$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663330313a3a2f34382d3438203d3e20323135343730.roa File: 326131343a373538303a663330313a3a2f34382d3438203d3e20323135343730.roa (raw, json) Hash identifier: AE4p/Aixbf8sW/I3bLOtRbnycH5RSiNSfyRxjv0S1Bw= Subject key identifier: E5:37:6A:BC:48:A8:AA:19:BA:61:F0:57:26:2E:CC:15:33:35:2A:CF Certificate issuer: /CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Certificate serial: 0E0227A579B346440FAF5AC56B2CF989A8EE08EA Authority key identifier: F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663330313a3a2f34382d3438203d3e20323135343730.roa Signing time: Sun 28 Sep 2025 15:05:53 +0000 ROA not before: Sun 28 Sep 2025 15:00:53 +0000 ROA not after: Sun 27 Sep 2026 15:05:53 +0000 asID: 215470 IP address blocks: 2a14:7580:f301::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 08:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:02:27:a5:79:b3:46:44:0f:af:5a:c5:6b:2c:f9:89:a8:ee:08:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Validity Not Before: Sep 28 15:00:53 2025 GMT Not After : Sep 27 15:05:53 2026 GMT Subject: CN=E5376ABC48A8AA19BA61F057262ECC1533352ACF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:00:d5:7b:6c:db:ad:fe:50:fd:07:7c:0c:42: 8c:10:b9:12:3e:85:86:8a:3c:1d:e2:d2:11:6f:05: 4f:81:01:7d:6f:08:c4:a3:ea:a2:a7:88:51:2f:29: b1:c5:e3:6b:0b:ec:da:be:a9:07:cd:52:8c:9e:44: 21:e1:f7:6c:90:61:97:e4:2e:9b:86:86:73:c3:66: e8:cd:8e:0c:d3:78:bb:1f:59:56:cd:8d:5b:37:45: 83:15:e2:65:e8:ef:e3:be:d2:50:7a:03:db:8d:df: f6:c7:45:32:62:7d:35:4a:52:38:8b:98:3c:47:57: 3c:23:43:d8:3a:4f:bb:ce:09:15:59:e4:54:3c:72: a5:9e:29:c5:36:66:dd:45:0b:40:0a:77:13:cd:00: 9f:08:37:9a:a1:47:63:be:18:1e:01:b8:ca:ec:89: 6e:8b:20:63:f1:e6:a6:0b:86:3b:19:b6:36:f3:94: c0:0a:4f:c3:c9:1d:df:44:03:1d:c5:86:0d:f7:6e: 8e:56:60:a4:99:9e:fe:a5:6d:43:ee:7a:55:2c:7d: 18:b7:a2:86:92:55:e8:71:67:b0:83:e9:c1:16:dd: 36:f2:b2:61:94:f6:49:bd:ff:cb:2a:ad:9b:0f:cb: ab:43:5f:02:d1:0e:ab:ce:e8:81:29:45:37:ab:cf: 31:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:37:6A:BC:48:A8:AA:19:BA:61:F0:57:26:2E:CC:15:33:35:2A:CF X509v3 Authority Key Identifier: keyid:F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663330313a3a2f34382d3438203d3e20323135343730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:f301::/48 Signature Algorithm: sha256WithRSAEncryption 16:5c:54:b8:e5:ef:1a:a5:41:e1:5a:47:0e:d0:79:d7:73:c4: e7:ac:0c:c2:2a:42:7f:7c:86:ef:88:37:ba:b0:df:9e:19:3b: 24:95:ef:e7:e5:96:63:2f:16:34:9e:68:a5:32:50:b0:f4:ac: b4:4b:2d:b2:84:51:ac:68:e4:4b:e4:8a:d6:ac:ae:59:06:dd: 42:96:a3:61:97:5b:14:37:5b:b4:61:2b:ca:a5:e7:09:14:9b: 25:45:6f:c6:c0:e5:49:a5:48:34:22:c7:da:44:34:16:54:9b: 30:24:ca:88:d5:73:de:e7:bf:f0:e1:6f:0c:d0:2a:ae:4e:66: 2f:ad:1a:3e:7f:7c:66:a3:95:9a:cb:69:f8:9a:92:df:ac:6f: 36:2d:94:82:aa:24:4f:48:bb:b8:7a:c2:d7:00:59:0a:0d:c3: 31:37:f7:6b:ea:47:16:b5:3b:44:17:25:4c:89:f9:40:f5:5b: 91:c4:89:47:71:55:b8:c2:48:14:48:a9:b4:0a:11:8c:7f:8f: fb:d2:c2:b3:29:f1:9a:2a:63:48:97:05:9c:fe:a0:10:a6:66: 67:11:e3:32:ce:2a:84:6e:17:ba:03:1f:50:b6:48:fa:df:cc: ce:f4:7e:14:ad:e7:73:10:6e:47:fc:df:63:49:ea:99:79:bc: d3:a2:03:ef -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUDgInpXmzRkQPr1rFayz5iajuCOowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENG OTM5RjRGNDAeFw0yNTA5MjgxNTAwNTNaFw0yNjA5MjcxNTA1NTNaMDMxMTAvBgNV BAMTKEU1Mzc2QUJDNDhBOEFBMTlCQTYxRjA1NzI2MkVDQzE1MzMzNTJBQ0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUANV7bNut/lD9B3wMQowQuRI+ hYaKPB3i0hFvBU+BAX1vCMSj6qKniFEvKbHF42sL7Nq+qQfNUoyeRCHh92yQYZfk LpuGhnPDZujNjgzTeLsfWVbNjVs3RYMV4mXo7+O+0lB6A9uN3/bHRTJifTVKUjiL mDxHVzwjQ9g6T7vOCRVZ5FQ8cqWeKcU2Zt1FC0AKdxPNAJ8IN5qhR2O+GB4BuMrs iW6LIGPx5qYLhjsZtjbzlMAKT8PJHd9EAx3Fhg33bo5WYKSZnv6lbUPuelUsfRi3 ooaSVehxZ7CD6cEW3TbysmGU9km9/8sqrZsPy6tDXwLRDqvO6IEpRTerzzEHAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU5TdqvEioqhm6YfBXJi7MFTM1Ks8wHwYDVR0j BBgwFoAU9ABy/9wPGxWmnlvHmi9YjPk59PQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTlhYTlkYTctZjFlNC00ZDk4LWJmOTUtOWZkZmNmNDQ4 Zjc3LzAvRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENGOTM5RjRGNC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNDAwNzJGRkRDMEYxQjE1QTY5RTVCQzc5 QTJGNTg4Q0Y5MzlGNEY0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8xOWFhOWRhNy1mMWU0LTRkOTgtYmY5NS05ZmRmY2Y0NDhmNzcvMC8zMjYxMzEz NDNhMzczNTM4MzAzYTY2MzMzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM1MzQzNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gPMBMA0GCSqGSIb3DQEBCwUAA4IBAQAW XFS45e8apUHhWkcO0HnXc8TnrAzCKkJ/fIbviDe6sN+eGTskle/n5ZZjLxY0nmil MlCw9Ky0Sy2yhFGsaORL5IrWrK5ZBt1ClqNhl1sUN1u0YSvKpecJFJslRW/GwOVJ pUg0IsfaRDQWVJswJMqI1XPe57/w4W8M0CquTmYvrRo+f3xmo5Way2n4mpLfrG82 LZSCqiRPSLu4esLXAFkKDcMxN/dr6kcWtTtEFyVMiflA9VuRxIlHcVW4wkgUSKm0 ChGMf4/70sKzKfGaKmNIlwWc/qAQpmZnEeMyziqEbhe6Ax9Qtkj638zO9H4Uredz EG5H/N9jSeqZebzTogPv -----END CERTIFICATE-----Generated at Fri Oct 24 16:59:17 2025 by rpki-client