$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa File: 326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa (raw, json) Hash identifier: eW78302x42s0yWxTWFOWa+EI8gsEah6kU2PGz4oxB3o= Subject key identifier: F8:AE:95:BB:ED:8A:72:F8:2D:AA:E6:4C:13:4A:27:01:42:63:99:59 Certificate issuer: /CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Certificate serial: 37DD7A67CD0C8E91CC32C2F97820E7B3D3D646D4 Authority key identifier: F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa Signing time: Sun 12 Oct 2025 15:31:23 +0000 ROA not before: Sun 12 Oct 2025 15:26:23 +0000 ROA not after: Sun 11 Oct 2026 15:31:23 +0000 asID: 215470 IP address blocks: 2a14:7580:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 08:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:dd:7a:67:cd:0c:8e:91:cc:32:c2:f9:78:20:e7:b3:d3:d6:46:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Validity Not Before: Oct 12 15:26:23 2025 GMT Not After : Oct 11 15:31:23 2026 GMT Subject: CN=F8AE95BBED8A72F82DAAE64C134A270142639959 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:73:9f:ee:9d:42:4e:90:35:83:ae:0a:20:06: 08:53:39:fd:23:6a:0c:24:d9:ac:5e:05:d1:cb:7e: 7b:28:01:9d:b4:f9:33:bd:01:12:d4:56:93:f8:2f: fb:c3:34:29:0b:ea:70:07:cc:e5:cb:e6:2f:c2:b6: 80:7f:5e:c6:b0:94:50:88:a5:59:a1:c7:0f:9a:6f: 34:e5:5f:02:0c:19:c6:b7:f4:5c:f5:ab:b2:0f:a1: e6:4e:73:74:71:97:d3:12:7e:75:4f:32:d6:7d:31: f3:f6:3c:1b:9f:ff:00:38:e8:d3:77:e1:7d:40:7b: 67:e3:4e:1c:01:5d:c8:88:30:3c:f0:ff:0e:a3:38: c5:74:00:69:4b:f3:74:b1:d3:71:7f:92:49:db:87: 45:0e:2d:aa:82:a9:d7:3c:64:88:6f:dc:83:b8:95: 19:02:8e:de:50:5e:b4:7f:f8:3f:30:03:15:a4:6a: 2f:ac:68:fe:4f:18:4b:31:25:fa:29:64:a8:b0:5e: 66:1b:0a:11:bc:a9:ff:ec:53:35:40:29:d1:67:41: 54:b2:9d:3f:44:e0:ef:bd:07:a4:18:2b:18:37:4f: af:a8:65:ad:b7:4d:a6:5c:9e:81:f9:24:0a:7f:30: 4d:ed:ae:0d:e8:78:da:d2:1b:35:e6:1d:9c:31:10: f1:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:AE:95:BB:ED:8A:72:F8:2D:AA:E6:4C:13:4A:27:01:42:63:99:59 X509v3 Authority Key Identifier: keyid:F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:8000::/36 Signature Algorithm: sha256WithRSAEncryption a1:02:f9:09:35:6a:c9:1f:1e:f9:ec:42:db:13:01:7c:4e:11: 64:88:2f:4b:79:ee:ba:51:1b:9b:b3:3e:5f:58:07:90:39:0c: 63:d7:d1:cc:33:95:80:64:d1:93:33:0d:cc:91:b0:b0:0c:94: f4:f0:97:00:55:db:2a:d0:e6:b2:aa:eb:c9:03:2a:30:d0:3f: a5:db:65:ab:c4:77:f1:c4:13:3c:50:25:61:76:4e:91:53:7d: bb:4b:de:fc:6f:9f:7f:04:2f:77:5d:bf:67:73:70:13:1d:5b: 46:34:96:d2:f1:23:0f:72:0a:98:dc:34:b7:2e:28:32:3e:ca: 45:57:08:21:4b:0d:3f:3e:b9:3f:1b:71:5d:35:ad:d2:8c:a5: 58:f7:4d:b8:0e:2d:07:65:ab:8c:aa:30:96:f6:f1:5d:78:18: ff:b8:3b:94:e9:35:87:2d:1a:d3:39:52:bd:8f:bc:2c:21:79: 3d:59:5a:b3:73:ef:aa:ed:f7:eb:86:f8:f8:7e:7e:06:23:c5: 23:8b:3e:79:04:4d:9d:69:78:77:89:eb:e9:10:7e:1a:62:42: 06:6a:61:c3:59:24:76:c2:bd:e0:b2:f1:73:f5:44:d6:3d:fd: f2:b8:0b:1d:55:25:ae:fe:e9:a4:54:da:3d:b7:11:b2:c2:1d: 51:07:72:d7 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUN916Z80MjpHMMsL5eCDns9PWRtQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENG OTM5RjRGNDAeFw0yNTEwMTIxNTI2MjNaFw0yNjEwMTExNTMxMjNaMDMxMTAvBgNV BAMTKEY4QUU5NUJCRUQ4QTcyRjgyREFBRTY0QzEzNEEyNzAxNDI2Mzk5NTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZc5/unUJOkDWDrgogBghTOf0j agwk2axeBdHLfnsoAZ20+TO9ARLUVpP4L/vDNCkL6nAHzOXL5i/CtoB/XsawlFCI pVmhxw+abzTlXwIMGca39Fz1q7IPoeZOc3Rxl9MSfnVPMtZ9MfP2PBuf/wA46NN3 4X1Ae2fjThwBXciIMDzw/w6jOMV0AGlL83Sx03F/kknbh0UOLaqCqdc8ZIhv3IO4 lRkCjt5QXrR/+D8wAxWkai+saP5PGEsxJfopZKiwXmYbChG8qf/sUzVAKdFnQVSy nT9E4O+9B6QYKxg3T6+oZa23TaZcnoH5JAp/ME3trg3oeNrSGzXmHZwxEPGrAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQU+K6Vu+2KcvgtquZME0onAUJjmVkwHwYDVR0j BBgwFoAU9ABy/9wPGxWmnlvHmi9YjPk59PQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTlhYTlkYTctZjFlNC00ZDk4LWJmOTUtOWZkZmNmNDQ4 Zjc3LzAvRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENGOTM5RjRGNC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNDAwNzJGRkRDMEYxQjE1QTY5RTVCQzc5 QTJGNTg4Q0Y5MzlGNEY0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8xOWFhOWRhNy1mMWU0LTRkOTgtYmY5NS05ZmRmY2Y0NDhmNzcvMC8zMjYxMzEz NDNhMzczNTM4MzAzYTM4MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz MTM1MzQzNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1gIAwDQYJKoZIhvcNAQELBQADggEBAKEC +Qk1askfHvnsQtsTAXxOEWSIL0t57rpRG5uzPl9YB5A5DGPX0cwzlYBk0ZMzDcyR sLAMlPTwlwBV2yrQ5rKq68kDKjDQP6XbZavEd/HEEzxQJWF2TpFTfbtL3vxvn38E L3ddv2dzcBMdW0Y0ltLxIw9yCpjcNLcuKDI+ykVXCCFLDT8+uT8bcV01rdKMpVj3 TbgOLQdlq4yqMJb28V14GP+4O5TpNYctGtM5Ur2PvCwheT1ZWrNz76rt9+uG+Ph+ fgYjxSOLPnkETZ1peHeJ6+kQfhpiQgZqYcNZJHbCveCy8XP1RNY9/fK4Cx1VJa7+ 6aRU2j23EbLCHVEHctc= -----END CERTIFICATE-----Generated at Fri Oct 24 16:59:16 2025 by rpki-client