$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637613a3a2f34382d3438203d3e20313437313831.roa File: 326131343a373538303a666637613a3a2f34382d3438203d3e20313437313831.roa (raw, json) Hash identifier: 5RP7M7zYFqJ8+Jv2ZfpyR8ID3GlBhQWXQs6XRm7WB50= Subject key identifier: 38:4C:24:23:F5:B2:62:31:89:C4:7A:5F:65:2E:15:37:CB:82:C2:B3 Certificate issuer: /CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Certificate serial: 7E3C1E78509922E2778FCE6E0DCF6FF6F5D202F6 Authority key identifier: CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637613a3a2f34382d3438203d3e20313437313831.roa Signing time: Wed 09 Jul 2025 09:33:56 +0000 ROA not before: Wed 09 Jul 2025 09:28:56 +0000 ROA not after: Wed 08 Jul 2026 09:33:56 +0000 asID: 147181 IP address blocks: 2a14:7580:ff7a::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 20 Jul 2025 20:15:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:3c:1e:78:50:99:22:e2:77:8f:ce:6e:0d:cf:6f:f6:f5:d2:02:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Validity Not Before: Jul 9 09:28:56 2025 GMT Not After : Jul 8 09:33:56 2026 GMT Subject: CN=384C2423F5B2623189C47A5F652E1537CB82C2B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:8c:a9:c6:d6:60:c4:c4:f4:fb:a1:2e:8d:a4: cf:b4:b0:85:36:46:1a:ef:c4:74:d4:75:4f:bb:af: 8e:c5:9e:2d:b1:91:33:39:72:b3:ac:45:c3:3c:45: 22:aa:a7:9d:5b:04:31:f4:32:23:64:e3:f4:00:15: 66:47:34:bf:44:1e:da:2f:7f:0e:c5:a0:42:7d:6c: 2f:62:29:25:8a:c3:98:5f:b9:f9:d4:1b:b9:68:40: 01:f0:93:8c:c9:0d:14:8a:6c:e7:ed:80:4e:54:c5: bc:86:5a:e6:3a:d8:e0:11:7b:48:62:18:6f:97:2b: 61:58:96:d7:c0:cf:5b:b4:89:d9:98:7a:18:c8:3e: 33:09:ca:49:63:6c:42:bb:49:11:45:04:5e:b6:93: b1:5a:ec:d5:69:5f:b2:16:b3:12:e1:4b:8e:0e:1d: 44:85:b6:1a:b5:c2:cf:df:91:d8:2f:b5:55:8c:ac: 04:be:fb:43:05:55:19:c8:fa:8a:f0:c0:b4:40:0c: 17:e0:ec:e7:e4:a3:3a:7e:e6:0c:b8:3c:02:b3:6b: d5:b4:d0:51:54:8c:a2:e7:27:ab:49:03:42:73:b3: cd:7a:1b:b1:88:21:46:26:5c:c9:5d:da:01:da:7e: 11:30:7b:d1:33:0e:1e:b5:d4:f4:99:0f:41:9a:e0: ca:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:4C:24:23:F5:B2:62:31:89:C4:7A:5F:65:2E:15:37:CB:82:C2:B3 X509v3 Authority Key Identifier: keyid:CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637613a3a2f34382d3438203d3e20313437313831.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff7a::/48 Signature Algorithm: sha256WithRSAEncryption 85:ad:14:40:0d:5f:62:6e:8d:6b:5f:85:61:79:ca:c4:4c:e2: ff:f5:1c:0d:8e:e4:98:88:f9:93:16:c6:3a:1c:fa:a7:3b:00: 5c:fa:ce:43:74:bb:10:6c:27:58:87:e7:07:e9:da:7b:c6:70: 28:82:ad:41:76:63:24:6f:18:bc:0d:55:a4:0f:82:5b:eb:1d: bf:6c:ef:03:15:75:d8:b6:56:fa:b8:55:78:79:86:97:32:29: 55:01:48:65:d0:0e:4e:a7:74:a2:07:21:ee:4c:36:00:ab:49: b0:28:04:6d:27:4b:59:f2:7d:d6:f9:08:8f:18:05:31:cd:bf: 62:f7:78:d8:e4:d8:c0:43:61:62:51:97:22:29:21:e5:76:3e: 42:e2:32:96:2f:c8:98:f8:d0:ad:ad:5c:5b:5a:5f:bb:f8:26: 14:3e:2b:eb:2a:63:8b:a4:1c:2f:1b:59:d2:1c:13:ae:54:07: 07:3d:29:3d:22:90:d9:e4:8e:71:5d:96:49:97:b7:7c:32:b2: 86:dc:03:6c:6f:62:9f:5f:53:19:fb:6f:6d:a5:a4:76:27:8a: 1b:96:b2:14:ce:d3:37:a0:67:56:f2:b5:4d:90:df:4c:9b:77: 55:e6:50:78:cb:2a:63:b5:5d:8b:91:fb:31:3a:cf:b8:9f:13: a4:4b:89:00 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUfjweeFCZIuJ3j85uDc9v9vXSAvYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlC RjFEMEYyRjAeFw0yNTA3MDkwOTI4NTZaFw0yNjA3MDgwOTMzNTZaMDMxMTAvBgNV BAMTKDM4NEMyNDIzRjVCMjYyMzE4OUM0N0E1RjY1MkUxNTM3Q0I4MkMyQjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrjKnG1mDExPT7oS6NpM+0sIU2 RhrvxHTUdU+7r47Fni2xkTM5crOsRcM8RSKqp51bBDH0MiNk4/QAFWZHNL9EHtov fw7FoEJ9bC9iKSWKw5hfufnUG7loQAHwk4zJDRSKbOftgE5UxbyGWuY62OARe0hi GG+XK2FYltfAz1u0idmYehjIPjMJykljbEK7SRFFBF62k7Fa7NVpX7IWsxLhS44O HUSFthq1ws/fkdgvtVWMrAS++0MFVRnI+orwwLRADBfg7Ofkozp+5gy4PAKza9W0 0FFUjKLnJ6tJA0Jzs816G7GIIUYmXMld2gHafhEwe9EzDh611PSZD0Ga4MqJAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUOEwkI/WyYjGJxHpfZS4VN8uCwrMwHwYDVR0j BBgwFoAUzHkaH1yzuyyvfCg4IRLiab8dDy8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjdhMGFhNTYtNGExZC00YmE4LWFiNjYtYzU5ZmVkNGMz N2ZjLzEvQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlCRjFEMEYyRi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9DQzc5MUExRjVDQjNCQjJDQUY3QzI4Mzgy MTEyRTI2OUJGMUQwRjJGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9iN2EwYWE1Ni00YTFkLTRiYTgtYWI2Ni1jNTlmZWQ0YzM3ZmMvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNzYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz NDM3MzEzODMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP96MA0GCSqGSIb3DQEBCwUAA4IBAQCF rRRADV9ibo1rX4VhecrETOL/9RwNjuSYiPmTFsY6HPqnOwBc+s5DdLsQbCdYh+cH 6dp7xnAogq1BdmMkbxi8DVWkD4Jb6x2/bO8DFXXYtlb6uFV4eYaXMilVAUhl0A5O p3SiByHuTDYAq0mwKARtJ0tZ8n3W+QiPGAUxzb9i93jY5NjAQ2FiUZciKSHldj5C 4jKWL8iY+NCtrVxbWl+7+CYUPivrKmOLpBwvG1nSHBOuVAcHPSk9IpDZ5I5xXZZJ l7d8MrKG3ANsb2KfX1MZ+29tpaR2J4oblrIUztM3oGdW8rVNkN9Mm3dV5lB4yypj tV2LkfsxOs+4nxOkS4kA -----END CERTIFICATE-----Generated at Sun Jul 20 12:30:16 2025 by rpki-client