$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637623a3a2f34382d3438203d3e20323033393135.roa File: 326131343a373538303a666637623a3a2f34382d3438203d3e20323033393135.roa (raw, json) Hash identifier: +Dm2JEqaSsfzmcw/vRVxZqJazGgE0R+iZSKdYatTFPI= Subject key identifier: 4D:F4:95:EA:DC:FB:0A:FA:5D:D3:61:1A:A3:7D:AC:B6:9C:CA:49:8B Certificate issuer: /CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Certificate serial: 38DF65CFC50196334F56BAE65CB28C7B0EA45F83 Authority key identifier: CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637623a3a2f34382d3438203d3e20323033393135.roa Signing time: Wed 09 Jul 2025 09:38:42 +0000 ROA not before: Wed 09 Jul 2025 09:33:42 +0000 ROA not after: Wed 08 Jul 2026 09:38:42 +0000 asID: 203915 IP address blocks: 2a14:7580:ff7b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 21 Jul 2025 07:20:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:df:65:cf:c5:01:96:33:4f:56:ba:e6:5c:b2:8c:7b:0e:a4:5f:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Validity Not Before: Jul 9 09:33:42 2025 GMT Not After : Jul 8 09:38:42 2026 GMT Subject: CN=4DF495EADCFB0AFA5DD3611AA37DACB69CCA498B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:0e:62:3d:93:97:f3:e0:e7:ec:21:ce:aa:52: 75:b8:e5:9a:a7:d1:7c:bc:07:5f:84:3a:90:b4:c9: bb:42:21:fe:1a:27:03:39:7c:50:30:fe:7f:fa:80: 6d:ef:28:81:15:75:f8:43:ea:3d:6b:bb:fd:39:bd: 09:82:42:71:f6:4b:4e:2b:aa:9a:fb:59:1e:82:ce: b6:35:03:e3:d0:f7:32:a4:db:76:7f:20:da:67:e9: 07:d5:7e:9c:7b:55:db:82:d4:1a:f0:ba:4f:d7:61: 91:76:a2:a9:fe:95:54:da:97:7b:df:34:45:be:cd: f9:86:39:fd:93:aa:5a:1e:55:d2:e3:ec:96:37:62: ba:ac:79:8c:2f:9e:67:07:57:c6:29:66:2f:0f:08: df:9c:b6:f7:60:3e:0c:f4:bc:d3:23:f8:ac:80:39: 10:a7:22:c0:9a:94:48:0d:4e:a6:11:bd:30:ad:cd: 5f:ea:b2:b4:81:7f:53:68:93:60:e0:33:9c:98:25: 35:07:18:00:6e:21:c9:6b:86:5e:b0:96:1c:e0:1d: 7c:9c:b4:ec:2d:f4:e3:cf:9a:b7:40:5c:d2:a5:56: cc:4f:c2:ab:c3:5b:70:78:8b:49:17:7a:c4:89:1c: 20:53:c2:24:46:95:76:93:ae:68:c0:86:43:ea:a1: 71:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:F4:95:EA:DC:FB:0A:FA:5D:D3:61:1A:A3:7D:AC:B6:9C:CA:49:8B X509v3 Authority Key Identifier: keyid:CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637623a3a2f34382d3438203d3e20323033393135.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff7b::/48 Signature Algorithm: sha256WithRSAEncryption c2:8e:e8:e7:d9:a0:0b:9c:4d:1f:e7:b6:78:33:79:cd:a4:bc: 8c:ef:6e:dc:ea:94:56:bf:26:20:02:b1:e5:9c:96:b9:e0:e4: f6:ca:ac:59:2a:8d:f1:d9:d9:2e:77:57:b6:6c:ca:14:e9:c9: 94:6a:be:ea:b1:af:69:ae:33:fb:35:a1:20:f9:22:d9:cf:14: a7:51:d8:4c:a1:19:0c:5f:52:96:73:63:b7:bd:da:94:a5:b1: c4:19:c1:30:50:91:77:7c:40:a4:5d:06:93:55:8e:b9:c8:68: 45:1b:7b:40:58:3a:dc:ab:49:14:28:f2:14:4c:e1:08:4e:28: 5e:9e:7d:93:e2:7e:01:17:27:0f:c7:06:25:bd:e4:7b:b8:37: 72:2b:64:ae:df:c8:92:06:9f:3a:66:3f:73:b9:2c:c2:56:db: 5b:77:63:70:03:46:b5:cf:ac:70:2b:05:59:f5:16:e6:0e:dc: 04:d3:e3:14:bd:3c:91:e7:d8:8d:75:a0:74:7d:c2:21:f8:d3: 99:18:d8:4b:33:00:50:69:e9:48:14:5d:ad:a1:d6:e3:b6:1c: ea:f3:1b:c2:a7:1f:59:1e:ea:43:53:ac:89:d2:d4:b9:61:51: 1b:fe:6f:82:f5:f1:89:40:44:11:9d:8b:11:78:71:12:4e:4a: 98:a9:3a:7b -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUON9lz8UBljNPVrrmXLKMew6kX4MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlC RjFEMEYyRjAeFw0yNTA3MDkwOTMzNDJaFw0yNjA3MDgwOTM4NDJaMDMxMTAvBgNV BAMTKDRERjQ5NUVBRENGQjBBRkE1REQzNjExQUEzN0RBQ0I2OUNDQTQ5OEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcDmI9k5fz4OfsIc6qUnW45Zqn 0Xy8B1+EOpC0ybtCIf4aJwM5fFAw/n/6gG3vKIEVdfhD6j1ru/05vQmCQnH2S04r qpr7WR6CzrY1A+PQ9zKk23Z/INpn6QfVfpx7VduC1Brwuk/XYZF2oqn+lVTal3vf NEW+zfmGOf2TqloeVdLj7JY3YrqseYwvnmcHV8YpZi8PCN+ctvdgPgz0vNMj+KyA ORCnIsCalEgNTqYRvTCtzV/qsrSBf1Nok2DgM5yYJTUHGABuIclrhl6wlhzgHXyc tOwt9OPPmrdAXNKlVsxPwqvDW3B4i0kXesSJHCBTwiRGlXaTrmjAhkPqoXElAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUTfSV6tz7Cvpd02Eao32stpzKSYswHwYDVR0j BBgwFoAUzHkaH1yzuyyvfCg4IRLiab8dDy8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjdhMGFhNTYtNGExZC00YmE4LWFiNjYtYzU5ZmVkNGMz N2ZjLzEvQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlCRjFEMEYyRi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9DQzc5MUExRjVDQjNCQjJDQUY3QzI4Mzgy MTEyRTI2OUJGMUQwRjJGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9iN2EwYWE1Ni00YTFkLTRiYTgtYWI2Ni1jNTlmZWQ0YzM3ZmMvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNzYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDMzMzkzMTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP97MA0GCSqGSIb3DQEBCwUAA4IBAQDC jujn2aALnE0f57Z4M3nNpLyM727c6pRWvyYgArHlnJa54OT2yqxZKo3x2dkud1e2 bMoU6cmUar7qsa9prjP7NaEg+SLZzxSnUdhMoRkMX1KWc2O3vdqUpbHEGcEwUJF3 fECkXQaTVY65yGhFG3tAWDrcq0kUKPIUTOEITihenn2T4n4BFycPxwYlveR7uDdy K2Su38iSBp86Zj9zuSzCVttbd2NwA0a1z6xwKwVZ9RbmDtwE0+MUvTyR59iNdaB0 fcIh+NOZGNhLMwBQaelIFF2todbjthzq8xvCpx9ZHupDU6yJ0tS5YVEb/m+C9fGJ QEQRnYsReHESTkqYqTp7 -----END CERTIFICATE-----Generated at Sun Jul 20 20:10:58 2025 by rpki-client