$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3266663a3a2f34382d3438203d3e20323136333234.roa File: 326131343a373538313a3266663a3a2f34382d3438203d3e20323136333234.roa (raw, json) Hash identifier: U8uPwQ/EnJHFsJ+O7AhAOmuemkJEQ+vajwVFaReqvxc= Subject key identifier: 84:16:9A:99:12:89:0F:A4:6C:CD:18:3E:6B:2B:6B:0E:8E:1C:36:B0 Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11 Certificate serial: 0B5196CC1AEC75942A9AE37F9803D02DAB8095F4 Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3266663a3a2f34382d3438203d3e20323136333234.roa Signing time: Fri 15 Aug 2025 06:03:11 +0000 ROA not before: Fri 15 Aug 2025 05:58:11 +0000 ROA not after: Fri 14 Aug 2026 06:03:11 +0000 asID: 216324 IP address blocks: 2a14:7581:2ff::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 18:11:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:51:96:cc:1a:ec:75:94:2a:9a:e3:7f:98:03:d0:2d:ab:80:95:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11 Validity Not Before: Aug 15 05:58:11 2025 GMT Not After : Aug 14 06:03:11 2026 GMT Subject: CN=84169A9912890FA46CCD183E6B2B6B0E8E1C36B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:50:3c:33:7c:3b:57:a4:40:b1:13:3e:61:6c: a4:fe:7b:f2:0e:80:5b:eb:5d:05:ca:1c:50:6e:59: 68:cb:31:98:24:31:cd:c1:fb:49:3c:21:e1:a0:0e: 72:51:66:ad:79:61:6e:22:ef:5d:0b:d4:0e:8e:2f: 7c:5a:b9:7f:4c:61:51:f3:9c:7a:77:00:ba:1c:bf: b7:e3:17:f1:26:46:23:a0:6f:4c:29:23:83:e4:b3: 14:2c:e5:9e:35:24:ee:4a:ae:c0:7d:5c:8b:7e:2e: 08:e6:f6:c3:9e:ed:fa:dc:5a:1e:b5:7d:66:f8:67: 7e:b4:9d:68:89:ef:86:6e:8c:45:fa:26:b5:72:88: 3a:ba:c7:12:46:ee:36:47:83:7a:8a:1c:db:40:66: 1f:16:a2:54:b0:f5:28:84:35:7d:a4:7d:83:78:0a: af:db:05:df:78:7e:d1:e6:20:b1:f1:80:27:4f:34: f0:41:c3:21:7c:e3:76:c7:5b:76:a5:6b:a4:cd:5f: b2:25:fe:e2:ed:f0:d9:d5:0a:f7:85:4d:cc:bf:2f: cd:02:23:ec:e4:11:3f:86:52:b1:40:6e:8f:5a:a4: 24:9f:96:66:1f:0b:41:87:fa:90:72:c3:dd:e8:d7: 8e:57:33:f6:bf:5d:3b:98:e0:7c:a3:62:51:b8:29: 54:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:16:9A:99:12:89:0F:A4:6C:CD:18:3E:6B:2B:6B:0E:8E:1C:36:B0 X509v3 Authority Key Identifier: keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3266663a3a2f34382d3438203d3e20323136333234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:2ff::/48 Signature Algorithm: sha256WithRSAEncryption 97:69:02:d6:21:98:05:bd:f7:58:85:d9:e2:9e:80:eb:31:10: d5:ac:c6:39:52:26:27:db:63:80:fd:a8:c6:4a:c2:06:f4:cb: 68:21:d7:85:40:2c:83:c4:e9:c8:7f:35:fa:97:d8:a5:c8:aa: cb:19:7a:a1:5c:51:72:7d:c9:af:6b:e0:d7:f9:76:b5:6d:32: d5:94:bd:08:20:66:8f:7d:0f:14:cc:8e:17:a0:ce:b4:d5:19: 4f:e5:a5:04:dd:50:96:fe:e9:b9:c9:e0:24:f8:1c:f3:4d:e1: 9e:0e:f9:49:98:cf:ed:6a:40:1f:5c:de:5a:da:0e:85:a9:4c: 0c:85:51:76:d7:ee:e1:9e:bf:ed:e4:3a:3b:26:2a:a3:0c:b3: 3b:f4:80:a9:67:a3:ee:bb:39:09:1d:9b:72:8e:17:19:6e:7a: 18:a4:0b:89:d2:51:5c:70:6a:a9:9c:8c:5e:9f:a1:b7:49:9a: a3:36:40:f5:fb:8f:3c:f8:2c:76:ab:26:6b:87:23:6e:ff:62: 3f:ff:34:1e:03:42:4c:d8:ea:d7:bc:3c:2e:e6:03:06:ae:cb: d2:e6:11:3c:d5:37:94:65:19:78:1b:ec:39:9d:58:09:f0:05: ea:2f:ac:7e:ca:cd:62:d6:94:38:80:af:71:fe:bf:36:5c:41: 55:a1:50:b2 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUC1GWzBrsdZQqmuN/mAPQLauAlfQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF NzhFNkUxMTAeFw0yNTA4MTUwNTU4MTFaFw0yNjA4MTQwNjAzMTFaMDMxMTAvBgNV BAMTKDg0MTY5QTk5MTI4OTBGQTQ2Q0NEMTgzRTZCMkI2QjBFOEUxQzM2QjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYUDwzfDtXpECxEz5hbKT+e/IO gFvrXQXKHFBuWWjLMZgkMc3B+0k8IeGgDnJRZq15YW4i710L1A6OL3xauX9MYVHz nHp3ALocv7fjF/EmRiOgb0wpI4PksxQs5Z41JO5KrsB9XIt+Lgjm9sOe7frcWh61 fWb4Z360nWiJ74ZujEX6JrVyiDq6xxJG7jZHg3qKHNtAZh8WolSw9SiENX2kfYN4 Cq/bBd94ftHmILHxgCdPNPBBwyF843bHW3ala6TNX7Il/uLt8NnVCveFTcy/L80C I+zkET+GUrFAbo9apCSflmYfC0GH+pByw93o145XM/a/XTuY4HyjYlG4KVQXAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUhBaamRKJD6RszRg+aytrDo4cNrAwHwYDVR0j BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5 NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTMyNjY2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEC/zANBgkqhkiG9w0BAQsFAAOCAQEAl2kC 1iGYBb33WIXZ4p6A6zEQ1azGOVImJ9tjgP2oxkrCBvTLaCHXhUAsg8TpyH81+pfY pciqyxl6oVxRcn3Jr2vg1/l2tW0y1ZS9CCBmj30PFMyOF6DOtNUZT+WlBN1Qlv7p ucngJPgc803hng75SZjP7WpAH1zeWtoOhalMDIVRdtfu4Z6/7eQ6OyYqowyzO/SA qWej7rs5CR2bco4XGW56GKQLidJRXHBqqZyMXp+ht0maozZA9fuPPPgsdqsma4cj bv9iP/80HgNCTNjq17w8LuYDBq7L0uYRPNU3lGUZeBvsOZ1YCfAF6i+sfsrNYtaU OICvcf6/NlxBVaFQsg== -----END CERTIFICATE-----Generated at Sat Oct 25 06:44:16 2025 by rpki-client