$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/39342e32342e3130382e302f32342d3234203d3e20323030363736.roa File: 39342e32342e3130382e302f32342d3234203d3e20323030363736.roa (raw, json) Hash identifier: hbkkIcLL2dVYKU+9BKXYxvOgTE4cVlfb37zj8sIKpS0= Subject key identifier: 03:7C:2C:49:64:64:DF:D4:3B:57:27:C5:F2:AA:6C:91:08:E9:FD:B5 Certificate issuer: /CN=521525856CBBA6D9D2254221C280DC930734AAB8 Certificate serial: 712DB0B91FCACCC2A2FCC3E9C5ADFB3117245408 Authority key identifier: 52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/39342e32342e3130382e302f32342d3234203d3e20323030363736.roa Signing time: Fri 04 Jul 2025 10:46:27 +0000 ROA not before: Fri 04 Jul 2025 10:41:27 +0000 ROA not after: Fri 03 Jul 2026 10:46:27 +0000 asID: 200676 IP address blocks: 94.24.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 06 Jul 2025 02:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:2d:b0:b9:1f:ca:cc:c2:a2:fc:c3:e9:c5:ad:fb:31:17:24:54:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=521525856CBBA6D9D2254221C280DC930734AAB8 Validity Not Before: Jul 4 10:41:27 2025 GMT Not After : Jul 3 10:46:27 2026 GMT Subject: CN=037C2C496464DFD43B5727C5F2AA6C9108E9FDB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:63:0b:ea:31:aa:7f:9c:e0:ab:a5:e4:6e:a7: fa:f7:3b:1c:33:bf:67:57:f6:b9:b5:51:8f:09:5d: 20:ca:7f:5b:7d:e7:90:7a:07:4f:37:79:c9:83:e9: d5:04:83:5e:d3:32:24:fb:e7:6c:ab:78:82:d1:fb: 4e:41:a4:aa:6a:f6:d5:52:a3:c3:84:3d:ca:ca:e7: 66:0f:7f:fc:86:19:35:2d:22:48:93:48:02:06:a6: 14:90:17:cd:b3:80:50:21:5f:3b:52:85:d8:9b:fb: f2:e8:21:fe:86:10:69:54:88:ce:ad:da:fa:cf:e5: b9:d9:ee:5b:63:9c:07:92:d6:1f:e3:69:25:d8:bf: 83:63:3c:79:50:dd:35:4c:5f:5c:ea:54:58:76:f5: 22:b5:48:f1:b9:94:02:35:c8:18:17:5d:d0:cf:8a: 98:f4:26:86:1d:a8:5c:53:bc:f3:34:7f:0b:14:81: 57:4f:9d:83:61:77:c8:54:18:b1:90:c6:22:f7:88: d9:54:46:04:fa:92:2b:f0:62:7e:47:1b:d9:0a:f1: ca:a4:fc:fa:7a:51:6c:3d:a0:d5:89:d3:34:3d:0e: 70:c4:91:4e:4d:2a:84:2a:93:98:8b:0f:84:17:a7: 3f:cc:b7:e7:25:2d:cf:88:c5:f3:f3:a2:a8:09:dd: 34:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:7C:2C:49:64:64:DF:D4:3B:57:27:C5:F2:AA:6C:91:08:E9:FD:B5 X509v3 Authority Key Identifier: keyid:52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/39342e32342e3130382e302f32342d3234203d3e20323030363736.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.24.108.0/24 Signature Algorithm: sha256WithRSAEncryption 03:03:3c:f5:f7:5b:3c:b7:f3:d5:a1:33:98:be:51:76:89:8e: 7d:97:06:1d:ee:d3:e4:1d:9a:5b:04:1a:ea:93:f0:d1:78:8d: 45:51:7b:ab:90:c2:39:df:05:cd:ef:48:a9:22:74:64:95:4e: 3d:c2:66:a4:36:90:c6:81:3e:1c:fd:be:e9:76:b3:11:a7:47: 27:09:66:f8:bd:52:c9:e3:aa:21:d9:e6:89:86:b8:f7:9d:89: 58:bd:96:ce:15:a9:1b:71:54:94:49:e0:5d:53:1a:75:d9:d5: 66:d8:d7:44:44:3a:c0:7e:d1:e8:15:19:c0:e0:02:f7:84:fe: 56:f5:30:00:b6:4f:1a:ad:c1:42:93:ae:5b:77:aa:c4:2c:1b: 7a:29:8b:45:9e:ef:ec:0d:e2:f4:a0:7a:21:d3:c7:c1:8c:f7: 96:76:6f:af:e2:87:98:15:ad:ee:1e:08:b3:af:b8:8e:72:b0: 71:11:d3:4b:32:6d:9e:49:ae:9c:ea:4e:ea:3a:b3:f8:95:d5: ed:c0:96:88:39:61:27:b1:96:7c:55:4b:2a:43:cc:ec:0d:ac: 65:cf:bf:53:08:d6:49:ba:a2:44:1a:2b:e3:61:23:dc:f5:7e: 7b:1a:37:b9:3b:e7:3b:b4:e3:57:d3:dc:fa:a0:53:9c:53:83: 92:61:35:cd -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgIUcS2wuR/KzMKi/MPpxa37MRckVAgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMw NzM0QUFCODAeFw0yNTA3MDQxMDQxMjdaFw0yNjA3MDMxMDQ2MjdaMDMxMTAvBgNV BAMTKDAzN0MyQzQ5NjQ2NERGRDQzQjU3MjdDNUYyQUE2QzkxMDhFOUZEQjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkYwvqMap/nOCrpeRup/r3Oxwz v2dX9rm1UY8JXSDKf1t955B6B083ecmD6dUEg17TMiT752yreILR+05BpKpq9tVS o8OEPcrK52YPf/yGGTUtIkiTSAIGphSQF82zgFAhXztShdib+/LoIf6GEGlUiM6t 2vrP5bnZ7ltjnAeS1h/jaSXYv4NjPHlQ3TVMX1zqVFh29SK1SPG5lAI1yBgXXdDP ipj0JoYdqFxTvPM0fwsUgVdPnYNhd8hUGLGQxiL3iNlURgT6kivwYn5HG9kK8cqk /Pp6UWw9oNWJ0zQ9DnDEkU5NKoQqk5iLD4QXpz/Mt+clLc+IxfPzoqgJ3TTNAgMB AAGjggJtMIICaTAdBgNVHQ4EFgQUA3wsSWRk39Q7VyfF8qpskQjp/bUwHwYDVR0j BBgwFoAUUhUlhWy7ptnSJUIhwoDckwc0qrgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1 Y2U3LzQvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0QUFCOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0 QUFCOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYt MzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1Y2U3LzQvMzkzNDJlMzIzNDJlMzEzMDM4 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzYzNzM2LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA XhhsMA0GCSqGSIb3DQEBCwUAA4IBAQADAzz191s8t/PVoTOYvlF2iY59lwYd7tPk HZpbBBrqk/DReI1FUXurkMI53wXN70ipInRklU49wmakNpDGgT4c/b7pdrMRp0cn CWb4vVLJ46oh2eaJhrj3nYlYvZbOFakbcVSUSeBdUxp12dVm2NdERDrAftHoFRnA 4AL3hP5W9TAAtk8arcFCk65bd6rELBt6KYtFnu/sDeL0oHoh08fBjPeWdm+v4oeY Fa3uHgizr7iOcrBxEdNLMm2eSa6c6k7qOrP4ldXtwJaIOWEnsZZ8VUsqQ8zsDaxl z79TCNZJuqJEGivjYSPc9X57Gje5O+c7tONX09z6oFOcU4OSYTXN -----END CERTIFICATE-----Generated at Sat Jul 5 08:56:06 2025 by rpki-client