$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203136353039.roa File: 326131343a316563303a3a2f33312d3438203d3e203136353039.roa (raw, json) Hash identifier: DO5U+zbxAW9dCHHkG8v0O5pLZTi9rHV+80EYsqI00GY= Subject key identifier: 6B:56:5D:17:69:60:BC:F3:F9:87:2A:2F:AE:9B:DF:C9:E2:E0:59:93 Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Certificate serial: 6CA6DF180F62C21581288CBDAF5644A131256957 Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203136353039.roa Signing time: Fri 09 May 2025 16:29:08 +0000 ROA not before: Fri 09 May 2025 16:24:08 +0000 ROA not after: Fri 08 May 2026 16:29:08 +0000 asID: 16509 IP address blocks: 2a14:1ec0::/31 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 29 Oct 2025 16:03:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:a6:df:18:0f:62:c2:15:81:28:8c:bd:af:56:44:a1:31:25:69:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Validity Not Before: May 9 16:24:08 2025 GMT Not After : May 8 16:29:08 2026 GMT Subject: CN=6B565D176960BCF3F9872A2FAE9BDFC9E2E05993 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:4d:18:58:80:51:13:65:7c:a0:aa:4b:14:d1: 50:81:e2:e6:c8:e2:07:85:e2:58:4e:92:5b:71:70: a3:e4:c1:cf:80:41:68:b9:38:80:b4:a4:6c:10:f8: ab:a9:f4:4a:4d:2e:e6:7a:46:34:19:3c:93:ed:45: 53:6e:6f:2b:35:93:dd:66:a1:1f:4b:dc:fa:45:20: 22:3d:be:3c:21:01:69:79:57:cf:4f:d8:74:ac:4b: cd:92:33:46:e9:fc:47:cb:af:44:df:1f:64:cb:22: 3d:ce:cf:fc:91:a3:36:64:2f:ee:2a:64:a7:3c:0c: 3a:ad:40:0e:67:a1:5f:4a:a4:78:20:fb:8b:3b:8e: a8:7e:cd:99:fe:28:4b:42:30:b5:5a:7c:98:da:a6: 2c:fb:2d:44:62:98:bd:18:3a:c0:09:04:2a:65:23: d0:74:65:ac:1e:36:f1:04:8e:a0:74:89:e4:5a:50: 4e:00:83:fa:98:07:10:50:7f:99:2d:c1:8d:fa:88: 92:08:49:5c:34:1e:fd:ed:ed:09:ae:90:10:5d:c7: d2:a0:3a:79:16:7f:5b:1c:6b:b2:11:df:60:8b:a5: 97:63:c8:93:07:51:aa:b7:1c:2c:8a:5a:b6:be:d0: aa:03:60:e2:1d:d1:02:2d:11:ab:46:02:63:cd:db: f1:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:56:5D:17:69:60:BC:F3:F9:87:2A:2F:AE:9B:DF:C9:E2:E0:59:93 X509v3 Authority Key Identifier: keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203136353039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec0::/31 Signature Algorithm: sha256WithRSAEncryption 8d:8c:6b:1d:1a:01:3e:da:76:0a:96:be:87:67:89:44:4c:34: a7:01:72:9f:1f:3f:73:1a:9b:54:db:2c:cb:af:a8:0d:4a:99: 49:77:5e:b6:2c:f8:01:7d:86:ba:f8:5c:c1:d3:f6:49:c8:da: a9:2d:39:c4:4a:7a:d7:4c:58:0f:b2:6e:45:a9:86:6a:c5:28: e6:fc:69:83:73:e8:80:ea:6a:f5:46:90:4f:70:ee:fe:8d:5f: b3:79:bf:64:2b:1b:79:df:25:6d:96:33:64:85:e1:08:54:df: 3e:03:f2:15:1d:ff:e1:58:6c:0f:1f:73:80:34:a1:4e:00:9e: 87:a1:7e:fc:6e:c9:d3:55:b2:b7:5e:85:9a:f3:d7:fe:ee:21: 63:d1:96:df:c5:31:7b:4d:16:1e:fc:49:ea:69:ac:41:30:5e: 4c:ab:22:57:36:56:42:8b:49:12:19:44:3c:9b:3d:45:5b:13: c9:3c:2a:a5:cf:4c:f2:f7:61:a8:97:5a:65:ba:c3:3c:66:ca: 46:84:95:86:3e:1b:3f:4b:30:e7:ac:cb:76:9a:b4:8e:6d:95: 37:e8:96:55:6e:cb:2a:0c:ca:f8:ca:23:5b:b2:77:f4:2b:27: 5a:70:29:d9:12:08:b7:93:26:5d:a6:2c:53:41:75:f1:86:17: 66:49:83:91 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIUbKbfGA9iwhWBKIy9r1ZEoTElaVcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG NEFCREVDNjAeFw0yNTA1MDkxNjI0MDhaFw0yNjA1MDgxNjI5MDhaMDMxMTAvBgNV BAMTKDZCNTY1RDE3Njk2MEJDRjNGOTg3MkEyRkFFOUJERkM5RTJFMDU5OTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkTRhYgFETZXygqksU0VCB4ubI 4geF4lhOkltxcKPkwc+AQWi5OIC0pGwQ+Kup9EpNLuZ6RjQZPJPtRVNubys1k91m oR9L3PpFICI9vjwhAWl5V89P2HSsS82SM0bp/EfLr0TfH2TLIj3Oz/yRozZkL+4q ZKc8DDqtQA5noV9KpHgg+4s7jqh+zZn+KEtCMLVafJjapiz7LURimL0YOsAJBCpl I9B0ZaweNvEEjqB0ieRaUE4Ag/qYBxBQf5ktwY36iJIISVw0Hv3t7QmukBBdx9Kg OnkWf1sca7IR32CLpZdjyJMHUaq3HCyKWra+0KoDYOId0QItEatGAmPN2/EBAgMB AAGjggJ3MIICczAdBgNVHQ4EFgQUa1ZdF2lgvPP5hyovrpvfyeLgWZMwHwYDVR0j BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD QkIzOTg3NkY0QUJERUM2LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUF BzALhoGLcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz NDNhMzE2NTYzMzAzYTNhMmYzMzMxMmQzNDM4MjAzZDNlMjAzMTM2MzUzMDM5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUBKhQewDANBgkqhkiG9w0BAQsFAAOCAQEAjYxrHRoBPtp2Cpa+h2eJ REw0pwFynx8/cxqbVNssy6+oDUqZSXdetiz4AX2GuvhcwdP2ScjaqS05xEp610xY D7JuRamGasUo5vxpg3PogOpq9UaQT3Du/o1fs3m/ZCsbed8lbZYzZIXhCFTfPgPy FR3/4VhsDx9zgDShTgCeh6F+/G7J01Wyt16FmvPX/u4hY9GW38Uxe00WHvxJ6mms QTBeTKsiVzZWQotJEhlEPJs9RVsTyTwqpc9M8vdhqJdaZbrDPGbKRoSVhj4bP0sw 56zLdpq0jm2VN+iWVW7LKgzK+MojW7J39CsnWnAp2RIIt5MmXaYsU0F18YYXZkmD kQ== -----END CERTIFICATE-----Generated at Wed Oct 29 02:57:52 2025 by rpki-client