$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/32332e3133382e3232302e302f32342d3234203d3e203233313235.roa File: 32332e3133382e3232302e302f32342d3234203d3e203233313235.roa (raw, json) Hash identifier: kPUalpUINJCiwObNYv9PpoOc/cSxsDyRMNiHLlMHUFE= Subject key identifier: A6:AE:B4:CE:91:2A:27:A4:ED:3E:B7:13:48:B7:FF:B9:30:90:BD:71 Certificate issuer: /CN=1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39 Certificate serial: 46AC156F3C9A9FF204E916A34A2E34E3A2ED4F05 Authority key identifier: 10:FA:AD:7B:D8:08:78:1E:33:0C:17:FD:6D:0A:AB:1D:F1:C6:9E:D4 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/32332e3133382e3232302e302f32342d3234203d3e203233313235.roa Signing time: Sun 18 May 2025 11:10:27 +0000 ROA not before: Sun 18 May 2025 11:05:27 +0000 ROA not after: Sun 17 May 2026 11:10:27 +0000 asID: 23125 IP address blocks: 23.138.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/10FAAD7BD808781E330C17FD6D0AAB1DF1C69ED4.crl rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/10FAAD7BD808781E330C17FD6D0AAB1DF1C69ED4.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/4b92cbc5-48e6-4e59-b9e4-d0055609895d.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/4b92cbc5-48e6-4e59-b9e4-d0055609895d.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 08 Jun 2025 03:08:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:ac:15:6f:3c:9a:9f:f2:04:e9:16:a3:4a:2e:34:e3:a2:ed:4f:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39 Validity Not Before: May 18 11:05:27 2025 GMT Not After : May 17 11:10:27 2026 GMT Subject: CN=A6AEB4CE912A27A4ED3EB71348B7FFB93090BD71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e3:50:24:f2:1e:10:f7:6e:cb:8e:b6:1d:78: b3:1c:66:1d:be:4f:52:4f:5f:4c:57:c0:6f:2e:51: 3a:47:18:51:a7:3c:48:ba:be:7c:23:21:53:00:ec: 0e:85:fb:d0:6e:5e:e4:34:a2:af:9d:d1:fa:d9:9d: d0:5c:16:31:79:48:9d:03:be:5b:fe:59:de:a3:40: 3d:45:d8:f3:55:a9:97:aa:f3:6b:4c:22:cb:bd:86: 41:7d:f6:ad:bc:f9:fd:ae:67:f5:49:23:8a:17:a8: 67:5a:18:a8:94:a2:46:da:50:8f:d6:1e:fc:4f:41: 56:c3:5e:f6:34:05:09:ca:db:b3:ab:c7:c1:19:19: ed:77:e0:be:85:2b:5d:67:3b:ed:dc:00:fb:2d:c7: 64:fa:38:bc:80:70:ab:82:29:9e:a0:4c:8f:e9:8a: 83:ef:0d:41:0d:24:eb:98:1e:77:20:4c:f8:52:c9: 8d:e1:36:c4:0a:62:73:2d:30:2e:b3:37:4b:5c:35: 0a:ee:d6:8c:67:a6:16:f1:bc:31:59:b9:89:8b:3a: ec:01:a6:57:f6:35:06:84:71:02:fa:e1:92:5b:cc: 0c:ec:cf:fb:f3:b6:d5:32:60:6f:b3:f8:ab:39:23: 02:3f:8b:0a:d1:be:31:8e:2d:95:34:7c:84:6b:df: 8b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:AE:B4:CE:91:2A:27:A4:ED:3E:B7:13:48:B7:FF:B9:30:90:BD:71 X509v3 Authority Key Identifier: keyid:10:FA:AD:7B:D8:08:78:1E:33:0C:17:FD:6D:0A:AB:1D:F1:C6:9E:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/10FAAD7BD808781E330C17FD6D0AAB1DF1C69ED4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/32332e3133382e3232302e302f32342d3234203d3e203233313235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.138.220.0/24 Signature Algorithm: sha256WithRSAEncryption 95:60:01:cd:e4:83:83:66:80:00:a5:c8:40:62:fe:55:22:c4: c5:8c:20:85:31:2c:e3:fd:aa:eb:bf:5c:39:a6:f2:f8:38:97: 45:d4:f9:05:f3:b3:83:10:9f:93:15:92:6e:dd:98:4a:44:1f: d4:e9:6e:23:25:7d:9b:b0:c1:14:7a:e1:73:b8:6a:ea:ae:dd: bb:b9:c5:01:cc:fc:ca:50:d3:ef:35:3f:cf:1f:4f:c8:1a:83: 6f:3d:38:c4:46:ff:fc:b4:ae:e6:19:20:01:32:e3:b3:f3:56: bb:02:99:73:09:f5:d2:b1:ed:b2:4a:2b:0c:1c:7a:0f:03:bb: 98:72:23:77:28:f0:39:69:89:b5:3a:6d:e9:56:3d:f6:41:47: e3:94:c8:a3:24:84:58:82:29:bc:aa:df:78:39:0b:dd:bd:96: 5a:19:0c:be:99:55:43:c9:87:61:ed:67:88:f3:90:cb:cc:42: d2:70:0c:74:f0:ee:b1:f8:34:cf:9f:54:00:ab:f4:4e:c4:75: aa:ad:cf:ad:d9:b2:5f:3a:53:f2:52:1c:74:01:21:b6:98:d2: 5f:d7:81:f9:34:52:32:88:2e:d6:72:3f:de:89:11:10:56:be: 94:b7:9f:b0:24:3f:1d:b5:3c:3c:4b:4c:a2:71:f3:18:a3:e1: e2:e7:b1:8d -----BEGIN CERTIFICATE----- MIIFzTCCBLWgAwIBAgIURqwVbzyan/IE6RajSi4046LtTwUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyMWExZmViN2YwNWJiZDg3ZjAxMGYxOTE2NjdmYzViMjIz YzgzNjMyYjliYmNhMzNlMzkwHhcNMjUwNTE4MTEwNTI3WhcNMjYwNTE3MTExMDI3 WjAzMTEwLwYDVQQDEyhBNkFFQjRDRTkxMkEyN0E0RUQzRUI3MTM0OEI3RkZCOTMw OTBCRDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuNQJPIeEPdu y462HXizHGYdvk9ST19MV8BvLlE6RxhRpzxIur58IyFTAOwOhfvQbl7kNKKvndH6 2Z3QXBYxeUidA75b/lneo0A9RdjzVamXqvNrTCLLvYZBffatvPn9rmf1SSOKF6hn WhiolKJG2lCP1h78T0FWw172NAUJytuzq8fBGRntd+C+hStdZzvt3AD7Lcdk+ji8 gHCrgimeoEyP6YqD7w1BDSTrmB53IEz4UsmN4TbECmJzLTAuszdLXDUK7taMZ6YW 8bwxWbmJizrsAaZX9jUGhHEC+uGSW8wM7M/787bVMmBvs/irOSMCP4sK0b4xji2V NHyEa9+LmwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFKautM6RKiek7T63E0i3/7kw kL1xMB8GA1UdIwQYMBaAFBD6rXvYCHgeMwwX/W0Kqx3xxp7UMA4GA1UdDwEB/wQE AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzNkYTRkOGI0LWExNTctNDYzNC1hYjE4 LTNlZjlkMDk4MjM1Mi8zLzEwRkFBRDdCRDgwODc4MUUzMzBDMTdGRDZEMEFBQjFE RjFDNjlFRDQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0 YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It NGIzMy05YTg4LTViMjJkMmE4MzM3ZC80YjkyY2JjNS00OGU2LTRlNTktYjllNC1k MDA1NTYwOTg5NWQvMWExZmViN2YwNWJiZDg3ZjAxMGYxOTE2NjdmYzViMjIzYzgz NjMyYjliYmNhMzNlMzkuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5 LzNkYTRkOGI0LWExNTctNDYzNC1hYjE4LTNlZjlkMDk4MjM1Mi8zLzMyMzMyZTMx MzMzODJlMzIzMjMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMzMxMzIzNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEABeK3DANBgkqhkiG9w0BAQsFAAOCAQEAlWABzeSDg2aAAKXIQGL+ VSLExYwghTEs4/2q679cOaby+DiXRdT5BfOzgxCfkxWSbt2YSkQf1OluIyV9m7DB FHrhc7hq6q7du7nFAcz8ylDT7zU/zx9PyBqDbz04xEb//LSu5hkgATLjs/NWuwKZ cwn10rHtskorDBx6DwO7mHIjdyjwOWmJtTpt6VY99kFH45TIoySEWIIpvKrfeDkL 3b2WWhkMvplVQ8mHYe1niPOQy8xC0nAMdPDusfg0z59UAKv0TsR1qq3PrdmyXzpT 8lIcdAEhtpjSX9eB+TRSMogu1nI/3okREFa+lLefsCQ/HbU8PEtMonHzGKPh4uex jQ== -----END CERTIFICATE-----Generated at Sat Jun 7 08:19:23 2025 by rpki-client