218VbiQsurX+iZ7B1G4y6ss3VYV+wk= Subject key identifier: 84:B1:5A:53:21:E9:B3:74:1A:BE:46:02:3F:8F:B8:6B:D6:90:F2:6C Certificate issuer: /CN=D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C Certificate serial: 1D5F43BC06DE75A25119A0A31C961909544870F4 Authority key identifier: D5:4D:44:3B:67:C1:CC:5E:A1:B5:44:6E:A0:64:3C:AC:3A:7A:8B:2C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/326130363a313238333a386230373a3a2f34382d313238203d3e20323133343133.roa Signing time: Fri 18 Jul 2025 22:22:19 +0000 ROA not before: Fri 18 Jul 2025 22:17:19 +0000 ROA not after: Fri 17 Jul 2026 22:22:19 +0000 asID: 213413 IP address blocks: 2a06:1283:8b07::/48 maxlen: 128 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.crl rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.mft rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.cer rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/4807C118BD348934B5CC59B3E8A7A8C14F29C3FB.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/4807C118BD348934B5CC59B3E8A7A8C14F29C3FB.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/4807C118BD348934B5CC59B3E8A7A8C14F29C3FB.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 22 Jul 2025 14:17:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:5f:43:bc:06:de:75:a2:51:19:a0:a3:1c:96:19:09:54:48:70:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C Validity Not Before: Jul 18 22:17:19 2025 GMT Not After : Jul 17 22:22:19 2026 GMT Subject: CN=84B15A5321E9B3741ABE46023F8FB86BD690F26C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:74:40:b7:2a:a4:16:eb:e8:ce:26:27:1c:8f: 43:b7:bc:00:a6:72:3b:b0:c7:b4:70:91:44:cc:5a: 76:7e:78:8c:53:f9:8f:00:2d:3f:03:5d:61:5e:8f: 89:d2:66:6a:db:7f:9b:a2:d6:fa:0f:a7:fe:a5:82: b4:77:a8:ee:4f:d1:36:47:f0:93:a4:cd:b3:e7:5d: 30:d7:8c:07:f7:a2:5e:b2:fb:35:13:62:3a:8a:51: 24:bb:38:34:18:13:b7:cc:26:b5:ce:59:ff:3b:53: 61:10:e4:21:17:ea:08:c8:37:d8:f9:5a:3a:65:14: 1f:0d:4e:da:e7:9b:1e:ad:39:2b:7b:fe:d4:fa:90: 68:58:33:1c:5a:a2:50:bc:25:ca:af:85:0c:a2:9d: 32:89:e1:91:35:63:6e:7d:a5:04:0d:0f:24:be:37: 36:ca:b9:e3:22:65:ea:73:71:17:78:33:d4:91:9a: 0e:7c:ae:1b:6b:82:a7:dc:9e:94:40:47:83:d6:3f: b5:ff:ae:62:b0:b8:01:62:93:b9:cb:79:81:92:c3: 64:0b:23:2a:9b:c9:54:aa:56:2e:38:04:20:c7:d7: c1:e0:bf:37:ea:f5:70:76:3c:2d:7c:5b:69:76:71: d4:5a:14:db:2a:7f:cc:b4:f1:4c:86:55:8a:25:5d: 3a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B1:5A:53:21:E9:B3:74:1A:BE:46:02:3F:8F:B8:6B:D6:90:F2:6C X509v3 Authority Key Identifier: keyid:D5:4D:44:3B:67:C1:CC:5E:A1:B5:44:6E:A0:64:3C:AC:3A:7A:8B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/326130363a313238333a386230373a3a2f34382d313238203d3e20323133343133.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:1283:8b07::/48 Signature Algorithm: sha256WithRSAEncryption 95:fd:99:39:28:40:99:f7:66:9a:57:d7:c2:cd:65:a0:13:64: b1:39:96:e9:fe:35:d8:47:a7:ef:6b:0f:57:f9:eb:2b:6e:05: 46:21:a4:67:79:ef:37:f0:6a:22:24:70:53:11:ae:75:36:26: 50:cb:03:cf:2a:e2:7a:75:33:f5:31:8f:39:67:57:d8:4e:57: 88:ac:f4:0b:5a:37:60:be:2b:76:d3:1e:5a:b5:e2:78:78:f4: 6f:19:83:59:d0:a3:df:5b:87:75:ae:b5:bd:c6:8d:55:e5:f8: 57:dd:47:a6:6c:06:45:00:b7:1a:4e:7c:28:49:58:56:dd:5c: 53:0d:2f:d2:7d:a1:0b:2e:80:9b:af:95:22:16:17:b2:79:92: e0:a8:a6:aa:da:41:69:47:60:97:16:59:5a:8f:e0:ce:47:d4: e1:65:db:81:f7:38:0c:03:18:ad:23:24:ff:f3:ce:a3:39:5c: 8e:f3:8e:56:d9:e6:c3:d9:8e:ac:64:87:50:2f:41:82:fd:60: 8c:53:b7:8a:03:d3:96:f5:84:9b:61:10:ec:87:1a:72:93:5a: c3:29:df:b0:d2:be:a9:53:11:a9:e5:2e:5f:26:56:34:de:dd: ac:f2:8e:b9:b4:79:74:5e:98:71:95:d4:dc:82:bd:ea:4f:30: d0:fc:e7:f8 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgIUHV9DvAbedaJRGaCjHJYZCVRIcPQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDU0RDQ0M0I2N0MxQ0M1RUExQjU0NDZFQTA2NDNDQUMz QTdBOEIyQzAeFw0yNTA3MTgyMjE3MTlaFw0yNjA3MTcyMjIyMTlaMDMxMTAvBgNV BAMTKDg0QjE1QTUzMjFFOUIzNzQxQUJFNDYwMjNGOEZCODZCRDY5MEYyNkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2dEC3KqQW6+jOJiccj0O3vACm cjuwx7RwkUTMWnZ+eIxT+Y8ALT8DXWFej4nSZmrbf5ui1voPp/6lgrR3qO5P0TZH 8JOkzbPnXTDXjAf3ol6y+zUTYjqKUSS7ODQYE7fMJrXOWf87U2EQ5CEX6gjIN9j5 WjplFB8NTtrnmx6tOSt7/tT6kGhYMxxaolC8JcqvhQyinTKJ4ZE1Y259pQQNDyS+ NzbKueMiZepzcRd4M9SRmg58rhtrgqfcnpRAR4PWP7X/rmKwuAFik7nLeYGSw2QL IyqbyVSqVi44BCDH18Hgvzfq9XB2PC18W2l2cdRaFNsqf8y08UyGVYolXTobAgMB AAGjggKHMIICgzAdBgNVHQ4EFgQUhLFaUyHps3QavkYCP4+4a9aQ8mwwHwYDVR0j BBgwFoAU1U1EO2fBzF6htURuoGQ8rDp6iywwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4 MDhiLzYvRDU0RDQ0M0I2N0MxQ0M1RUExQjU0NDZFQTA2NDNDQUMzQTdBOEIyQy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWY3M2E5Yy0yMDU4LTQz YmItOWFjNi01YWI0MmRmYmY0MDkvNC9ENTRENDQzQjY3QzFDQzVFQTFCNTQ0NkVB MDY0M0NBQzNBN0E4QjJDLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvNi8zMjYxMzAz NjNhMzEzMjM4MzMzYTM4NjIzMDM3M2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAz MjMxMzMzNDMxMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB BQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBhKDiwcwDQYJKoZIhvcNAQELBQADggEB AJX9mTkoQJn3ZppX18LNZaATZLE5lun+NdhHp+9rD1f56ytuBUYhpGd57zfwaiIk cFMRrnU2JlDLA88q4np1M/UxjzlnV9hOV4is9AtaN2C+K3bTHlq14nh49G8Zg1nQ o99bh3Wutb3GjVXl+FfdR6ZsBkUAtxpOfChJWFbdXFMNL9J9oQsugJuvlSIWF7J5 kuCopqraQWlHYJcWWVqP4M5H1OFl24H3OAwDGK0jJP/zzqM5XI7zjlbZ5sPZjqxk h1AvQYL9YIxTt4oD05b1hJthEOyHGnKTWsMp37DSvqlTEanlLl8mVjTe3azyjrm0 eXRemHGV1NyCvepPMND85/g= -----END CERTIFICATE-----Generated at Mon Jul 21 21:27:23 2025 by rpki-client