$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa File: 326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa (raw, json) Hash identifier: ibb68AQAVWJMES3NYRBIOdUeHnGKp+tFUocAxCKgPEU= Subject key identifier: 59:56:99:4C:21:AC:3A:3C:E9:3C:93:75:49:3A:D8:2B:7B:0A:5F:96 Certificate issuer: /CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Certificate serial: 13A83AAF58025B172DA22FE272C4FA599C45F6C7 Authority key identifier: F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa Signing time: Sun 10 Nov 2024 14:48:33 +0000 ROA not before: Sun 10 Nov 2024 14:43:33 +0000 ROA not after: Sun 09 Nov 2025 14:48:33 +0000 asID: 215470 IP address blocks: 2a14:7580:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 21 Nov 2024 17:56:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:a8:3a:af:58:02:5b:17:2d:a2:2f:e2:72:c4:fa:59:9c:45:f6:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Validity Not Before: Nov 10 14:43:33 2024 GMT Not After : Nov 9 14:48:33 2025 GMT Subject: CN=5956994C21AC3A3CE93C9375493AD82B7B0A5F96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:19:28:45:66:09:2e:b9:da:79:21:0d:3e:ce: 0e:ea:ad:36:41:a1:6b:39:41:65:9c:79:d4:08:6c: 8e:11:a5:91:91:cb:b7:bf:41:49:27:e9:e4:f3:98: 9f:25:54:ea:e4:eb:6a:84:d1:80:26:ba:cd:34:7c: eb:67:d5:cd:f1:68:e6:91:f3:88:2f:e1:96:d7:19: 00:df:62:ce:17:93:be:b7:c7:40:3d:a9:19:a8:06: d0:bc:3f:16:33:3a:a3:12:87:74:44:3a:eb:74:6b: 57:31:23:c5:a1:e7:d0:33:ed:b3:63:88:03:64:e8: 14:96:ff:c5:d6:c9:62:3e:0e:bd:ed:5d:86:41:3e: 83:6b:ee:2f:f4:82:ed:da:8c:ad:ed:bc:b7:bf:0f: 65:58:bc:4e:09:34:a2:5b:66:c7:1e:a8:96:9d:81: 24:93:a4:dd:8e:ca:bd:9b:8d:56:a1:ce:79:8d:dc: 61:f0:34:3d:6e:ca:5f:df:3d:9d:ca:0a:aa:99:94: 8a:d7:a7:53:68:b0:de:94:0a:59:f7:f3:97:bc:f7: 43:bf:77:6e:9d:51:3d:21:8e:8d:f4:5f:e1:95:3f: eb:8f:30:80:73:f2:c1:6d:10:4c:71:80:f5:f0:40: 8f:0c:a3:be:03:72:73:3a:72:b3:2f:18:d7:20:0d: 13:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:56:99:4C:21:AC:3A:3C:E9:3C:93:75:49:3A:D8:2B:7B:0A:5F:96 X509v3 Authority Key Identifier: keyid:F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:8000::/36 Signature Algorithm: sha256WithRSAEncryption b1:e0:00:d6:59:e3:11:d4:eb:01:bc:62:cc:bc:af:d7:72:fe: be:42:08:a3:9b:25:f8:e9:8e:84:a3:93:a0:ff:67:9a:28:fd: 7e:dd:c6:4d:83:f0:f8:7c:7e:70:4d:cd:18:e9:e8:67:e3:42: f0:2c:51:76:4a:83:8c:d0:50:c9:2c:8e:1e:74:b3:01:86:53: 0f:45:8d:a2:be:c6:fa:1e:09:39:78:88:7d:7d:cf:3b:03:57: 21:65:1c:c4:1e:22:bb:9d:5a:5a:8d:f4:c6:b7:6a:2d:0a:6c: 64:11:96:59:77:9a:f0:6a:48:ff:6d:6c:e9:9b:38:52:19:90: 36:d5:67:5e:1c:30:d9:50:04:3a:e7:1b:dc:e2:4d:20:d6:b7: bb:c6:a1:e7:01:5d:e0:99:4f:fb:16:a3:27:7f:d1:6f:86:70: f0:e7:71:4b:71:86:1e:6a:e5:44:7c:0d:cf:03:6b:db:42:ca: 6b:28:0b:93:a1:72:db:28:fe:64:8f:ac:ee:86:7f:36:1b:b9: 9e:a6:58:4e:50:78:27:86:50:10:be:9c:bb:a4:0c:ee:82:24: 82:df:57:7f:66:57:75:9a:5a:e9:c8:65:02:82:a6:11:0f:a1: 63:55:26:96:f8:da:60:cf:2a:39:a0:d3:90:89:90:22:8b:8e: 69:cf:c1:c9 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUE6g6r1gCWxctoi/icsT6WZxF9scwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENG OTM5RjRGNDAeFw0yNDExMTAxNDQzMzNaFw0yNTExMDkxNDQ4MzNaMDMxMTAvBgNV BAMTKDU5NTY5OTRDMjFBQzNBM0NFOTNDOTM3NTQ5M0FEODJCN0IwQTVGOTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAGShFZgkuudp5IQ0+zg7qrTZB oWs5QWWcedQIbI4RpZGRy7e/QUkn6eTzmJ8lVOrk62qE0YAmus00fOtn1c3xaOaR 84gv4ZbXGQDfYs4Xk763x0A9qRmoBtC8PxYzOqMSh3REOut0a1cxI8Wh59Az7bNj iANk6BSW/8XWyWI+Dr3tXYZBPoNr7i/0gu3ajK3tvLe/D2VYvE4JNKJbZsceqJad gSSTpN2Oyr2bjVahznmN3GHwND1uyl/fPZ3KCqqZlIrXp1NosN6UCln385e890O/ d26dUT0hjo30X+GVP+uPMIBz8sFtEExxgPXwQI8Mo74DcnM6crMvGNcgDRNNAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUWVaZTCGsOjzpPJN1STrYK3sKX5YwHwYDVR0j BBgwFoAU9ABy/9wPGxWmnlvHmi9YjPk59PQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTlhYTlkYTctZjFlNC00ZDk4LWJmOTUtOWZkZmNmNDQ4 Zjc3LzAvRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENGOTM5RjRGNC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNDAwNzJGRkRDMEYxQjE1QTY5RTVCQzc5 QTJGNTg4Q0Y5MzlGNEY0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8xOWFhOWRhNy1mMWU0LTRkOTgtYmY5NS05ZmRmY2Y0NDhmNzcvMC8zMjYxMzEz NDNhMzczNTM4MzAzYTM4MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz MTM1MzQzNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1gIAwDQYJKoZIhvcNAQELBQADggEBALHg ANZZ4xHU6wG8Ysy8r9dy/r5CCKObJfjpjoSjk6D/Z5oo/X7dxk2D8Ph8fnBNzRjp 6GfjQvAsUXZKg4zQUMksjh50swGGUw9FjaK+xvoeCTl4iH19zzsDVyFlHMQeIrud WlqN9Ma3ai0KbGQRlll3mvBqSP9tbOmbOFIZkDbVZ14cMNlQBDrnG9ziTSDWt7vG oecBXeCZT/sWoyd/0W+GcPDncUtxhh5q5UR8Dc8Da9tCymsoC5Ohctso/mSPrO6G fzYbuZ6mWE5QeCeGUBC+nLukDO6CJILfV39mV3WaWunIZQKCphEPoWNVJpb42mDP Kjmg05CJkCKLjmnPwck= -----END CERTIFICATE-----Generated at Thu Nov 21 09:56:30 2024 by rpki-client on console-fra.rpki-client.org