$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230373a3a2f34382d3438203d3e20323136333234.roa File: 326131343a373538313a3230373a3a2f34382d3438203d3e20323136333234.roa (raw, json) Hash identifier: U2ia1BZMBmWqT0U3lB0AwXV5OiguRKereHxdI3kXbvs= Subject key identifier: 8A:3C:A0:B8:8F:D6:40:87:DA:EB:4E:0E:9C:A4:66:EA:2A:D8:CF:EC Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11 Certificate serial: 7A2D2F8CCC7053FA74D719F5EF3A1EF611F82B80 Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230373a3a2f34382d3438203d3e20323136333234.roa Signing time: Fri 24 Oct 2025 16:03:07 +0000 ROA not before: Fri 24 Oct 2025 15:58:07 +0000 ROA not after: Fri 23 Oct 2026 16:03:07 +0000 asID: 216324 IP address blocks: 2a14:7581:207::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 18:11:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:2d:2f:8c:cc:70:53:fa:74:d7:19:f5:ef:3a:1e:f6:11:f8:2b:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11 Validity Not Before: Oct 24 15:58:07 2025 GMT Not After : Oct 23 16:03:07 2026 GMT Subject: CN=8A3CA0B88FD64087DAEB4E0E9CA466EA2AD8CFEC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6e:06:f0:e4:af:fe:85:81:5d:1b:f0:53:25: 3c:f0:37:f7:0b:cf:44:4c:3b:76:1c:0a:ea:b1:90: b9:44:fc:08:86:a7:6e:d4:40:39:4f:75:2e:45:9c: ce:12:dd:44:d6:14:3f:4c:b2:4b:8a:4d:96:83:3a: 56:f4:bd:fd:b8:88:42:88:e9:17:96:24:d3:91:f2: 7b:ba:1f:1f:19:4f:50:8b:06:35:ba:04:80:90:3f: 8e:cb:84:5a:b6:19:d1:c0:7f:34:2e:c3:76:d0:74: 95:1b:d2:8c:be:a9:67:9e:4a:ae:60:2f:36:a2:c2: 95:7c:fb:b8:83:23:fe:eb:53:bf:b3:fd:a9:74:45: 1e:a5:ec:0d:6f:60:03:38:dd:90:d3:f8:07:ba:c8: 6c:56:48:e8:fc:7c:4c:5e:59:af:9b:2e:cf:4e:10: 7f:b2:02:58:75:f0:3b:e8:64:51:87:28:d9:4e:30: b6:ca:f6:5d:40:c4:05:71:f3:4a:66:c5:1a:ba:af: 1d:89:89:8b:2a:56:c4:1b:b6:fb:b0:fa:26:32:7e: f7:db:84:84:1f:7b:3b:c0:00:65:89:1c:5f:79:c0: a3:3e:8c:a9:f8:60:bd:fb:41:7e:3a:18:cf:cc:f1: 97:2a:8d:93:25:9c:0d:26:cb:0f:16:d2:75:68:c9: 4d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:3C:A0:B8:8F:D6:40:87:DA:EB:4E:0E:9C:A4:66:EA:2A:D8:CF:EC X509v3 Authority Key Identifier: keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230373a3a2f34382d3438203d3e20323136333234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:207::/48 Signature Algorithm: sha256WithRSAEncryption 6f:85:9f:ad:74:bf:97:61:ff:9a:43:55:ee:20:67:0b:17:7a: bf:56:54:38:c2:e5:c8:73:53:21:ee:b0:74:aa:ef:bc:f6:f2: 92:ba:2a:ea:ec:8c:05:f3:61:a5:c9:06:3a:3d:09:62:54:fe: 88:f4:f7:0a:af:9b:51:a4:77:bc:f5:ba:c3:4a:a8:de:dd:9f: 49:99:fb:6d:55:ea:90:24:e3:3c:75:da:09:27:41:f8:08:41: 58:ca:e2:37:e2:ef:67:36:98:9f:07:28:e5:99:49:d8:e1:30: e5:b8:b3:5e:09:57:a4:b6:01:0e:53:9b:f7:09:04:07:95:83: 5c:75:53:59:52:b2:b3:e3:37:a8:0d:c3:09:ef:09:f7:b4:ea: b8:94:d2:cf:99:9c:e3:67:9d:4d:0e:e9:8b:7c:92:89:cf:4f: 56:f6:24:a8:fb:dc:68:ef:0d:b7:8a:3c:45:79:1d:5c:13:14: 4c:11:aa:92:7a:70:92:c8:5e:39:8a:30:7f:0f:e2:85:2f:0c: 31:5d:c2:52:89:6a:be:d1:6f:45:9e:42:bb:b0:4a:37:53:90: a1:64:d4:9f:4e:7d:7c:ba:73:fe:76:bf:38:bc:3a:8f:17:96: 8e:1c:14:a4:47:ed:ed:5c:05:75:7b:e5:4b:f7:5c:1e:4e:16: b4:26:cb:2c -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUei0vjMxwU/p01xn17zoe9hH4K4AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF NzhFNkUxMTAeFw0yNTEwMjQxNTU4MDdaFw0yNjEwMjMxNjAzMDdaMDMxMTAvBgNV BAMTKDhBM0NBMEI4OEZENjQwODdEQUVCNEUwRTlDQTQ2NkVBMkFEOENGRUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7bgbw5K/+hYFdG/BTJTzwN/cL z0RMO3YcCuqxkLlE/AiGp27UQDlPdS5FnM4S3UTWFD9MskuKTZaDOlb0vf24iEKI 6ReWJNOR8nu6Hx8ZT1CLBjW6BICQP47LhFq2GdHAfzQuw3bQdJUb0oy+qWeeSq5g LzaiwpV8+7iDI/7rU7+z/al0RR6l7A1vYAM43ZDT+Ae6yGxWSOj8fExeWa+bLs9O EH+yAlh18DvoZFGHKNlOMLbK9l1AxAVx80pmxRq6rx2JiYsqVsQbtvuw+iYyfvfb hIQfezvAAGWJHF95wKM+jKn4YL37QX46GM/M8ZcqjZMlnA0myw8W0nVoyU0HAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUijyguI/WQIfa604OnKRm6irYz+wwHwYDVR0j BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5 NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTMyMzAzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoUdYECBzANBgkqhkiG9w0BAQsFAAOCAQEAb4Wf rXS/l2H/mkNV7iBnCxd6v1ZUOMLlyHNTIe6wdKrvvPbykroq6uyMBfNhpckGOj0J YlT+iPT3Cq+bUaR3vPW6w0qo3t2fSZn7bVXqkCTjPHXaCSdB+AhBWMriN+LvZzaY nwco5ZlJ2OEw5bizXglXpLYBDlOb9wkEB5WDXHVTWVKys+M3qA3DCe8J97TquJTS z5mc42edTQ7pi3ySic9PVvYkqPvcaO8Nt4o8RXkdXBMUTBGqknpwksheOYowfw/i hS8MMV3CUolqvtFvRZ5Cu7BKN1OQoWTUn059fLpz/na/OLw6jxeWjhwUpEft7VwF dXvlS/dcHk4WtCbLLA== -----END CERTIFICATE-----Generated at Sat Oct 25 06:44:13 2025 by rpki-client