$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214040.roa File: AS214040.roa (raw, json) Hash identifier: x+vtRFxo1Lt+Hg6qV/iALGucyiiLEoQBTpTrQOoxMiA= Subject key identifier: 79:7B:4E:41:59:CB:56:A4:15:3B:E5:27:4A:05:C0:A2:7B:F5:0F:46 Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503 Certificate serial: 4FCEF980B96755494231E16A0012FDBCA37A52FE Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214040.roa Signing time: Thu 31 Oct 2024 18:00:02 +0000 ROA not before: Thu 31 Oct 2024 17:55:02 +0000 ROA not after: Thu 30 Oct 2025 18:00:02 +0000 asID: 214040 IP address blocks: 2a06:1281:8000::/36 maxlen: 36 2a09:54c6:3000::/36 maxlen: 36 2a09:54c6:5000::/36 maxlen: 36 2a09:54c6:6000::/36 maxlen: 36 2a09:54c6:7000::/36 maxlen: 36 2a09:54c6:b000::/36 maxlen: 36 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 23 Nov 2024 03:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:ce:f9:80:b9:67:55:49:42:31:e1:6a:00:12:fd:bc:a3:7a:52:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503 Validity Not Before: Oct 31 17:55:02 2024 GMT Not After : Oct 30 18:00:02 2025 GMT Subject: CN=797B4E4159CB56A4153BE5274A05C0A27BF50F46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:20:cf:23:f3:22:5d:46:4b:36:af:ed:d0:e7: 21:86:a6:0e:46:fe:18:ff:1e:e6:9e:ce:ee:83:a4: 24:43:28:d4:d9:ee:41:e7:63:b8:dd:76:16:8a:5b: cf:79:96:7d:b7:f2:fc:96:54:4d:3b:3d:04:91:0f: 26:ee:29:f7:5b:f7:b6:31:1d:24:2a:ce:9e:a1:35: c8:21:b3:f2:f7:82:53:bb:04:cb:a8:25:82:63:61: 25:52:a1:90:48:bb:4a:a2:df:83:e5:08:fe:db:f4: 77:95:7d:dc:9c:c6:fc:9d:b8:c3:cc:36:d9:75:ae: 7e:93:ed:5b:57:c8:8e:26:b7:35:fd:67:43:18:53: 4d:27:8c:0d:5d:ea:c3:99:8b:ef:a9:85:d6:b7:b8: 48:35:d5:ae:fb:87:fa:6f:d8:0a:8a:0a:cd:5c:6f: 43:a5:64:13:01:1e:d6:fd:8d:60:fa:1b:ee:b6:59: 36:2d:ce:98:6a:e2:a5:5d:c4:70:c8:41:80:2a:23: 80:84:d7:48:0e:11:9a:78:ec:a4:c8:41:59:5a:fd: f3:e3:c6:3d:c9:04:df:89:35:bb:f7:ec:7c:81:ef: ba:98:08:ad:20:54:94:c3:66:d7:84:e7:a9:71:7f: c9:ab:ac:31:c9:03:1b:23:63:8b:70:f0:a4:4b:ab: f0:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:7B:4E:41:59:CB:56:A4:15:3B:E5:27:4A:05:C0:A2:7B:F5:0F:46 X509v3 Authority Key Identifier: keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214040.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:1281:8000::/36 2a09:54c6:3000::/36 2a09:54c6:5000::-2a09:54c6:7fff:ffff:ffff:ffff:ffff:ffff 2a09:54c6:b000::/36 Signature Algorithm: sha256WithRSAEncryption 0b:13:61:5c:7b:d0:35:af:8d:dc:7c:88:62:31:22:48:96:32: 4d:e9:89:52:88:e4:2f:68:19:57:72:52:f8:6e:d2:71:13:c4: cd:0a:b2:1a:a8:11:e8:77:54:29:68:00:ed:7a:16:91:7c:54: 5a:20:bd:4c:f7:38:22:8d:d5:f7:00:7d:ee:64:77:00:25:cb: 3d:46:b0:50:1c:d3:4f:04:d6:51:85:0f:94:8a:a1:08:18:b7: 7e:8c:fd:26:ad:f6:cd:f2:26:db:60:5c:2e:7f:05:60:e5:6c: 95:9e:69:b6:fa:cf:18:08:1e:c8:10:3e:ee:61:f1:33:a6:91: e9:fd:db:a9:4a:80:61:e8:3f:60:7f:02:5c:ad:90:20:0e:32: 0e:87:e5:54:a0:8e:dd:ea:0f:fa:5d:f1:ad:76:3a:9c:68:0b: d0:b0:71:cb:f3:26:6f:d1:99:f8:49:9d:7b:d7:b4:44:71:67: 20:37:ce:c6:71:5c:cb:5e:3a:43:18:8f:75:44:e9:49:3e:84: 44:94:66:b1:4e:91:79:a5:ed:7b:a4:49:35:65:69:8a:3e:6b: c5:94:d8:e8:ab:db:d7:5f:ae:fd:d4:f5:85:84:a9:41:4a:fa: 58:07:b4:e4:70:1b:0f:aa:14:a8:5a:2c:23:59:65:6e:5f:72: 42:80:b3:c5 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgIUT875gLlnVUlCMeFqABL9vKN6Uv4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD ODhGODUwMzAeFw0yNDEwMzExNzU1MDJaFw0yNTEwMzAxODAwMDJaMDMxMTAvBgNV BAMTKDc5N0I0RTQxNTlDQjU2QTQxNTNCRTUyNzRBMDVDMEEyN0JGNTBGNDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+IM8j8yJdRks2r+3Q5yGGpg5G /hj/Huaezu6DpCRDKNTZ7kHnY7jddhaKW895ln238vyWVE07PQSRDybuKfdb97Yx HSQqzp6hNcghs/L3glO7BMuoJYJjYSVSoZBIu0qi34PlCP7b9HeVfdycxvyduMPM Ntl1rn6T7VtXyI4mtzX9Z0MYU00njA1d6sOZi++phda3uEg11a77h/pv2AqKCs1c b0OlZBMBHtb9jWD6G+62WTYtzphq4qVdxHDIQYAqI4CE10gOEZp47KTIQVla/fPj xj3JBN+JNbv37HyB77qYCK0gVJTDZteE56lxf8mrrDHJAxsjY4tw8KRLq/AjAgMB AAGjggJeMIICWjAdBgNVHQ4EFgQUeXtOQVnLVqQVO+UnSgXAonv1D0YwHwYDVR0j BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1 YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG ODUwMy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYt NDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC8wL0FTMjE0MDQwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwYEKgYS gYADBgQqCVTGMDAQAwYEKglUxlADBgcqCVTGAAMGBCoJVMawMA0GCSqGSIb3DQEB CwUAA4IBAQALE2Fce9A1r43cfIhiMSJIljJN6YlSiOQvaBlXclL4btJxE8TNCrIa qBHod1QpaADtehaRfFRaIL1M9zgijdX3AH3uZHcAJcs9RrBQHNNPBNZRhQ+UiqEI GLd+jP0mrfbN8ibbYFwufwVg5WyVnmm2+s8YCB7IED7uYfEzppHp/dupSoBh6D9g fwJcrZAgDjIOh+VUoI7d6g/6XfGtdjqcaAvQsHHL8yZv0Zn4SZ1717REcWcgN87G cVzLXjpDGI91ROlJPoRElGaxTpF5pe17pEk1ZWmKPmvFlNjoq9vXX6791PWFhKlB SvpYB7TkcBsPqhSoWiwjWWVuX3JCgLPF -----END CERTIFICATE-----Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org