$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a396430303a3a2f34302d3430203d3e203537313130.roa File: 326131313a323963303a396430303a3a2f34302d3430203d3e203537313130.roa (raw, json) Hash identifier: W5ahDU5JyeZJt4qS2B+lziFP3DcHEZMUnP1JLsA2ZQY= Subject key identifier: 71:1B:DA:EB:44:33:CD:C6:D5:A3:36:8B:EA:DA:9E:6D:B6:9B:C2:51 Certificate issuer: /CN=CDC014669D381152AFB94B76936268BFF73E7D50 Certificate serial: 7E65E9E2232AF1D5AABE46784096C2B20F3BB4FD Authority key identifier: CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a396430303a3a2f34302d3430203d3e203537313130.roa Signing time: Sun 26 Nov 2023 11:08:45 +0000 ROA not before: Sun 26 Nov 2023 11:03:45 +0000 ROA not after: Sun 24 Nov 2024 11:08:45 +0000 asID: 57110 IP address blocks: 2a11:29c0:9d00::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.mft rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 02 Jun 2024 10:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:65:e9:e2:23:2a:f1:d5:aa:be:46:78:40:96:c2:b2:0f:3b:b4:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDC014669D381152AFB94B76936268BFF73E7D50 Validity Not Before: Nov 26 11:03:45 2023 GMT Not After : Nov 24 11:08:45 2024 GMT Subject: CN=711BDAEB4433CDC6D5A3368BEADA9E6DB69BC251 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:da:62:9a:fb:64:66:7a:94:03:90:70:3f:18: 0a:be:62:69:a6:1f:9b:7b:47:2d:d1:85:ea:c3:50: fa:75:f7:76:ec:1d:fd:7c:5a:10:77:e3:44:6f:b4: 58:8d:79:0d:4a:4e:d8:fa:71:5a:1b:72:7a:4c:66: c0:33:02:fd:5f:05:ee:39:11:c8:9d:61:c8:54:86: 72:ca:69:0e:f0:61:82:80:5c:4e:30:20:d9:91:23: 20:f8:65:a8:11:0d:e1:98:25:35:58:40:f5:f3:1b: 2d:c2:11:d5:e9:34:39:3d:7a:0e:ec:43:c7:0a:0f: 28:25:42:52:e1:dc:9a:0b:10:0a:b6:77:a1:ae:65: 51:86:d0:79:2b:a9:f8:19:52:09:f1:b9:ed:3b:18: ec:3c:73:6c:b4:34:f7:ac:d5:b2:17:0a:d3:24:bf: 74:0f:c2:90:86:82:fc:06:a2:ee:a7:17:c8:6c:2b: 6e:d2:c2:8d:bc:f5:c4:83:27:46:28:4b:e8:58:68: 01:4b:62:80:09:28:c0:e8:ef:b6:01:91:bc:52:36: df:a3:63:81:39:fd:8b:5e:e9:c5:29:f4:85:04:8e: ec:74:96:9d:82:a3:88:3c:89:92:a3:1a:65:bf:78: 93:75:aa:9c:9b:7f:66:e9:14:c3:05:e9:1a:e5:fc: 76:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:1B:DA:EB:44:33:CD:C6:D5:A3:36:8B:EA:DA:9E:6D:B6:9B:C2:51 X509v3 Authority Key Identifier: keyid:CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a396430303a3a2f34302d3430203d3e203537313130.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:29c0:9d00::/40 Signature Algorithm: sha256WithRSAEncryption 3b:46:7b:72:81:dd:3e:a9:1e:fe:47:04:51:e0:a8:4b:5e:35: d4:c3:b0:e9:01:27:9e:4f:02:7c:31:3d:43:f1:17:d0:ee:52: 7a:01:77:f6:91:1f:69:ec:75:88:f4:dd:7d:b6:58:d9:17:dd: 4b:5c:31:e6:ea:db:6b:40:8d:38:18:00:69:d3:3d:77:ca:db: e6:c3:5c:d5:91:47:82:67:1d:4f:bb:44:87:36:c1:66:6d:70: 59:55:d8:9c:dd:52:1e:4c:87:de:63:ca:5d:38:90:cf:77:f7: ad:41:38:7e:0e:7a:a1:84:8b:5d:1b:d6:ee:b9:11:b5:26:37: 91:df:4e:71:95:0a:75:e7:04:90:78:a7:2d:73:19:19:e4:f2: 26:48:02:cf:b8:3a:c1:35:36:eb:19:a5:13:60:be:37:fc:48: 28:80:76:d6:e8:1d:11:6e:68:56:2c:05:37:d9:44:a8:56:e3: 32:57:7e:da:59:0c:0a:50:7d:56:87:28:79:49:1e:da:a1:64: 92:26:31:94:39:e8:84:93:ae:30:c7:f0:df:18:89:45:e3:de: 46:c2:fd:ca:de:d9:e9:52:0f:bf:82:98:e1:f3:36:56:60:7c: 55:fd:fc:53:2c:5d:f7:9b:69:21:56:96:2a:55:c6:82:d2:fd: 85:6d:f8:ba -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUfmXp4iMq8dWqvkZ4QJbCsg87tP0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZG NzNFN0Q1MDAeFw0yMzExMjYxMTAzNDVaFw0yNDExMjQxMTA4NDVaMDMxMTAvBgNV BAMTKDcxMUJEQUVCNDQzM0NEQzZENUEzMzY4QkVBREE5RTZEQjY5QkMyNTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi2mKa+2RmepQDkHA/GAq+Ymmm H5t7Ry3RherDUPp193bsHf18WhB340RvtFiNeQ1KTtj6cVobcnpMZsAzAv1fBe45 EcidYchUhnLKaQ7wYYKAXE4wINmRIyD4ZagRDeGYJTVYQPXzGy3CEdXpNDk9eg7s Q8cKDyglQlLh3JoLEAq2d6GuZVGG0HkrqfgZUgnxue07GOw8c2y0NPes1bIXCtMk v3QPwpCGgvwGou6nF8hsK27Swo289cSDJ0YoS+hYaAFLYoAJKMDo77YBkbxSNt+j Y4E5/Yte6cUp9IUEjux0lp2Co4g8iZKjGmW/eJN1qpybf2bpFMMF6Rrl/HbjAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUcRva60QzzcbVozaL6tqebbabwlEwHwYDVR0j BBgwFoAUzcAUZp04EVKvuUt2k2Jov/c+fVAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1 YzdkLzIvQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZGNzNFN0Q1MC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9DREMwMTQ2NjlEMzgxMTUyQUZCOTRCNzY5 MzYyNjhCRkY3M0U3RDUwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zMjUzZDk3My1kNWJmLTQ1NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjYxMzEz MTNhMzIzOTYzMzAzYTM5NjQzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzUz NzMxMzEzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoRKcCdMA0GCSqGSIb3DQEBCwUAA4IBAQA7Rnty gd0+qR7+RwRR4KhLXjXUw7DpASeeTwJ8MT1D8RfQ7lJ6AXf2kR9p7HWI9N19tljZ F91LXDHm6ttrQI04GABp0z13ytvmw1zVkUeCZx1Pu0SHNsFmbXBZVdic3VIeTIfe Y8pdOJDPd/etQTh+DnqhhItdG9buuRG1JjeR305xlQp15wSQeKctcxkZ5PImSALP uDrBNTbrGaUTYL43/EgogHbW6B0RbmhWLAU32USoVuMyV37aWQwKUH1Whyh5SR7a oWSSJjGUOeiEk64wx/DfGIlF495Gwv3K3tnpUg+/gpjh8zZWYHxV/fxTLF33m2kh VpYqVcaC0v2Fbfi6 -----END CERTIFICATE-----Generated at Sat Jun 1 13:55:57 2024 by rpki-client on console-fra.rpki-client.org