$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/39342e32342e3130382e302f32342d3234203d3e20323030363736.roa File: 39342e32342e3130382e302f32342d3234203d3e20323030363736.roa (raw, json) Hash identifier: HSErQq3crkyzVJa6g9ayoDntWunwG4uTUMd6ifKsOLU= Subject key identifier: 7A:3C:F2:1E:68:57:A5:DC:F1:76:25:AE:A7:A5:EE:4B:6D:98:A0:00 Certificate issuer: /CN=521525856CBBA6D9D2254221C280DC930734AAB8 Certificate serial: 70B66903CF8C24A137AD02F1A779EEDAF19F42EE Authority key identifier: 52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/39342e32342e3130382e302f32342d3234203d3e20323030363736.roa Signing time: Fri 05 Jun 2026 11:06:55 +0000 ROA not before: Fri 05 Jun 2026 11:01:55 +0000 ROA not after: Fri 04 Jun 2027 11:06:55 +0000 asID: 200676 IP address blocks: 94.24.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Jun 2026 12:48:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:b6:69:03:cf:8c:24:a1:37:ad:02:f1:a7:79:ee:da:f1:9f:42:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=521525856CBBA6D9D2254221C280DC930734AAB8 Validity Not Before: Jun 5 11:01:55 2026 GMT Not After : Jun 4 11:06:55 2027 GMT Subject: CN=7A3CF21E6857A5DCF17625AEA7A5EE4B6D98A000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c0:9c:10:5a:79:b7:2e:96:81:ec:1e:8b:2d: 99:4a:d0:d7:3c:2f:8c:45:5d:c0:43:0b:b2:9b:1f: 52:81:0e:07:d7:4d:33:09:8c:9c:52:48:2c:b3:05: 9b:66:ce:2c:7f:6b:67:94:8f:a2:42:b4:d5:aa:ef: 18:03:f0:76:01:43:de:72:8e:cc:85:ef:8d:2e:4c: 21:51:aa:b8:7a:26:05:c4:43:05:e6:69:bb:0d:d0: 80:48:7a:c0:35:d0:4e:5e:3f:0c:da:f9:f2:0f:fd: 61:e9:0f:c8:d2:bf:77:fd:43:3a:d5:70:c4:ce:be: 40:71:64:d8:9c:09:de:6d:6d:03:18:da:74:e7:65: 3b:c9:da:81:0b:c4:df:ed:6a:8a:0b:36:43:4e:bf: 0e:34:bc:e7:86:49:56:9f:06:ea:f5:57:2d:10:c7: a1:35:13:0d:1e:18:45:64:47:2e:b6:e9:f9:d1:a5: c7:e8:d6:92:65:39:5b:a6:78:8d:7a:9b:fb:6f:f9: 89:ec:7c:31:ee:9b:65:e6:50:6a:44:e4:12:da:19: a0:57:da:d9:c9:8e:80:a4:75:95:08:0c:d5:7c:19: 7d:5f:d3:25:36:c3:a8:59:1f:2d:cd:7c:3b:8a:12: 2e:b4:46:96:83:d0:89:08:b6:5c:ce:91:79:f5:23: 10:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:3C:F2:1E:68:57:A5:DC:F1:76:25:AE:A7:A5:EE:4B:6D:98:A0:00 X509v3 Authority Key Identifier: keyid:52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/39342e32342e3130382e302f32342d3234203d3e20323030363736.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.24.108.0/24 Signature Algorithm: sha256WithRSAEncryption 03:c0:6a:62:22:f5:86:b2:6c:66:74:0d:97:a1:44:56:8a:46: f7:60:6d:17:6a:10:b5:13:03:8f:d3:2e:f5:0a:5c:43:e8:5a: e2:b9:7a:0f:37:5c:9b:24:a7:5d:23:02:1b:27:65:05:57:32: 6a:3c:a6:59:b2:84:28:dc:71:99:93:a1:ae:85:32:77:1e:44: cd:97:f8:25:1a:b5:0a:a0:fa:ad:09:c2:4c:e4:4a:78:0a:2c: 2b:c6:8e:71:a4:d0:97:e8:34:07:1a:fd:c1:8f:8a:9d:58:3b: fd:cc:12:e6:5d:8e:3f:45:74:81:86:43:27:27:28:4f:2f:41: a5:0c:a2:39:ec:e3:c4:b9:8b:68:7a:cd:35:ff:03:84:ef:7c: f1:74:fc:14:62:d2:4b:6f:ba:54:1b:ad:d8:da:9f:24:be:da: 2c:de:ca:2d:1e:69:13:09:73:c6:61:2b:8b:5d:42:22:cd:2d: 39:35:ce:22:b6:8d:a8:86:f8:67:45:5f:b7:45:cd:1c:29:b1: 00:e6:8c:65:4d:14:6a:18:e2:b7:e5:c6:0f:56:a2:d5:d0:9a: cd:28:3d:f1:c9:22:40:a3:3a:ed:90:ae:ac:88:a7:cd:b2:1c: 0c:24:b3:0b:88:7b:a0:05:26:60:58:e4:3d:61:26:8c:78:8b: 01:5b:43:42 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgIUcLZpA8+MJKE3rQLxp3nu2vGfQu4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMw NzM0QUFCODAeFw0yNjA2MDUxMTAxNTVaFw0yNzA2MDQxMTA2NTVaMDMxMTAvBgNV BAMTKDdBM0NGMjFFNjg1N0E1RENGMTc2MjVBRUE3QTVFRTRCNkQ5OEEwMDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDewJwQWnm3LpaB7B6LLZlK0Nc8 L4xFXcBDC7KbH1KBDgfXTTMJjJxSSCyzBZtmzix/a2eUj6JCtNWq7xgD8HYBQ95y jsyF740uTCFRqrh6JgXEQwXmabsN0IBIesA10E5ePwza+fIP/WHpD8jSv3f9QzrV cMTOvkBxZNicCd5tbQMY2nTnZTvJ2oELxN/taooLNkNOvw40vOeGSVafBur1Vy0Q x6E1Ew0eGEVkRy626fnRpcfo1pJlOVumeI16m/tv+YnsfDHum2XmUGpE5BLaGaBX 2tnJjoCkdZUIDNV8GX1f0yU2w6hZHy3NfDuKEi60RpaD0IkItlzOkXn1IxANAgMB AAGjggJtMIICaTAdBgNVHQ4EFgQUejzyHmhXpdzxdiWup6XuS22YoAAwHwYDVR0j BBgwFoAUUhUlhWy7ptnSJUIhwoDckwc0qrgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1 Y2U3LzQvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0QUFCOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0 QUFCOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYt MzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1Y2U3LzQvMzkzNDJlMzIzNDJlMzEzMDM4 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzYzNzM2LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA XhhsMA0GCSqGSIb3DQEBCwUAA4IBAQADwGpiIvWGsmxmdA2XoURWikb3YG0XahC1 EwOP0y71ClxD6FriuXoPN1ybJKddIwIbJ2UFVzJqPKZZsoQo3HGZk6GuhTJ3HkTN l/glGrUKoPqtCcJM5Ep4Ciwrxo5xpNCX6DQHGv3Bj4qdWDv9zBLmXY4/RXSBhkMn JyhPL0GlDKI57OPEuYtoes01/wOE73zxdPwUYtJLb7pUG63Y2p8kvtos3sotHmkT CXPGYSuLXUIizS05Nc4ito2ohvhnRV+3Rc0cKbEA5oxlTRRqGOK35cYPVqLV0JrN KD3xySJAozrtkK6siKfNshwMJLMLiHugBSZgWOQ9YSaMeIsBW0NC -----END CERTIFICATE-----Generated at Sat Jun 6 05:25:34 2026 by rpki-client