$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199972.roa File: AS199972.roa (raw, json) Hash identifier: gqwhuF906NKfpBvk7WJh5mgG8fUXgI9wipy8pFNIJ8M= Subject key identifier: 61:C9:20:2D:99:35:E6:47:24:A1:A9:76:83:94:D8:03:27:32:23:51 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 74577E0DB994F600B62DDAC4BD5BB97BF1919010 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199972.roa Signing time: Sun 06 Oct 2024 04:45:06 +0000 ROA not before: Sun 06 Oct 2024 04:40:06 +0000 ROA not after: Sun 05 Oct 2025 04:45:06 +0000 asID: 199972 IP address blocks: 2a0a:6040:5a00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:57:7e:0d:b9:94:f6:00:b6:2d:da:c4:bd:5b:b9:7b:f1:91:90:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:40:06 2024 GMT Not After : Oct 5 04:45:06 2025 GMT Subject: CN=61C9202D9935E64724A1A9768394D80327322351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:fd:e4:a3:93:d7:9a:68:73:ff:f7:25:46:f3: 80:3d:14:c9:e5:6f:41:48:a2:d3:e8:9d:1e:bf:ce: 69:7f:2a:6b:dd:a0:15:d8:55:2e:32:0c:01:c9:82: 1d:49:8d:0f:05:cf:a4:28:e4:c9:b6:ba:54:51:74: da:ba:56:2b:6a:64:12:9f:46:83:b6:95:e9:0e:2f: 9a:36:2e:e4:5f:17:99:3e:4a:c5:5e:c3:c3:70:69: 7c:ee:c2:90:db:04:ff:5e:6c:e1:40:ce:8a:35:68: 39:bc:88:73:d7:be:d2:93:ee:40:6f:c8:9e:7e:b7: db:f9:cf:84:4f:43:bc:12:78:ea:bc:7a:30:c2:56: bf:c9:50:c9:a4:08:9b:d5:e3:0b:fe:b0:d2:fc:87: fa:54:ca:66:2d:6e:ec:b0:20:c8:13:45:b5:57:d2: 56:4a:a4:f6:c6:e7:71:1c:c5:16:8d:09:b5:3a:81: 9a:0e:be:d7:ec:fe:6f:cf:52:66:0d:36:44:dd:e1: 8b:88:40:d6:93:3f:85:4b:6d:ad:31:95:93:fa:2d: 50:58:38:21:6e:a1:2b:2e:0b:3b:2a:cd:19:f8:a8: 61:3f:f5:b6:d3:64:1f:e3:32:b8:a7:f9:89:04:34: 16:f9:73:7a:57:fd:4f:3c:f2:84:17:58:76:0f:1b: fc:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:C9:20:2D:99:35:E6:47:24:A1:A9:76:83:94:D8:03:27:32:23:51 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199972.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:5a00::/40 Signature Algorithm: sha256WithRSAEncryption 1c:c8:b2:73:3b:88:06:d6:04:a2:5c:82:6a:33:7f:7d:59:b2: 8c:69:39:fa:65:0b:83:94:c0:c0:78:8a:db:0d:94:cd:aa:61: 72:06:b6:c5:4c:e0:1f:2b:23:02:39:03:eb:ac:f5:5a:84:16: 66:94:0d:18:85:3a:3f:86:33:2c:55:64:8a:cc:52:4f:3f:40: b1:47:e5:87:89:84:e0:65:2a:af:22:be:3a:d7:54:0a:70:3c: 56:0c:ef:b5:bd:c4:53:b6:9f:78:ca:cd:4c:b6:76:d6:42:af: e2:08:fb:04:17:e4:d4:1c:f0:28:32:60:88:81:0c:94:90:d2: 86:3c:ad:84:21:e2:40:96:c9:34:61:5b:66:b7:05:57:0e:63: 06:5b:77:84:0a:4b:92:c7:e1:19:65:21:6a:be:61:da:05:92: 2d:b7:f5:d7:1c:d3:80:df:b0:07:c9:ce:da:76:f7:77:16:e5: a5:e3:48:69:39:58:a6:40:b8:86:9b:a8:65:f0:93:45:79:0e: 66:61:75:0b:40:19:8c:af:88:2a:ae:ba:9c:7f:91:af:2c:30: f9:54:c0:7b:11:74:39:cf:13:a4:db:1a:59:eb:c2:82:d3:18: 04:ee:8b:32:8b:13:e7:a5:81:c6:21:3c:06:48:26:20:c9:3d: ce:56:cb:2a -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUdFd+DbmU9gC2LdrEvVu5e/GRkBAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDQwMDZaFw0yNTEwMDUwNDQ1MDZaMDMxMTAvBgNV BAMTKDYxQzkyMDJEOTkzNUU2NDcyNEExQTk3NjgzOTREODAzMjczMjIzNTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS/eSjk9eaaHP/9yVG84A9FMnl b0FIotPonR6/zml/KmvdoBXYVS4yDAHJgh1JjQ8Fz6Qo5Mm2ulRRdNq6VitqZBKf RoO2lekOL5o2LuRfF5k+SsVew8NwaXzuwpDbBP9ebOFAzoo1aDm8iHPXvtKT7kBv yJ5+t9v5z4RPQ7wSeOq8ejDCVr/JUMmkCJvV4wv+sNL8h/pUymYtbuywIMgTRbVX 0lZKpPbG53EcxRaNCbU6gZoOvtfs/m/PUmYNNkTd4YuIQNaTP4VLba0xlZP6LVBY OCFuoSsuCzsqzRn4qGE/9bbTZB/jMrin+YkENBb5c3pX/U888oQXWHYPG/zbAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUYckgLZk15kckoal2g5TYAycyI1EwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk5OTcyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQFowDQYJKoZIhvcNAQELBQADggEBABzI snM7iAbWBKJcgmozf31ZsoxpOfplC4OUwMB4itsNlM2qYXIGtsVM4B8rIwI5A+us 9VqEFmaUDRiFOj+GMyxVZIrMUk8/QLFH5YeJhOBlKq8ivjrXVApwPFYM77W9xFO2 n3jKzUy2dtZCr+II+wQX5NQc8CgyYIiBDJSQ0oY8rYQh4kCWyTRhW2a3BVcOYwZb d4QKS5LH4RllIWq+YdoFki239dcc04DfsAfJztp293cW5aXjSGk5WKZAuIabqGXw k0V5DmZhdQtAGYyviCquupx/ka8sMPlUwHsRdDnPE6TbGlnrwoLTGATuizKLE+el gcYhPAZIJiDJPc5Wyyo= -----END CERTIFICATE-----Generated at Thu Nov 21 17:25:45 2024 by rpki-client on console-fra.rpki-client.org