$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0ef4267e-d149-41e9-bd94-3c51043d2c5b/0/326131343a373538303a6330303a3a2f34302d3438203d3e20313938303235.roa File: 326131343a373538303a6330303a3a2f34302d3438203d3e20313938303235.roa (raw, json) Hash identifier: SmK/qRdmMgqpKRzEC7oHEgUtqCIOOpsXebSJKkFh9gk= Subject key identifier: 20:31:73:01:11:DB:01:C8:A4:74:0D:11:B4:13:3A:C7:C3:DE:3C:B4 Certificate issuer: /CN=6B5432AF3212182697F0E937473AF3EB52E68EA2 Certificate serial: 32B71986002E93B88536D9673E79E23DDC4998BB Authority key identifier: 6B:54:32:AF:32:12:18:26:97:F0:E9:37:47:3A:F3:EB:52:E6:8E:A2 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/6B5432AF3212182697F0E937473AF3EB52E68EA2.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0ef4267e-d149-41e9-bd94-3c51043d2c5b/0/326131343a373538303a6330303a3a2f34302d3438203d3e20313938303235.roa Signing time: Sun 09 Mar 2025 08:21:12 +0000 ROA not before: Sun 09 Mar 2025 08:16:12 +0000 ROA not after: Sun 08 Mar 2026 08:21:12 +0000 asID: 198025 IP address blocks: 2a14:7580:c00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0ef4267e-d149-41e9-bd94-3c51043d2c5b/0/6B5432AF3212182697F0E937473AF3EB52E68EA2.crl rsync://rsync.paas.rpki.ripe.net/repository/0ef4267e-d149-41e9-bd94-3c51043d2c5b/0/6B5432AF3212182697F0E937473AF3EB52E68EA2.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/6B5432AF3212182697F0E937473AF3EB52E68EA2.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 06 Apr 2025 09:55:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:b7:19:86:00:2e:93:b8:85:36:d9:67:3e:79:e2:3d:dc:49:98:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6B5432AF3212182697F0E937473AF3EB52E68EA2 Validity Not Before: Mar 9 08:16:12 2025 GMT Not After : Mar 8 08:21:12 2026 GMT Subject: CN=2031730111DB01C8A4740D11B4133AC7C3DE3CB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bb:53:73:c0:25:dd:d6:0e:61:a7:cc:15:e7: 60:f5:b1:77:07:99:17:ae:a5:33:0f:48:4a:d6:40: 49:8e:8f:c8:0f:98:a4:97:ac:78:18:c8:e7:1e:b3: 92:30:58:18:21:59:61:cc:ae:b3:57:ae:e0:54:cf: 6f:fe:83:65:7b:e1:af:01:74:35:59:54:8b:73:ce: 61:1c:d3:67:e6:01:51:9f:4a:85:52:4a:69:4e:1f: a6:b8:0c:69:fe:02:19:33:e7:13:14:23:0e:2c:62: c1:b8:94:51:b4:ee:3b:90:a6:d9:8a:7b:7b:0b:f1: 13:72:e1:f6:1e:3e:80:4f:6d:9b:69:d7:7b:72:30: fa:89:d7:03:81:de:45:4e:23:75:55:af:00:2c:08: 75:77:d0:02:f9:49:66:2c:7b:4b:18:c2:53:e8:84: b8:43:54:98:09:e4:70:13:5e:6b:79:6d:00:f7:20: ef:f3:83:e5:7e:c7:df:29:8f:4d:c1:1a:c5:a0:d0: 30:98:6d:4e:86:71:28:f0:f8:ec:1a:85:5f:eb:95: 20:ce:b3:92:b0:db:bd:f3:ee:cf:4d:59:92:3f:8a: cf:a8:b2:4b:9e:e2:4d:45:90:ce:ca:a9:a3:31:ed: bf:35:e2:87:23:e7:67:df:24:75:70:fc:ab:85:d6: cb:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:31:73:01:11:DB:01:C8:A4:74:0D:11:B4:13:3A:C7:C3:DE:3C:B4 X509v3 Authority Key Identifier: keyid:6B:54:32:AF:32:12:18:26:97:F0:E9:37:47:3A:F3:EB:52:E6:8E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0ef4267e-d149-41e9-bd94-3c51043d2c5b/0/6B5432AF3212182697F0E937473AF3EB52E68EA2.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/6B5432AF3212182697F0E937473AF3EB52E68EA2.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0ef4267e-d149-41e9-bd94-3c51043d2c5b/0/326131343a373538303a6330303a3a2f34302d3438203d3e20313938303235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:c00::/40 Signature Algorithm: sha256WithRSAEncryption 35:11:ab:06:2b:6f:9a:10:79:71:79:cc:26:a7:1f:8d:fc:8e: 16:cd:2d:29:f6:bf:06:f2:72:09:b1:be:13:68:0d:72:e2:a6: 5d:dc:3d:6e:aa:69:ac:31:86:fb:88:de:32:03:3f:b7:33:f1: 2c:c6:56:63:aa:1a:d1:89:49:fa:15:b2:24:e9:a4:8b:e8:aa: 3a:75:90:b8:c5:12:48:3c:11:ea:85:16:b5:e2:6e:d8:5f:95: d4:dd:18:75:6a:ba:d8:53:d1:36:75:2a:ed:9f:b5:ff:92:7d: 24:36:39:cf:4b:27:50:3e:2a:f4:f9:14:68:d3:81:42:15:3d: ad:53:f0:a7:c5:d3:21:fe:c9:b4:9b:74:6b:49:f8:6b:f4:df: 07:b2:40:0a:ee:d0:a5:19:12:a5:ba:e3:dc:f4:b4:50:90:2a: 47:7b:7c:ec:f0:0c:83:70:99:3a:5c:ca:a2:c6:a5:f7:5e:62: 9a:77:fc:f7:5c:66:fb:c3:2b:f6:b4:93:e0:7f:d1:a1:bd:99: d7:73:04:65:d7:56:c1:aa:43:fe:ab:a1:a4:a2:e2:fd:9a:0b: 24:88:a0:13:46:75:c2:9c:75:ca:4f:d1:a8:3a:ce:55:18:4c: 79:6e:a9:c2:b7:e2:de:d1:54:9c:bd:d8:7f:d8:c9:f9:1c:7e: 0d:c9:de:38 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUMrcZhgAuk7iFNtlnPnniPdxJmLswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkI1NDMyQUYzMjEyMTgyNjk3RjBFOTM3NDczQUYzRUI1 MkU2OEVBMjAeFw0yNTAzMDkwODE2MTJaFw0yNjAzMDgwODIxMTJaMDMxMTAvBgNV BAMTKDIwMzE3MzAxMTFEQjAxQzhBNDc0MEQxMUI0MTMzQUM3QzNERTNDQjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHu1NzwCXd1g5hp8wV52D1sXcH mReupTMPSErWQEmOj8gPmKSXrHgYyOces5IwWBghWWHMrrNXruBUz2/+g2V74a8B dDVZVItzzmEc02fmAVGfSoVSSmlOH6a4DGn+Ahkz5xMUIw4sYsG4lFG07juQptmK e3sL8RNy4fYePoBPbZtp13tyMPqJ1wOB3kVOI3VVrwAsCHV30AL5SWYse0sYwlPo hLhDVJgJ5HATXmt5bQD3IO/zg+V+x98pj03BGsWg0DCYbU6GcSjw+OwahV/rlSDO s5Kw273z7s9NWZI/is+oskue4k1FkM7KqaMx7b814ocj52ffJHVw/KuF1stNAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUIDFzARHbAcikdA0RtBM6x8PePLQwHwYDVR0j BBgwFoAUa1QyrzISGCaX8Ok3Rzrz61LmjqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGVmNDI2N2UtZDE0OS00MWU5LWJkOTQtM2M1MTA0M2Qy YzViLzAvNkI1NDMyQUYzMjEyMTgyNjk3RjBFOTM3NDczQUYzRUI1MkU2OEVBMi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC82QjU0MzJBRjMyMTIxODI2OTdGMEU5Mzc0 NzNBRjNFQjUyRTY4RUEyLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8wZWY0MjY3ZS1kMTQ5LTQxZTktYmQ5NC0zYzUxMDQzZDJjNWIvMC8zMjYxMzEz NDNhMzczNTM4MzAzYTYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkz ODMwMzIzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYAMMA0GCSqGSIb3DQEBCwUAA4IBAQA1EasG K2+aEHlxecwmpx+N/I4WzS0p9r8G8nIJsb4TaA1y4qZd3D1uqmmsMYb7iN4yAz+3 M/EsxlZjqhrRiUn6FbIk6aSL6Ko6dZC4xRJIPBHqhRa14m7YX5XU3Rh1arrYU9E2 dSrtn7X/kn0kNjnPSydQPir0+RRo04FCFT2tU/CnxdMh/sm0m3RrSfhr9N8HskAK 7tClGRKluuPc9LRQkCpHe3zs8AyDcJk6XMqixqX3XmKad/z3XGb7wyv2tJPgf9Gh vZnXcwRl11bBqkP+q6GkouL9mgskiKATRnXCnHXKT9GoOs5VGEx5bqnCt+Le0VSc vdh/2Mn5HH4Nyd44 -----END CERTIFICATE-----Generated at Sat Apr 5 21:22:47 2025 by rpki-client