$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663332303a3a2f34342d3434203d3e20323135343730.roa File: 326131343a373538303a663332303a3a2f34342d3434203d3e20323135343730.roa (raw, json) Hash identifier: XgYHMfBb1tBckmqvYy7acYD3hSj36S+vN34vUn5oaD4= Subject key identifier: 10:B9:86:B7:26:6B:BA:C2:D6:57:41:F7:8A:8A:80:F5:86:33:CF:35 Certificate issuer: /CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Certificate serial: 67B038A378B8A4B51FB9FE8A1AE2D8917DFFC80A Authority key identifier: F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663332303a3a2f34342d3434203d3e20323135343730.roa Signing time: Thu 27 Feb 2025 06:15:21 +0000 ROA not before: Thu 27 Feb 2025 06:10:21 +0000 ROA not after: Thu 26 Feb 2026 06:15:21 +0000 asID: 215470 IP address blocks: 2a14:7580:f320::/44 maxlen: 44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 13:49:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:b0:38:a3:78:b8:a4:b5:1f:b9:fe:8a:1a:e2:d8:91:7d:ff:c8:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4 Validity Not Before: Feb 27 06:10:21 2025 GMT Not After : Feb 26 06:15:21 2026 GMT Subject: CN=10B986B7266BBAC2D65741F78A8A80F58633CF35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:fb:6f:3c:45:79:4b:72:ac:f9:16:6c:23:bd: 3a:9a:ab:c8:1d:81:cc:cc:e0:59:e7:b7:de:ab:d5: 44:5a:23:af:ea:17:82:3e:0b:a0:6f:40:a7:53:7e: 7e:11:3f:f7:23:d6:89:63:4c:84:ab:0a:b1:f0:f3: 84:b6:ee:1c:30:48:40:10:f8:9b:3c:91:ce:60:87: b2:ee:83:fc:e9:cf:ea:cc:83:03:48:d4:61:ea:48: ed:f5:ca:f8:74:c6:3e:36:71:e3:6b:cf:7c:60:7a: d7:ae:a9:74:1b:20:72:5f:04:a4:73:51:47:ff:f4: b3:74:08:00:3f:d1:d1:7e:71:60:c0:6c:4c:33:c3: c2:53:b3:93:d3:09:31:75:a8:88:98:8c:4c:22:e5: bd:6e:b2:a1:07:46:8a:e4:44:56:44:57:fd:97:67: b7:a3:6c:05:9c:c5:87:27:72:08:c9:40:03:be:61: 21:f1:bf:8b:6f:ab:74:02:90:a1:5a:27:5e:9f:e4: 8e:63:90:9d:e7:27:02:72:f0:66:6c:45:1a:58:a9: af:5a:f6:ba:23:0d:7f:39:2f:8c:0e:ee:9a:67:05: 6e:d2:44:9d:dd:3e:61:c4:02:33:06:0a:8d:7d:46: 4e:67:fb:82:5d:71:41:20:71:79:5e:af:4d:48:3d: 68:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:B9:86:B7:26:6B:BA:C2:D6:57:41:F7:8A:8A:80:F5:86:33:CF:35 X509v3 Authority Key Identifier: keyid:F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663332303a3a2f34342d3434203d3e20323135343730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:f320::/44 Signature Algorithm: sha256WithRSAEncryption 12:e3:42:16:19:23:06:d6:6d:d8:af:6f:8e:bb:cf:8b:d6:00: 59:ca:72:3b:81:75:98:3c:cb:c7:dc:75:37:55:3e:0d:77:a5: 6a:ad:68:67:c4:ff:b3:5c:14:e5:8d:b3:31:86:3f:08:57:7f: 18:8d:8d:35:ad:50:44:0e:ba:86:8a:54:3d:e3:fe:b7:72:cf: f3:44:4e:c5:d7:02:4b:00:06:6c:13:56:83:a9:99:24:92:e2: 3d:51:39:05:f3:29:aa:41:be:b8:d7:78:af:5e:d8:90:d2:8f: af:a3:75:9a:48:68:e6:02:cd:26:e9:db:8e:a9:99:fb:93:f9: 2d:e4:47:01:7f:73:1d:d8:db:dc:0d:23:5f:43:64:a6:a5:34: 75:ea:c7:13:bb:5f:38:55:71:36:3b:72:5f:88:8d:24:b5:b6: ff:cb:a2:15:1a:87:93:46:33:54:1a:b4:96:a5:62:cd:0f:47: 06:00:dd:c8:1a:93:fb:f0:a8:7b:d1:a7:77:2f:b8:7f:c1:ee: e0:c1:35:1d:eb:59:b1:cd:20:98:64:fe:be:e0:1e:a7:35:a6: 22:eb:42:03:05:80:83:b9:02:8e:12:73:43:e3:72:ba:51:31: 83:8d:8d:6a:f6:aa:af:a2:bd:43:ce:2a:68:31:ad:e5:55:f2: 5f:31:6c:61 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUZ7A4o3i4pLUfuf6KGuLYkX3/yAowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENG OTM5RjRGNDAeFw0yNTAyMjcwNjEwMjFaFw0yNjAyMjYwNjE1MjFaMDMxMTAvBgNV BAMTKDEwQjk4NkI3MjY2QkJBQzJENjU3NDFGNzhBOEE4MEY1ODYzM0NGMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI+288RXlLcqz5FmwjvTqaq8gd gczM4Fnnt96r1URaI6/qF4I+C6BvQKdTfn4RP/cj1oljTISrCrHw84S27hwwSEAQ +Js8kc5gh7Lug/zpz+rMgwNI1GHqSO31yvh0xj42ceNrz3xgeteuqXQbIHJfBKRz UUf/9LN0CAA/0dF+cWDAbEwzw8JTs5PTCTF1qIiYjEwi5b1usqEHRorkRFZEV/2X Z7ejbAWcxYcncgjJQAO+YSHxv4tvq3QCkKFaJ16f5I5jkJ3nJwJy8GZsRRpYqa9a 9rojDX85L4wO7ppnBW7SRJ3dPmHEAjMGCo19Rk5n+4JdcUEgcXler01IPWiNAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUELmGtyZrusLWV0H3ioqA9YYzzzUwHwYDVR0j BBgwFoAU9ABy/9wPGxWmnlvHmi9YjPk59PQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTlhYTlkYTctZjFlNC00ZDk4LWJmOTUtOWZkZmNmNDQ4 Zjc3LzAvRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENGOTM5RjRGNC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNDAwNzJGRkRDMEYxQjE1QTY5RTVCQzc5 QTJGNTg4Q0Y5MzlGNEY0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8xOWFhOWRhNy1mMWU0LTRkOTgtYmY5NS05ZmRmY2Y0NDhmNzcvMC8zMjYxMzEz NDNhMzczNTM4MzAzYTY2MzMzMjMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz MTM1MzQzNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gPMgMA0GCSqGSIb3DQEBCwUAA4IBAQAS 40IWGSMG1m3Yr2+Ou8+L1gBZynI7gXWYPMvH3HU3VT4Nd6VqrWhnxP+zXBTljbMx hj8IV38YjY01rVBEDrqGilQ94/63cs/zRE7F1wJLAAZsE1aDqZkkkuI9UTkF8ymq Qb6413ivXtiQ0o+vo3WaSGjmAs0m6duOqZn7k/kt5EcBf3Md2NvcDSNfQ2SmpTR1 6scTu184VXE2O3JfiI0ktbb/y6IVGoeTRjNUGrSWpWLND0cGAN3IGpP78Kh70ad3 L7h/we7gwTUd61mxzSCYZP6+4B6nNaYi60IDBYCDuQKOEnND43K6UTGDjY1q9qqv or1DzipoMa3lVfJfMWxh -----END CERTIFICATE-----Generated at Sat Apr 5 04:35:41 2025 by rpki-client