$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/326131343a373538333a663730333a3a2f34382d3438203d3e20323134393535.roa File: 326131343a373538333a663730333a3a2f34382d3438203d3e20323134393535.roa (raw, json) Hash identifier: 9+boFqIS6keyE5RNh9z/i3/Vy3fO+EE8pDJc8uN4NyQ= Subject key identifier: 5D:6A:6D:60:21:44:ED:D4:AE:6D:CB:06:E4:24:01:E3:72:F7:51:01 Certificate issuer: /CN=702B79B445330AC21D237308277A4472598CE771 Certificate serial: 76B4928E5EEC02F7ABC9FBEEFEF895B2786111AC Authority key identifier: 70:2B:79:B4:45:33:0A:C2:1D:23:73:08:27:7A:44:72:59:8C:E7:71 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/702B79B445330AC21D237308277A4472598CE771.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/326131343a373538333a663730333a3a2f34382d3438203d3e20323134393535.roa Signing time: Mon 08 Sep 2025 00:24:08 +0000 ROA not before: Mon 08 Sep 2025 00:19:08 +0000 ROA not after: Mon 07 Sep 2026 00:24:08 +0000 asID: 214955 IP address blocks: 2a14:7583:f703::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/702B79B445330AC21D237308277A4472598CE771.crl rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/702B79B445330AC21D237308277A4472598CE771.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/702B79B445330AC21D237308277A4472598CE771.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Sep 2025 03:55:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:b4:92:8e:5e:ec:02:f7:ab:c9:fb:ee:fe:f8:95:b2:78:61:11:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=702B79B445330AC21D237308277A4472598CE771 Validity Not Before: Sep 8 00:19:08 2025 GMT Not After : Sep 7 00:24:08 2026 GMT Subject: CN=5D6A6D602144EDD4AE6DCB06E42401E372F75101 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:91:d4:0e:a1:f8:23:ba:41:73:e0:86:33:4d: 90:93:61:84:5f:06:5c:31:6c:59:7b:a6:81:2b:df: bb:47:62:f3:bd:c1:81:80:02:ec:7e:dc:f1:40:f2: 18:75:0e:5a:e9:0c:e3:fb:26:a1:ed:af:a4:d8:3d: d0:80:9f:90:80:f1:51:71:d4:e0:00:df:93:21:69: 99:90:72:69:b3:b5:f1:8e:c0:c7:ad:7c:5f:45:18: 06:4d:66:08:be:cc:36:07:69:28:24:87:e4:91:7f: 02:e7:89:31:ae:99:3d:f4:e4:47:cb:c4:60:21:66: 71:63:ee:7b:da:84:fd:d0:50:c6:c2:bb:63:18:56: 46:64:92:b2:b5:05:b9:41:01:10:02:1f:0f:d4:0d: 3d:d2:78:4f:64:7f:e5:f8:45:89:e6:d7:f1:bd:12: b5:cb:41:d4:0c:7f:62:b4:2a:ff:bc:c3:1f:a8:cb: 48:db:e6:e3:38:2c:d9:81:4c:f4:74:5e:5a:b7:6c: 84:8c:a1:18:ba:b1:67:e2:85:ca:e9:4b:d4:c6:45: da:68:aa:e9:bc:78:c8:67:fa:48:f7:d1:37:b5:83: e0:59:f2:17:09:7b:ea:81:0c:7c:02:49:65:0e:61: 5a:f0:5d:37:30:23:14:4a:4d:9a:74:59:6c:6a:ed: 80:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:6A:6D:60:21:44:ED:D4:AE:6D:CB:06:E4:24:01:E3:72:F7:51:01 X509v3 Authority Key Identifier: keyid:70:2B:79:B4:45:33:0A:C2:1D:23:73:08:27:7A:44:72:59:8C:E7:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/702B79B445330AC21D237308277A4472598CE771.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/702B79B445330AC21D237308277A4472598CE771.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/326131343a373538333a663730333a3a2f34382d3438203d3e20323134393535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:f703::/48 Signature Algorithm: sha256WithRSAEncryption c6:25:4b:44:3e:84:af:7a:1a:8a:85:ac:c0:7f:55:08:b9:84: 58:fe:82:70:ac:ee:de:53:39:73:b4:1b:83:d5:b4:ac:ef:e5: 82:15:a5:c2:d7:60:50:9a:88:53:49:ed:b5:10:30:1e:4a:45: fb:0a:22:58:2e:91:c6:a5:62:32:6d:2f:e0:bb:d1:22:42:01: a2:b0:01:f3:43:e1:37:76:c1:4e:01:78:47:0b:08:08:fe:55: 83:4c:a3:d6:9c:35:d0:b5:ec:b8:b6:f4:5b:64:c3:21:66:ec: 2e:cc:91:d8:ea:b4:a7:c6:cd:6a:30:6e:a8:51:bb:a1:e2:8c: c8:1b:40:3c:95:2c:72:22:01:e8:0e:9c:cd:22:01:b6:7c:d1: ed:70:1b:a8:15:99:93:22:41:08:77:d6:3f:b8:1d:33:a5:0a: c3:dd:7b:8e:85:c5:a2:71:56:7b:92:55:b4:ab:a9:54:5b:3e: d4:e3:37:28:be:41:b2:38:d2:58:f1:21:6e:22:57:77:2c:f2: 68:18:32:28:b8:d7:8f:af:c3:04:04:d4:9d:34:9d:aa:bb:45: 13:26:f3:f8:4c:e6:95:1c:17:b1:96:2e:aa:a0:b1:e8:57:8a: 28:7e:79:73:9d:2c:a1:5d:97:d9:8e:cf:ad:70:3a:53:21:52: 46:a2:0d:96 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUdrSSjl7sAveryfvu/viVsnhhEawwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzAyQjc5QjQ0NTMzMEFDMjFEMjM3MzA4Mjc3QTQ0NzI1 OThDRTc3MTAeFw0yNTA5MDgwMDE5MDhaFw0yNjA5MDcwMDI0MDhaMDMxMTAvBgNV BAMTKDVENkE2RDYwMjE0NEVERDRBRTZEQ0IwNkU0MjQwMUUzNzJGNzUxMDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzkdQOofgjukFz4IYzTZCTYYRf BlwxbFl7poEr37tHYvO9wYGAAux+3PFA8hh1DlrpDOP7JqHtr6TYPdCAn5CA8VFx 1OAA35MhaZmQcmmztfGOwMetfF9FGAZNZgi+zDYHaSgkh+SRfwLniTGumT305EfL xGAhZnFj7nvahP3QUMbCu2MYVkZkkrK1BblBARACHw/UDT3SeE9kf+X4RYnm1/G9 ErXLQdQMf2K0Kv+8wx+oy0jb5uM4LNmBTPR0Xlq3bISMoRi6sWfihcrpS9TGRdpo qum8eMhn+kj30Te1g+BZ8hcJe+qBDHwCSWUOYVrwXTcwIxRKTZp0WWxq7YAHAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUXWptYCFE7dSubcsG5CQB43L3UQEwHwYDVR0j BBgwFoAUcCt5tEUzCsIdI3MIJ3pEclmM53EwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvM2Y5OWU2NmQtNGM3Yi00MTMwLTkxZDUtNGZiZDg0MzU3 NzkyLzEvNzAyQjc5QjQ0NTMzMEFDMjFEMjM3MzA4Mjc3QTQ0NzI1OThDRTc3MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC83MDJCNzlCNDQ1MzMwQUMyMUQyMzczMDgy NzdBNDQ3MjU5OENFNzcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zZjk5ZTY2ZC00YzdiLTQxMzAtOTFkNS00ZmJkODQzNTc3OTIvMS8zMjYxMzEz NDNhMzczNTM4MzMzYTY2MzczMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzkzNTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1g/cDMA0GCSqGSIb3DQEBCwUAA4IBAQDG JUtEPoSvehqKhazAf1UIuYRY/oJwrO7eUzlztBuD1bSs7+WCFaXC12BQmohTSe21 EDAeSkX7CiJYLpHGpWIybS/gu9EiQgGisAHzQ+E3dsFOAXhHCwgI/lWDTKPWnDXQ tey4tvRbZMMhZuwuzJHY6rSnxs1qMG6oUbuh4ozIG0A8lSxyIgHoDpzNIgG2fNHt cBuoFZmTIkEId9Y/uB0zpQrD3XuOhcWicVZ7klW0q6lUWz7U4zcovkGyONJY8SFu Ild3LPJoGDIouNePr8MEBNSdNJ2qu0UTJvP4TOaVHBexli6qoLHoV4oofnlznSyh XZfZjs+tcDpTIVJGog2W -----END CERTIFICATE-----Generated at Mon Sep 15 19:30:13 2025 by rpki-client