$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa File: 326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa (raw, json) Hash identifier: d6ms+CWZuDscVXHj6eNPGqO+N8MPtCRQHjxf1HtjfgA= Subject key identifier: 42:72:FF:FB:C4:3E:88:B9:50:29:EA:CF:A4:3C:4F:96:E4:76:87:4B Certificate issuer: /CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B Certificate serial: 436ECFD5FF6F2AE4639DC1C72EBDFD96EBC1C894 Authority key identifier: 08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa Signing time: Sat 08 Feb 2025 17:08:06 +0000 ROA not before: Sat 08 Feb 2025 17:03:06 +0000 ROA not after: Sat 07 Feb 2026 17:08:06 +0000 asID: 50385 IP address blocks: 2a14:7581:8000::/36 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Sep 2025 06:14:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:6e:cf:d5:ff:6f:2a:e4:63:9d:c1:c7:2e:bd:fd:96:eb:c1:c8:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B Validity Not Before: Feb 8 17:03:06 2025 GMT Not After : Feb 7 17:08:06 2026 GMT Subject: CN=4272FFFBC43E88B95029EACFA43C4F96E476874B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:a7:83:3c:16:2f:a2:f0:95:97:04:2e:60:68: 32:ca:73:fb:4c:96:b8:84:51:11:8d:72:58:12:b8: 6c:0c:23:cb:70:04:9a:53:17:a3:c3:9a:65:95:df: 72:77:af:e8:6d:3a:c1:71:bd:cb:42:a6:51:51:33: 8b:4a:b6:b3:ef:fd:50:10:41:10:20:88:63:9c:49: 45:f5:c9:12:5a:12:e0:6a:94:4f:2a:56:ce:bc:27: 30:aa:cf:07:5f:27:7d:eb:cb:69:f5:df:a9:1c:40: 28:5e:10:5d:0a:fb:19:41:da:c1:e4:39:ed:8e:6c: 6f:ab:dc:8a:be:95:8a:ad:dc:dd:17:b0:f0:82:2e: 5e:c8:88:eb:d6:aa:2d:33:61:6b:e2:34:b9:3e:3a: 3e:e5:c9:85:b0:6a:72:64:77:fa:d5:29:4e:a9:6d: ee:b1:04:17:f1:ff:93:58:47:1f:48:d9:50:6a:1d: 0e:70:ac:0d:64:d0:4d:9e:41:54:a4:cc:d0:23:f7: 0b:1c:85:fd:13:9b:9e:e7:92:13:79:80:53:a7:42: 8e:76:46:d7:bb:c9:39:ac:34:12:af:59:a0:78:17: 5c:b0:78:57:93:0a:80:44:5a:91:fd:6e:c9:f4:12: f2:d1:95:e6:ea:3c:c4:73:56:b1:1f:21:72:47:04: 33:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:72:FF:FB:C4:3E:88:B9:50:29:EA:CF:A4:3C:4F:96:E4:76:87:4B X509v3 Authority Key Identifier: keyid:08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:8000::/36 Signature Algorithm: sha256WithRSAEncryption 9b:57:3c:54:ca:50:e6:59:f7:5f:b4:51:7c:c2:08:2e:a1:2f: 83:1f:0b:06:4f:a2:b4:81:20:69:01:82:2a:e7:08:cf:7a:9d: 0e:0c:59:e2:02:e3:cd:15:c1:a6:51:bf:6d:98:cb:a8:96:5b: 65:33:01:51:18:02:4d:1d:89:f4:86:b3:2e:dd:0e:a8:16:ba: 71:ed:f2:10:b9:f9:17:1e:89:dd:29:b0:15:d1:95:a3:24:2e: 21:31:b2:1e:74:7e:dd:71:a0:6e:31:00:6d:fe:03:76:74:90: 0b:83:fd:5f:db:39:43:a5:52:05:a3:f5:34:48:7d:a6:b5:9d: 57:14:e7:c1:10:a3:da:6c:14:0d:a4:44:de:b5:cd:97:64:27: aa:97:a1:31:43:e1:2e:f4:3f:b2:1a:dd:66:6d:c0:e7:5a:79: 7d:63:70:aa:f8:5f:de:25:85:4e:b0:cc:9c:11:bd:56:90:8e: 55:cc:8b:14:29:36:b8:87:f0:4c:53:5c:71:37:a0:7f:57:45: 9b:86:8f:7a:42:79:61:af:f6:1c:6f:84:bb:03:07:cf:c9:ac: 29:4e:dc:e0:9b:c6:55:31:00:ff:4b:a5:62:e5:15:f0:84:ad: 37:1a:b1:e3:40:6a:50:bd:fb:be:be:01:84:ad:8e:a6:1f:f3: dc:c7:be:68 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUQ27P1f9vKuRjncHHLr39luvByJQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3 OEU5RjM5QjAeFw0yNTAyMDgxNzAzMDZaFw0yNjAyMDcxNzA4MDZaMDMxMTAvBgNV BAMTKDQyNzJGRkZCQzQzRTg4Qjk1MDI5RUFDRkE0M0M0Rjk2RTQ3Njg3NEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxp4M8Fi+i8JWXBC5gaDLKc/tM lriEURGNclgSuGwMI8twBJpTF6PDmmWV33J3r+htOsFxvctCplFRM4tKtrPv/VAQ QRAgiGOcSUX1yRJaEuBqlE8qVs68JzCqzwdfJ33ry2n136kcQCheEF0K+xlB2sHk Oe2ObG+r3Iq+lYqt3N0XsPCCLl7IiOvWqi0zYWviNLk+Oj7lyYWwanJkd/rVKU6p be6xBBfx/5NYRx9I2VBqHQ5wrA1k0E2eQVSkzNAj9wschf0Tm57nkhN5gFOnQo52 Rte7yTmsNBKvWaB4F1yweFeTCoBEWpH9bsn0EvLRlebqPMRzVrEfIXJHBDNXAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUQnL/+8Q+iLlQKerPpDxPluR2h0swHwYDVR0j BBgwFoAUCHSAEWTclfCrnM1L0wSj73jp85swDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5 MTE1LzEvMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3OEU5RjM5Qi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJE MzA0QTNFRjc4RTlGMzlCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zYzhlNGUxMS0zYWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM4MzAzMDMwM2EzYTJmMzMzNjJkMzQzMDIwM2QzZTIwMzUz MDMzMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGBCoUdYGAMA0GCSqGSIb3DQEBCwUAA4IBAQCbVzxU ylDmWfdftFF8wgguoS+DHwsGT6K0gSBpAYIq5wjPep0ODFniAuPNFcGmUb9tmMuo lltlMwFRGAJNHYn0hrMu3Q6oFrpx7fIQufkXHondKbAV0ZWjJC4hMbIedH7dcaBu MQBt/gN2dJALg/1f2zlDpVIFo/U0SH2mtZ1XFOfBEKPabBQNpETetc2XZCeql6Ex Q+Eu9D+yGt1mbcDnWnl9Y3Cq+F/eJYVOsMycEb1WkI5VzIsUKTa4h/BMU1xxN6B/ V0Wbho96Qnlhr/Ycb4S7AwfPyawpTtzgm8ZVMQD/S6Vi5RXwhK03GrHjQGpQvfu+ vgGErY6mH/Pcx75o -----END CERTIFICATE-----Generated at Mon Sep 8 17:00:11 2025 by rpki-client