$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/326131343a373538333a663730353a3a2f34382d3438203d3e20323134393535.roa File: 326131343a373538333a663730353a3a2f34382d3438203d3e20323134393535.roa (raw, json) Hash identifier: v1ff3/5opCg79B8vnRLLf35N5RlDFleXR6jWqIzcy+A= Subject key identifier: D7:97:6A:DB:49:B4:6D:C8:3D:EA:7C:C6:65:99:BB:2A:9B:CC:72:03 Certificate issuer: /CN=702B79B445330AC21D237308277A4472598CE771 Certificate serial: 361F6F86A297EC83195590AB2476837779448F77 Authority key identifier: 70:2B:79:B4:45:33:0A:C2:1D:23:73:08:27:7A:44:72:59:8C:E7:71 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/702B79B445330AC21D237308277A4472598CE771.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/326131343a373538333a663730353a3a2f34382d3438203d3e20323134393535.roa Signing time: Wed 10 Sep 2025 09:40:11 +0000 ROA not before: Wed 10 Sep 2025 09:35:11 +0000 ROA not after: Wed 09 Sep 2026 09:40:11 +0000 asID: 214955 IP address blocks: 2a14:7583:f705::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/702B79B445330AC21D237308277A4472598CE771.crl rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/702B79B445330AC21D237308277A4472598CE771.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/702B79B445330AC21D237308277A4472598CE771.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Sep 2025 03:55:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:1f:6f:86:a2:97:ec:83:19:55:90:ab:24:76:83:77:79:44:8f:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=702B79B445330AC21D237308277A4472598CE771 Validity Not Before: Sep 10 09:35:11 2025 GMT Not After : Sep 9 09:40:11 2026 GMT Subject: CN=D7976ADB49B46DC83DEA7CC66599BB2A9BCC7203 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:80:ea:18:4b:5b:9f:a1:d7:0f:b2:50:8d:5f:86: 49:5a:9b:2f:73:a5:7a:34:6d:5a:3b:ae:d7:6b:1d: 60:13:a7:e8:f4:78:f6:38:30:3a:f5:30:43:56:db: 93:e9:78:02:da:0f:d2:94:bc:3d:5c:ab:c9:d4:98: 5f:dd:ae:43:36:5e:44:b9:48:b2:a8:ec:d8:5c:26: 44:8c:57:b0:56:0a:6f:63:db:4c:87:b7:53:51:c4: 56:f4:f7:dd:3b:8e:7d:ca:7f:5f:23:c3:d5:9c:2a: 28:79:b1:a1:28:8b:3b:e2:e5:4c:d7:d2:d4:ad:78: d9:6c:34:ac:c2:43:3a:66:ab:81:ea:2b:f2:21:56: 41:3d:ed:88:9d:e8:80:69:2c:4a:13:b7:68:e7:ac: 8c:27:95:15:68:2b:27:cb:fa:1a:a8:34:7c:28:11: e5:4a:70:4d:42:d8:36:77:ac:55:80:16:21:40:94: 22:63:50:c1:b5:65:a1:85:07:88:c4:de:e8:f9:a4: 96:f2:0f:1e:c0:f2:09:6c:a9:80:7a:58:7d:c5:4e: c2:00:fd:58:98:e8:85:5b:00:31:98:f9:99:91:b5: e7:e9:9e:c1:47:30:e9:46:1e:62:d1:70:5f:c3:08: 18:7e:19:3e:c4:8f:95:ed:5e:95:d6:7b:bd:88:9b: a5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:97:6A:DB:49:B4:6D:C8:3D:EA:7C:C6:65:99:BB:2A:9B:CC:72:03 X509v3 Authority Key Identifier: keyid:70:2B:79:B4:45:33:0A:C2:1D:23:73:08:27:7A:44:72:59:8C:E7:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/702B79B445330AC21D237308277A4472598CE771.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/702B79B445330AC21D237308277A4472598CE771.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/1/326131343a373538333a663730353a3a2f34382d3438203d3e20323134393535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:f705::/48 Signature Algorithm: sha256WithRSAEncryption 9f:05:ac:6d:17:7e:b9:cc:01:8f:ab:40:0a:c3:41:77:9c:b8: 04:b4:aa:f8:38:69:b9:fd:b3:fa:3f:13:df:e7:8b:be:c1:af: 16:3b:5a:1d:06:8d:9b:14:9b:0c:0c:4e:44:e5:76:ad:41:c8: 60:04:da:87:4f:ca:a9:7a:1c:39:c1:46:7c:88:1d:92:f4:1c: d5:43:d0:7e:3e:5e:2c:88:15:0f:0e:c8:00:5b:b8:b1:aa:15: dd:61:d8:d6:01:44:2c:c8:aa:b8:4b:95:5a:26:3c:cc:65:eb: 47:c1:c1:96:0b:27:30:74:eb:ab:b5:3d:47:2f:d0:b9:7d:62: 7e:04:bf:2a:03:49:54:0e:89:ce:89:f4:5f:2d:4b:b9:43:bf: 13:44:6a:31:6e:f4:e6:54:bb:9d:da:73:03:ca:b5:fd:50:4e: ff:62:83:22:27:60:a4:66:ad:2e:0d:f2:c5:54:3d:b6:38:b6: 32:59:32:88:9c:9c:97:39:96:cc:c2:3a:ba:d5:0f:4c:32:fb: 7a:8f:5e:b9:42:a3:a6:f8:68:83:91:fa:00:ea:66:5c:bc:ea: 7e:34:bc:4d:49:ed:03:68:53:d9:ee:d5:2b:f9:3b:17:51:60: f8:13:79:4b:93:c9:92:1d:54:30:f3:35:30:7f:01:93:82:3e: 5e:24:62:82 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUNh9vhqKX7IMZVZCrJHaDd3lEj3cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzAyQjc5QjQ0NTMzMEFDMjFEMjM3MzA4Mjc3QTQ0NzI1 OThDRTc3MTAeFw0yNTA5MTAwOTM1MTFaFw0yNjA5MDkwOTQwMTFaMDMxMTAvBgNV BAMTKEQ3OTc2QURCNDlCNDZEQzgzREVBN0NDNjY1OTlCQjJBOUJDQzcyMDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCA6hhLW5+h1w+yUI1fhklamy9z pXo0bVo7rtdrHWATp+j0ePY4MDr1MENW25PpeALaD9KUvD1cq8nUmF/drkM2XkS5 SLKo7NhcJkSMV7BWCm9j20yHt1NRxFb09907jn3Kf18jw9WcKih5saEoizvi5UzX 0tSteNlsNKzCQzpmq4HqK/IhVkE97Yid6IBpLEoTt2jnrIwnlRVoKyfL+hqoNHwo EeVKcE1C2DZ3rFWAFiFAlCJjUMG1ZaGFB4jE3uj5pJbyDx7A8glsqYB6WH3FTsIA /ViY6IVbADGY+ZmRtefpnsFHMOlGHmLRcF/DCBh+GT7Ej5XtXpXWe72Im6WfAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU15dq20m0bcg96nzGZZm7KpvMcgMwHwYDVR0j BBgwFoAUcCt5tEUzCsIdI3MIJ3pEclmM53EwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvM2Y5OWU2NmQtNGM3Yi00MTMwLTkxZDUtNGZiZDg0MzU3 NzkyLzEvNzAyQjc5QjQ0NTMzMEFDMjFEMjM3MzA4Mjc3QTQ0NzI1OThDRTc3MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC83MDJCNzlCNDQ1MzMwQUMyMUQyMzczMDgy NzdBNDQ3MjU5OENFNzcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8zZjk5ZTY2ZC00YzdiLTQxMzAtOTFkNS00ZmJkODQzNTc3OTIvMS8zMjYxMzEz NDNhMzczNTM4MzMzYTY2MzczMDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzkzNTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1g/cFMA0GCSqGSIb3DQEBCwUAA4IBAQCf BaxtF365zAGPq0AKw0F3nLgEtKr4OGm5/bP6PxPf54u+wa8WO1odBo2bFJsMDE5E 5XatQchgBNqHT8qpehw5wUZ8iB2S9BzVQ9B+Pl4siBUPDsgAW7ixqhXdYdjWAUQs yKq4S5VaJjzMZetHwcGWCycwdOurtT1HL9C5fWJ+BL8qA0lUDonOifRfLUu5Q78T RGoxbvTmVLud2nMDyrX9UE7/YoMiJ2CkZq0uDfLFVD22OLYyWTKInJyXOZbMwjq6 1Q9MMvt6j165QqOm+GiDkfoA6mZcvOp+NLxNSe0DaFPZ7tUr+TsXUWD4E3lLk8mS HVQw8zUwfwGTgj5eJGKC -----END CERTIFICATE-----Generated at Mon Sep 15 19:30:16 2025 by rpki-client