$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343834303a3a2f34342d3438203d3e20323135323839.roa File: 326131343a373538313a343834303a3a2f34342d3438203d3e20323135323839.roa (raw, json) Hash identifier: IeK6ZG/g9V25xfR3xKZZdyq5xuMwonnHdhMMCLRMWBo= Subject key identifier: D7:04:46:0B:17:DF:50:A1:13:80:52:26:6A:92:94:3A:5E:56:03:4F Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Certificate serial: 75D45031E3E925EBC8052126D591E11C4EB11815 Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343834303a3a2f34342d3438203d3e20323135323839.roa Signing time: Thu 27 Feb 2025 07:52:12 +0000 ROA not before: Thu 27 Feb 2025 07:47:12 +0000 ROA not after: Thu 26 Feb 2026 07:52:12 +0000 asID: 215289 IP address blocks: 2a14:7581:4840::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 14:04:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:d4:50:31:e3:e9:25:eb:c8:05:21:26:d5:91:e1:1c:4e:b1:18:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Validity Not Before: Feb 27 07:47:12 2025 GMT Not After : Feb 26 07:52:12 2026 GMT Subject: CN=D704460B17DF50A1138052266A92943A5E56034F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:48:24:e9:89:73:e7:df:ee:3a:ed:c9:f6:07: 94:b8:c3:15:cc:31:37:6c:b7:91:1d:a4:ea:33:e9: 24:31:af:05:02:5e:d0:01:32:46:6f:cd:52:21:10: 38:09:69:3a:72:14:ec:39:c3:3a:4a:40:c4:25:56: 4a:9c:32:2d:f1:73:cb:67:0a:07:ad:fd:3f:e9:b8: 5f:69:d2:5d:de:9f:43:dc:69:f7:4a:24:2d:47:08: 85:53:2b:50:6b:3b:0b:ab:e1:19:4c:a5:36:87:68: d5:73:61:4a:30:3b:20:1c:2c:2c:05:55:b8:a5:9a: c0:7d:39:3f:21:46:cf:7d:a0:ae:e0:09:e7:27:f0: 5e:47:2c:b3:77:3c:4f:1f:0e:21:cd:38:68:4c:13: 48:47:4a:ab:ab:97:7b:0a:65:7a:3e:c8:91:45:cb: 5a:30:b7:a0:f9:2a:68:f7:4b:f2:2d:c5:9a:7b:cf: 46:fa:de:a7:ed:88:66:8b:f2:2d:81:b8:32:a9:e2: f1:13:a8:02:24:88:c5:1b:47:31:94:c1:95:19:dc: a0:48:d5:68:7b:e1:bb:6e:0e:93:44:32:64:97:68: ca:77:78:38:4e:56:59:cc:fe:c4:f3:1e:43:6e:32: 09:a2:43:2b:9c:bb:90:97:3f:32:2a:bb:ff:ef:02: 4b:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:04:46:0B:17:DF:50:A1:13:80:52:26:6A:92:94:3A:5E:56:03:4F X509v3 Authority Key Identifier: keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343834303a3a2f34342d3438203d3e20323135323839.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:4840::/44 Signature Algorithm: sha256WithRSAEncryption a4:fd:f9:6e:b4:0a:18:cf:a6:b4:d6:03:de:1a:2f:95:95:d0: 4f:31:3b:f2:dc:7c:5d:f4:e1:8f:d4:4f:b9:67:5a:81:5f:3e: fd:84:eb:be:e7:d3:68:d8:82:82:4e:87:53:b7:e7:e5:d5:7c: c3:36:94:0f:1d:ee:27:47:4b:6f:85:72:a5:f8:27:93:65:ef: a6:48:dd:fc:5b:6e:ad:22:1a:e0:ce:ad:ae:ce:15:56:15:8d: d0:31:7e:6d:3d:37:56:75:53:3a:ea:83:8b:e8:56:9d:80:d0: e6:1f:1a:aa:f4:8e:f1:a6:c3:90:94:5c:c4:07:c0:bc:11:c1: ab:54:19:24:41:a7:5f:82:5b:43:ac:0a:68:29:e1:bf:d2:7b: 46:07:2e:fe:ac:3c:4c:93:b3:4e:98:97:2c:18:d9:2b:be:b0: 2a:12:35:bb:84:c0:8b:ff:f9:40:6a:60:7d:22:d7:f8:26:7a: 72:ab:bb:46:88:24:a9:52:b9:b5:36:3a:01:ce:7b:23:84:cc: 02:2f:4c:4c:e1:ef:4d:6e:4b:9f:34:3b:f7:3e:46:f4:06:44: b7:01:41:38:f8:f5:14:31:08:bd:1e:b3:8e:60:8d:d2:38:06: ae:9d:1b:21:55:04:e0:53:35:62:a6:3a:19:59:78:93:b4:fc: 66:bd:57:ac -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUddRQMePpJevIBSEm1ZHhHE6xGBUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF MEFGQjM4QzAeFw0yNTAyMjcwNzQ3MTJaFw0yNjAyMjYwNzUyMTJaMDMxMTAvBgNV BAMTKEQ3MDQ0NjBCMTdERjUwQTExMzgwNTIyNjZBOTI5NDNBNUU1NjAzNEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/SCTpiXPn3+467cn2B5S4wxXM MTdst5EdpOoz6SQxrwUCXtABMkZvzVIhEDgJaTpyFOw5wzpKQMQlVkqcMi3xc8tn Cget/T/puF9p0l3en0PcafdKJC1HCIVTK1BrOwur4RlMpTaHaNVzYUowOyAcLCwF VbilmsB9OT8hRs99oK7gCecn8F5HLLN3PE8fDiHNOGhME0hHSqurl3sKZXo+yJFF y1owt6D5Kmj3S/ItxZp7z0b63qftiGaL8i2BuDKp4vETqAIkiMUbRzGUwZUZ3KBI 1Wh74btuDpNEMmSXaMp3eDhOVlnM/sTzHkNuMgmiQyucu5CXPzIqu//vAkvZAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU1wRGCxffUKETgFImapKUOl5WA08wHwYDVR0j BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4 NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz NDNhMzczNTM4MzEzYTM0MzgzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MTM1MzIzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gUhAMA0GCSqGSIb3DQEBCwUAA4IBAQCk /flutAoYz6a01gPeGi+VldBPMTvy3Hxd9OGP1E+5Z1qBXz79hOu+59No2IKCTodT t+fl1XzDNpQPHe4nR0tvhXKl+CeTZe+mSN38W26tIhrgzq2uzhVWFY3QMX5tPTdW dVM66oOL6FadgNDmHxqq9I7xpsOQlFzEB8C8EcGrVBkkQadfgltDrApoKeG/0ntG By7+rDxMk7NOmJcsGNkrvrAqEjW7hMCL//lAamB9Itf4Jnpyq7tGiCSpUrm1NjoB znsjhMwCL0xM4e9NbkufNDv3Pkb0BkS3AUE4+PUUMQi9HrOOYI3SOAaunRshVQTg UzVipjoZWXiTtPxmvVes -----END CERTIFICATE-----Generated at Sat Apr 5 04:35:12 2025 by rpki-client