$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203438373030.roa File: 326131343a316563303a3a2f33312d3438203d3e203438373030.roa (raw, json) Hash identifier: NfdCiPZo2V7z2IR8DOEcP9s1WlT0wPdEK10WCc6hh18= Subject key identifier: 8F:BD:CB:B3:2A:06:29:06:8A:AB:51:6C:23:31:02:AC:84:75:E4:2E Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Certificate serial: 4A9FDBBE4E39294168B9C077ADCC1D9C4061D94E Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203438373030.roa Signing time: Fri 09 May 2025 16:30:19 +0000 ROA not before: Fri 09 May 2025 16:25:19 +0000 ROA not after: Fri 08 May 2026 16:30:19 +0000 asID: 48700 IP address blocks: 2a14:1ec0::/31 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 29 Oct 2025 16:03:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:9f:db:be:4e:39:29:41:68:b9:c0:77:ad:cc:1d:9c:40:61:d9:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Validity Not Before: May 9 16:25:19 2025 GMT Not After : May 8 16:30:19 2026 GMT Subject: CN=8FBDCBB32A0629068AAB516C233102AC8475E42E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e1:57:fa:f5:ad:64:98:10:99:72:68:ad:e0: 6f:cf:a4:ae:2a:82:d0:b2:e5:20:ce:4d:2a:b5:18: 26:b6:33:a9:2f:02:17:d2:6f:55:33:1a:15:34:e2: a8:2d:17:e7:18:09:b8:40:6c:28:a7:59:77:d4:c4: c0:00:3e:dd:e8:c7:0a:05:96:38:df:d1:02:b7:6d: ea:13:dd:f1:6b:ac:73:a6:19:bb:1b:02:75:91:83: b1:10:48:88:3f:50:3a:07:3a:3c:90:eb:2e:a8:cc: e0:e9:bf:73:3d:1f:da:8b:21:3a:78:d8:2c:18:14: 14:20:12:aa:78:72:1b:c9:4b:84:5b:6e:a6:2f:eb: 9b:9b:17:b2:9e:60:f7:7a:7d:0c:ae:e2:62:69:f4: e0:0b:d0:62:f2:d6:d9:3e:f3:40:b8:d8:18:6c:3f: 0c:f6:73:43:bc:1e:ee:3d:f0:cc:67:88:af:70:52: 9e:ed:4b:a0:f1:56:d2:28:cb:ac:fa:ab:28:56:93: c7:6d:ba:e2:02:c2:8f:9f:ee:fd:1e:2c:71:d4:f7: 01:10:eb:ee:c4:8a:e3:93:f8:c5:b8:af:a8:a7:b8: 37:41:f1:31:c0:b7:d0:ea:ff:1f:1f:ca:96:a9:f6: ab:a5:c9:96:1f:bf:38:02:70:24:94:05:20:e6:41: bb:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:BD:CB:B3:2A:06:29:06:8A:AB:51:6C:23:31:02:AC:84:75:E4:2E X509v3 Authority Key Identifier: keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563303a3a2f33312d3438203d3e203438373030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec0::/31 Signature Algorithm: sha256WithRSAEncryption 54:66:26:21:5d:f2:92:e2:65:4f:5b:2a:79:53:94:fd:4a:0d: 0e:ce:be:ab:cd:8a:2b:a0:22:4c:38:b1:43:9c:cc:ca:2c:01: 17:fd:99:9b:0d:80:64:15:7e:50:e1:da:60:7e:5f:89:1a:15: 76:41:b7:91:38:b4:dd:9d:ab:4f:5c:17:a6:39:15:54:1d:2d: d4:88:92:2d:92:32:2b:d1:fe:95:be:b9:e9:d7:da:40:c0:61: c8:61:cf:3a:91:4f:76:10:85:d5:b3:52:8b:52:2f:98:f1:c2: 8a:05:b2:00:d6:7f:40:b4:37:2e:ef:56:6a:e4:ac:9d:e3:64: 9e:4d:44:3f:ae:a3:25:f6:af:3c:0a:b0:c9:8d:14:fb:f7:13: a1:4e:fc:bf:39:d8:20:2f:48:c2:fb:2e:c5:65:78:c3:05:c7: fd:fc:70:f9:33:a1:ce:5c:1e:48:1a:74:f2:61:2b:29:17:3a: 24:05:9c:41:eb:39:50:27:95:00:04:3e:0b:e2:49:37:74:2c: ea:69:79:3b:5e:95:d0:32:ce:dd:72:c4:c9:71:46:a8:2b:1d: e2:25:cc:9f:95:e1:b0:3d:a4:f7:44:d7:af:24:3f:04:26:d4: 6e:46:df:b5:23:15:c5:35:26:3f:7f:ea:09:1b:cf:34:7a:e4: e7:34:04:69 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIUSp/bvk45KUFoucB3rcwdnEBh2U4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG NEFCREVDNjAeFw0yNTA1MDkxNjI1MTlaFw0yNjA1MDgxNjMwMTlaMDMxMTAvBgNV BAMTKDhGQkRDQkIzMkEwNjI5MDY4QUFCNTE2QzIzMzEwMkFDODQ3NUU0MkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC4Vf69a1kmBCZcmit4G/PpK4q gtCy5SDOTSq1GCa2M6kvAhfSb1UzGhU04qgtF+cYCbhAbCinWXfUxMAAPt3oxwoF ljjf0QK3beoT3fFrrHOmGbsbAnWRg7EQSIg/UDoHOjyQ6y6ozODpv3M9H9qLITp4 2CwYFBQgEqp4chvJS4RbbqYv65ubF7KeYPd6fQyu4mJp9OAL0GLy1tk+80C42Bhs Pwz2c0O8Hu498MxniK9wUp7tS6DxVtIoy6z6qyhWk8dtuuICwo+f7v0eLHHU9wEQ 6+7EiuOT+MW4r6inuDdB8THAt9Dq/x8fypap9qulyZYfvzgCcCSUBSDmQbsFAgMB AAGjggJ3MIICczAdBgNVHQ4EFgQUj73LsyoGKQaKq1FsIzECrIR15C4wHwYDVR0j BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD QkIzOTg3NkY0QUJERUM2LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUF BzALhoGLcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz NDNhMzE2NTYzMzAzYTNhMmYzMzMxMmQzNDM4MjAzZDNlMjAzNDM4MzczMDMwLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUBKhQewDANBgkqhkiG9w0BAQsFAAOCAQEAVGYmIV3ykuJlT1sqeVOU /UoNDs6+q82KK6AiTDixQ5zMyiwBF/2Zmw2AZBV+UOHaYH5fiRoVdkG3kTi03Z2r T1wXpjkVVB0t1IiSLZIyK9H+lb656dfaQMBhyGHPOpFPdhCF1bNSi1IvmPHCigWy ANZ/QLQ3Lu9WauSsneNknk1EP66jJfavPAqwyY0U+/cToU78vznYIC9IwvsuxWV4 wwXH/fxw+TOhzlweSBp08mErKRc6JAWcQes5UCeVAAQ+C+JJN3Qs6ml5O16V0DLO 3XLEyXFGqCsd4iXMn5XhsD2k90TXryQ/BCbUbkbftSMVxTUmP3/qCRvPNHrk5zQE aQ== -----END CERTIFICATE-----Generated at Wed Oct 29 02:55:56 2025 by rpki-client