$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637373a3a2f34382d3438203d3e20323033393135.roa File: 326131343a373538303a666637373a3a2f34382d3438203d3e20323033393135.roa (raw, json) Hash identifier: F5/aVvIreRBQw19BMcjvtJaH6IAMjMe6w+V1TelngZU= Subject key identifier: 1D:73:8C:3C:05:1F:00:1E:6F:25:6C:7A:14:A3:E6:3F:56:85:73:5A Certificate issuer: /CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Certificate serial: 7A4FF22B2B446C731F57C686A5D64AFAE6225BE0 Authority key identifier: CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637373a3a2f34382d3438203d3e20323033393135.roa Signing time: Wed 09 Jul 2025 09:38:18 +0000 ROA not before: Wed 09 Jul 2025 09:33:18 +0000 ROA not after: Wed 08 Jul 2026 09:38:18 +0000 asID: 203915 IP address blocks: 2a14:7580:ff77::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 21 Jul 2025 07:20:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:4f:f2:2b:2b:44:6c:73:1f:57:c6:86:a5:d6:4a:fa:e6:22:5b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Validity Not Before: Jul 9 09:33:18 2025 GMT Not After : Jul 8 09:38:18 2026 GMT Subject: CN=1D738C3C051F001E6F256C7A14A3E63F5685735A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f9:0c:72:be:e8:c1:ce:2b:26:63:2a:7d:9f: 6c:b3:06:45:8d:55:f8:80:41:3f:19:a4:f3:7b:8b: b4:7e:2e:63:4d:8c:ce:6a:7d:f0:d8:c8:84:1c:c8: c2:6f:39:72:1c:b6:a2:9a:8c:6b:87:60:3e:ce:e7: b0:44:ea:66:cb:6f:42:6c:5e:01:35:3c:96:43:94: c6:18:3d:12:c7:bf:cc:bd:ba:74:b1:3b:e8:ce:d4: b9:85:38:13:94:2d:09:38:5a:74:c5:ba:89:85:34: 39:bb:f6:f9:c9:34:68:f4:79:b8:57:20:3b:a4:1b: ff:1b:cf:ce:53:e0:24:fe:04:ec:c1:51:9a:30:e4: df:12:7f:69:e7:5e:cd:1a:45:01:6c:6c:81:1d:4f: 19:0a:28:0f:a0:9a:1e:8c:c3:e4:cc:50:1d:6a:0f: d0:8e:38:b0:83:2a:4a:1f:a5:c9:90:97:fd:e1:77: c9:09:ac:89:2c:03:5e:6f:08:44:2d:e5:00:53:9c: 80:73:67:0a:a1:be:ac:53:20:e6:93:b2:14:05:63: 09:5d:cd:3a:d5:68:05:ef:6f:e8:34:45:ca:52:3b: 04:94:72:a0:26:45:33:3c:b1:62:c7:04:b7:c0:1c: 10:6b:87:60:e0:fb:c4:f9:3a:5e:2f:fc:ec:25:f3: 27:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:73:8C:3C:05:1F:00:1E:6F:25:6C:7A:14:A3:E6:3F:56:85:73:5A X509v3 Authority Key Identifier: keyid:CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637373a3a2f34382d3438203d3e20323033393135.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff77::/48 Signature Algorithm: sha256WithRSAEncryption bb:17:c4:50:99:e6:aa:95:9e:e8:79:45:81:76:9e:14:e5:3f: 73:b0:2f:88:7a:13:b8:13:35:9f:05:10:80:03:21:55:83:37: 3f:e0:f8:c6:60:a5:3e:5f:6c:91:46:69:36:1e:1d:9d:27:c6: 5a:f6:7b:8b:9c:7a:6f:81:9c:15:65:fa:70:5c:6e:b2:a9:ce: 3e:80:ba:56:46:b7:56:bb:fd:23:ce:e5:4e:af:aa:4d:b4:8b: 9b:d8:2b:a1:fe:75:62:b0:43:ee:e9:41:b7:c8:39:b6:3a:bf: dc:7d:a9:9e:84:c1:2f:ae:2f:6b:ef:78:f9:72:06:b6:8f:71: fa:a0:3a:28:a6:58:25:cd:ff:63:2d:b8:5e:c6:7c:fd:9e:bb: 67:4b:7f:fe:dd:20:f0:cd:0b:01:b8:50:0a:e8:4a:67:af:5b: 24:56:92:4a:a3:26:68:ce:1e:59:5b:ae:a8:99:46:41:0d:d0: 64:cc:e6:05:38:71:07:7f:70:f7:3f:04:80:52:a3:6b:35:b3: 57:9a:79:27:c2:0b:02:0a:f9:04:40:a1:f6:d4:27:d1:be:1b: dd:da:e6:86:6f:97:02:5e:b2:55:7f:3d:1a:9a:6f:ca:f8:d2: 3a:8b:e9:c5:62:30:f3:52:77:ec:a7:48:2d:33:28:e4:30:f7: ff:e4:76:d3 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUek/yKytEbHMfV8aGpdZK+uYiW+AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlC RjFEMEYyRjAeFw0yNTA3MDkwOTMzMThaFw0yNjA3MDgwOTM4MThaMDMxMTAvBgNV BAMTKDFENzM4QzNDMDUxRjAwMUU2RjI1NkM3QTE0QTNFNjNGNTY4NTczNUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9+QxyvujBzismYyp9n2yzBkWN VfiAQT8ZpPN7i7R+LmNNjM5qffDYyIQcyMJvOXIctqKajGuHYD7O57BE6mbLb0Js XgE1PJZDlMYYPRLHv8y9unSxO+jO1LmFOBOULQk4WnTFuomFNDm79vnJNGj0ebhX IDukG/8bz85T4CT+BOzBUZow5N8Sf2nnXs0aRQFsbIEdTxkKKA+gmh6Mw+TMUB1q D9COOLCDKkofpcmQl/3hd8kJrIksA15vCEQt5QBTnIBzZwqhvqxTIOaTshQFYwld zTrVaAXvb+g0RcpSOwSUcqAmRTM8sWLHBLfAHBBrh2Dg+8T5Ol4v/Owl8yfVAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUHXOMPAUfAB5vJWx6FKPmP1aFc1owHwYDVR0j BBgwFoAUzHkaH1yzuyyvfCg4IRLiab8dDy8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjdhMGFhNTYtNGExZC00YmE4LWFiNjYtYzU5ZmVkNGMz N2ZjLzEvQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlCRjFEMEYyRi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9DQzc5MUExRjVDQjNCQjJDQUY3QzI4Mzgy MTEyRTI2OUJGMUQwRjJGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9iN2EwYWE1Ni00YTFkLTRiYTgtYWI2Ni1jNTlmZWQ0YzM3ZmMvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNzM3M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDMzMzkzMTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP93MA0GCSqGSIb3DQEBCwUAA4IBAQC7 F8RQmeaqlZ7oeUWBdp4U5T9zsC+IehO4EzWfBRCAAyFVgzc/4PjGYKU+X2yRRmk2 Hh2dJ8Za9nuLnHpvgZwVZfpwXG6yqc4+gLpWRrdWu/0jzuVOr6pNtIub2Cuh/nVi sEPu6UG3yDm2Or/cfamehMEvri9r73j5cga2j3H6oDooplglzf9jLbhexnz9nrtn S3/+3SDwzQsBuFAK6Epnr1skVpJKoyZozh5ZW66omUZBDdBkzOYFOHEHf3D3PwSA UqNrNbNXmnknwgsCCvkEQKH21CfRvhvd2uaGb5cCXrJVfz0amm/K+NI6i+nFYjDz Unfsp0gtMyjkMPf/5HbT -----END CERTIFICATE-----Generated at Sun Jul 20 20:12:30 2025 by rpki-client