$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3531313a3a2f34382d3438203d3e20323134353433.roa File: 326130623a346530373a3531313a3a2f34382d3438203d3e20323134353433.roa (raw, json) Hash identifier: VVikk4XPrz4kB0YqI6A6WyJZn6xl5EMcD+2C4r/50LY= Subject key identifier: 5E:B8:FA:78:3A:24:A2:5D:69:2E:85:5A:46:37:82:51:6F:68:44:69 Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC Certificate serial: 28F755AC829E47549AF2E7E635048E480A149D16 Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3531313a3a2f34382d3438203d3e20323134353433.roa Signing time: Tue 25 Mar 2025 11:00:43 +0000 ROA not before: Tue 25 Mar 2025 10:55:43 +0000 ROA not after: Tue 24 Mar 2026 11:00:43 +0000 asID: 214543 IP address blocks: 2a0b:4e07:511::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.mft rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 06 Apr 2025 11:59:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:f7:55:ac:82:9e:47:54:9a:f2:e7:e6:35:04:8e:48:0a:14:9d:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC Validity Not Before: Mar 25 10:55:43 2025 GMT Not After : Mar 24 11:00:43 2026 GMT Subject: CN=5EB8FA783A24A25D692E855A463782516F684469 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:18:e6:5b:12:55:65:fe:48:f7:e5:f3:c8:e8: 4f:a4:fa:f9:9a:8e:57:15:b4:cc:32:c2:b2:1e:74: 52:5f:e4:dd:88:a0:3b:a9:1e:66:1e:08:0e:da:6a: 01:a8:b8:12:ff:aa:03:87:b3:ff:ec:0b:46:7e:5c: 6a:2c:b5:46:4a:2d:ca:56:92:4f:7b:dd:2e:b1:cd: f6:2f:82:b4:4a:08:d6:3b:4b:b3:a5:ab:49:39:9e: 84:00:ab:ed:cd:a5:2a:f9:62:94:76:fd:a0:44:d7: d3:fb:41:99:ab:82:e0:e1:43:64:6b:30:e4:7d:d6: c5:b1:10:e5:19:cd:34:64:16:c9:7e:d5:43:1f:56: af:a2:3b:bf:25:7f:98:20:d5:1c:f8:0e:e6:51:ca: 60:90:de:ed:06:f4:bd:bb:e5:36:cb:db:6a:b6:5b: e4:d0:86:78:91:ea:48:f3:85:f8:18:f0:09:03:d5: fc:d0:6c:87:d2:13:0c:7e:45:f0:be:23:ca:88:67: 77:5c:02:82:89:78:62:c0:77:64:37:f0:fa:03:bc: 38:fe:c0:68:f2:8b:13:8e:3f:54:a6:81:98:cb:82: 96:1e:8d:7a:97:05:20:59:ce:ce:01:b3:38:9f:58: a5:0e:4d:38:ee:49:51:dc:b1:41:4b:20:8f:f5:a4: 52:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:B8:FA:78:3A:24:A2:5D:69:2E:85:5A:46:37:82:51:6F:68:44:69 X509v3 Authority Key Identifier: keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3531313a3a2f34382d3438203d3e20323134353433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:4e07:511::/48 Signature Algorithm: sha256WithRSAEncryption 3b:1e:b4:ca:5c:8d:e7:b2:95:0a:e8:b5:aa:36:a9:6a:e9:e5: 83:b3:ec:b9:86:b7:bb:33:f9:cb:e4:32:23:9e:80:dd:d9:b7: e8:5f:74:66:41:ab:b2:36:91:4c:38:e3:e5:25:09:ab:26:17: 12:59:e2:21:32:48:ee:bb:42:6e:d2:b5:7f:f2:1c:1f:94:d8: d7:81:97:6b:33:e9:f3:52:14:6f:5c:34:41:36:d0:32:30:ca: 2c:4c:5f:25:73:c0:84:03:2c:b9:6e:fa:eb:10:81:1c:78:a0: ea:f1:b1:6c:1b:8d:15:67:a6:cf:95:a4:32:4f:56:f2:7f:63: 2d:ee:9c:68:46:9b:0f:de:3c:7b:6f:e4:ee:a5:53:ef:5d:1b: 8a:59:1e:b0:05:4a:55:e7:fa:99:75:9f:4f:b8:38:00:fc:16: 4c:d0:72:97:68:fa:1c:ed:27:ae:bb:ab:4f:36:af:72:d3:f5: e7:52:5b:62:0c:28:f0:97:ae:23:ce:8f:f4:6b:ac:7c:60:5b: d6:c6:9e:27:70:75:7f:77:a3:f3:cb:5b:5a:9e:5f:60:b5:08: 4c:aa:11:fb:a7:56:62:1a:9e:d5:5a:cb:cb:c1:ad:8d:de:db: 74:60:9d:0f:5c:63:ac:68:90:9a:54:51:c2:9f:bf:a4:a0:5f: 46:26:4f:ed -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUKPdVrIKeR1Sa8ufmNQSOSAoUnRYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE NTgzNDBCQzAeFw0yNTAzMjUxMDU1NDNaFw0yNjAzMjQxMTAwNDNaMDMxMTAvBgNV BAMTKDVFQjhGQTc4M0EyNEEyNUQ2OTJFODU1QTQ2Mzc4MjUxNkY2ODQ0NjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzGOZbElVl/kj35fPI6E+k+vma jlcVtMwywrIedFJf5N2IoDupHmYeCA7aagGouBL/qgOHs//sC0Z+XGostUZKLcpW kk973S6xzfYvgrRKCNY7S7Olq0k5noQAq+3NpSr5YpR2/aBE19P7QZmrguDhQ2Rr MOR91sWxEOUZzTRkFsl+1UMfVq+iO78lf5gg1Rz4DuZRymCQ3u0G9L275TbL22q2 W+TQhniR6kjzhfgY8AkD1fzQbIfSEwx+RfC+I8qIZ3dcAoKJeGLAd2Q38PoDvDj+ wGjyixOOP1SmgZjLgpYejXqXBSBZzs4BszifWKUOTTjuSVHcsUFLII/1pFJVAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUXrj6eDokol1pLoVaRjeCUW9oRGkwHwYDVR0j BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5 M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3 OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE MDJFODBCRUQ1ODM0MEJDLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2 MjNhMzQ2NTMwMzczYTM1MzEzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz NDM1MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoLTgcFETANBgkqhkiG9w0BAQsFAAOCAQEAOx60 ylyN57KVCui1qjapaunlg7PsuYa3uzP5y+QyI56A3dm36F90ZkGrsjaRTDjj5SUJ qyYXElniITJI7rtCbtK1f/IcH5TY14GXazPp81IUb1w0QTbQMjDKLExfJXPAhAMs uW766xCBHHig6vGxbBuNFWemz5WkMk9W8n9jLe6caEabD948e2/k7qVT710bilke sAVKVef6mXWfT7g4APwWTNByl2j6HO0nrrurTzavctP151JbYgwo8JeuI86P9Gus fGBb1saeJ3B1f3ej88tbWp5fYLUITKoR+6dWYhqe1VrLy8Gtjd7bdGCdD1xjrGiQ mlRRwp+/pKBfRiZP7Q== -----END CERTIFICATE-----Generated at Sun Apr 6 04:51:45 2025 by rpki-client