$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637363a3a2f34382d3438203d3e20323033393135.roa File: 326131343a373538303a666637363a3a2f34382d3438203d3e20323033393135.roa (raw, json) Hash identifier: BkHJMnQDPpptXCMBwmodU4zh5ifR8UsDSgAYqmaYZ4U= Subject key identifier: 43:8C:56:33:D4:23:86:4C:C2:D1:8E:66:4C:39:30:6D:A6:2B:85:39 Certificate issuer: /CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Certificate serial: 1AC428572987FEDC8052ED3596D5439B8D8FAB60 Authority key identifier: CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637363a3a2f34382d3438203d3e20323033393135.roa Signing time: Wed 09 Jul 2025 09:38:12 +0000 ROA not before: Wed 09 Jul 2025 09:33:12 +0000 ROA not after: Wed 08 Jul 2026 09:38:12 +0000 asID: 203915 IP address blocks: 2a14:7580:ff76::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 21 Jul 2025 07:20:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:c4:28:57:29:87:fe:dc:80:52:ed:35:96:d5:43:9b:8d:8f:ab:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Validity Not Before: Jul 9 09:33:12 2025 GMT Not After : Jul 8 09:38:12 2026 GMT Subject: CN=438C5633D423864CC2D18E664C39306DA62B8539 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:63:4e:95:3e:25:cf:53:14:68:43:3b:20:3f: 4c:4a:53:75:77:fe:d8:51:cb:98:c1:66:8a:7e:23: 22:8e:d1:70:d7:4c:6a:f8:12:a5:24:6e:b8:37:97: ef:ad:1c:12:c7:86:d2:56:58:90:bd:ff:ec:94:3b: 2f:36:9c:c9:1a:5e:ac:1a:cf:e7:28:ae:15:ef:bb: 70:fd:09:71:82:c5:dd:ea:13:4e:3f:95:2c:44:fa: bc:98:3b:ab:a5:53:b4:c7:43:cc:07:53:8d:5a:6d: ff:bd:d4:c3:d0:9d:35:bf:1d:ec:c8:f6:6c:7c:d9: 19:bc:72:13:cb:6f:cd:e5:77:ba:0b:0e:55:67:37: 7d:92:bd:0e:c3:04:00:98:bf:a9:bc:07:22:75:82: 32:cd:1a:93:1a:d2:96:26:66:e7:26:f6:30:93:08: fb:82:d2:68:d8:60:b2:06:d9:d7:ce:5d:33:10:15: 6d:43:5f:df:cd:d1:42:32:52:6a:8a:a6:dd:6a:90: 9d:50:09:5c:b5:22:75:7b:eb:91:9a:b0:bd:be:82: be:8d:f1:ad:16:63:7a:54:69:9b:72:c5:0a:60:49: a8:bf:1b:98:4f:13:e4:98:a3:76:5c:82:2f:25:4d: bd:b7:3d:07:0f:2a:20:57:53:0f:54:e1:b0:39:57: 59:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:8C:56:33:D4:23:86:4C:C2:D1:8E:66:4C:39:30:6D:A6:2B:85:39 X509v3 Authority Key Identifier: keyid:CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637363a3a2f34382d3438203d3e20323033393135.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff76::/48 Signature Algorithm: sha256WithRSAEncryption 71:1f:74:be:dc:30:20:e9:d7:a7:62:71:98:60:f7:c3:2c:64: 0b:a2:5a:83:af:36:57:14:c6:b6:e0:ce:1c:b4:d6:f7:3a:a6: a4:02:c4:84:15:af:6f:e7:a9:12:11:d4:bd:c6:31:5d:65:f3: dd:59:31:64:64:a8:03:be:15:14:d1:97:38:ad:73:42:a9:1e: 9b:1b:6f:31:ef:c9:ce:f3:2c:a7:a2:7f:ca:6e:80:4f:ef:ff: b3:9c:49:03:3a:5d:2a:7e:7f:a6:27:50:87:8e:89:2b:97:7a: 9f:9e:a8:b9:cf:81:c4:ce:54:2e:02:f6:4b:b9:cc:91:69:c6: 35:63:1d:ff:4e:2a:a5:44:07:09:b9:f8:87:e1:be:31:f8:3b: c3:d9:a4:90:a3:25:14:bb:2f:97:0d:f3:ac:23:d3:7c:53:6b: 32:75:95:f8:b4:dd:f8:46:71:7d:32:5e:48:07:e3:46:4e:76: c3:9e:4a:29:ab:37:a5:c0:df:ea:4b:11:95:cc:6c:5c:d0:f3: 10:5c:81:c2:02:a0:62:7a:6f:03:b0:d1:5a:05:a8:9c:70:57: 81:2c:24:2d:57:b1:cd:11:49:09:24:2a:5c:28:0d:5f:60:1a: 2f:b7:a8:94:b5:c7:df:1e:5a:7a:f7:50:10:6b:01:4a:c5:12: e7:a2:80:96 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUGsQoVymH/tyAUu01ltVDm42Pq2AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlC RjFEMEYyRjAeFw0yNTA3MDkwOTMzMTJaFw0yNjA3MDgwOTM4MTJaMDMxMTAvBgNV BAMTKDQzOEM1NjMzRDQyMzg2NENDMkQxOEU2NjRDMzkzMDZEQTYyQjg1MzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHY06VPiXPUxRoQzsgP0xKU3V3 /thRy5jBZop+IyKO0XDXTGr4EqUkbrg3l++tHBLHhtJWWJC9/+yUOy82nMkaXqwa z+corhXvu3D9CXGCxd3qE04/lSxE+ryYO6ulU7THQ8wHU41abf+91MPQnTW/HezI 9mx82Rm8chPLb83ld7oLDlVnN32SvQ7DBACYv6m8ByJ1gjLNGpMa0pYmZucm9jCT CPuC0mjYYLIG2dfOXTMQFW1DX9/N0UIyUmqKpt1qkJ1QCVy1InV765GasL2+gr6N 8a0WY3pUaZtyxQpgSai/G5hPE+SYo3Zcgi8lTb23PQcPKiBXUw9U4bA5V1nlAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUQ4xWM9QjhkzC0Y5mTDkwbaYrhTkwHwYDVR0j BBgwFoAUzHkaH1yzuyyvfCg4IRLiab8dDy8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjdhMGFhNTYtNGExZC00YmE4LWFiNjYtYzU5ZmVkNGMz N2ZjLzEvQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlCRjFEMEYyRi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9DQzc5MUExRjVDQjNCQjJDQUY3QzI4Mzgy MTEyRTI2OUJGMUQwRjJGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9iN2EwYWE1Ni00YTFkLTRiYTgtYWI2Ni1jNTlmZWQ0YzM3ZmMvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNzM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDMzMzkzMTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP92MA0GCSqGSIb3DQEBCwUAA4IBAQBx H3S+3DAg6denYnGYYPfDLGQLolqDrzZXFMa24M4ctNb3OqakAsSEFa9v56kSEdS9 xjFdZfPdWTFkZKgDvhUU0Zc4rXNCqR6bG28x78nO8yynon/KboBP7/+znEkDOl0q fn+mJ1CHjokrl3qfnqi5z4HEzlQuAvZLucyRacY1Yx3/TiqlRAcJufiH4b4x+DvD 2aSQoyUUuy+XDfOsI9N8U2sydZX4tN34RnF9Ml5IB+NGTnbDnkopqzelwN/qSxGV zGxc0PMQXIHCAqBiem8DsNFaBaiccFeBLCQtV7HNEUkJJCpcKA1fYBovt6iUtcff Hlp691AQawFKxRLnooCW -----END CERTIFICATE-----Generated at Sun Jul 20 20:12:27 2025 by rpki-client