$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/5/326130613a363034343a386666633a3a2f34382d3438203d3e203331383938.roa File: 326130613a363034343a386666633a3a2f34382d3438203d3e203331383938.roa (raw, json) Hash identifier: CTStzL4XbpBzdiPo/k9GT6LN/2SBVWE37f9B3UyCq40= Subject key identifier: BF:4F:9F:51:DE:A8:C9:97:BF:8C:52:47:2B:06:45:05:7D:3A:B3:A3 Certificate issuer: /CN=7C4E2571D39535EB83B4BDD4E4668A2D2C177631 Certificate serial: 72845F57FC431BD154F5D15CD910712A9A271DDB Authority key identifier: 7C:4E:25:71:D3:95:35:EB:83:B4:BD:D4:E4:66:8A:2D:2C:17:76:31 Authority info access: rsync://krill.47272.net/repo/HYEHOST/5/7C4E2571D39535EB83B4BDD4E4668A2D2C177631.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/5/326130613a363034343a386666633a3a2f34382d3438203d3e203331383938.roa Signing time: Fri 04 Jul 2025 10:19:19 +0000 ROA not before: Fri 04 Jul 2025 10:14:19 +0000 ROA not after: Fri 03 Jul 2026 10:19:19 +0000 asID: 31898 IP address blocks: 2a0a:6044:8ffc::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/5/7C4E2571D39535EB83B4BDD4E4668A2D2C177631.crl rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/5/7C4E2571D39535EB83B4BDD4E4668A2D2C177631.mft rsync://krill.47272.net/repo/HYEHOST/5/7C4E2571D39535EB83B4BDD4E4668A2D2C177631.cer rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 21:20:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:84:5f:57:fc:43:1b:d1:54:f5:d1:5c:d9:10:71:2a:9a:27:1d:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7C4E2571D39535EB83B4BDD4E4668A2D2C177631 Validity Not Before: Jul 4 10:14:19 2025 GMT Not After : Jul 3 10:19:19 2026 GMT Subject: CN=BF4F9F51DEA8C997BF8C52472B0645057D3AB3A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:77:64:9e:40:b3:f2:f2:53:4b:b6:a1:0b:16: 09:2f:0e:03:af:2d:c5:d4:6f:ba:b6:cb:b5:7e:79: 40:4b:de:b1:97:18:df:1e:11:14:1c:5d:57:93:1a: a9:61:fc:a9:6f:eb:5f:ba:8f:fc:62:ca:e5:46:fe: b4:c4:ec:6e:66:0a:e2:5c:82:69:3e:7b:08:91:d2: 25:4e:15:3b:55:fd:e6:9d:8c:a9:6d:5d:06:ae:e9: 6a:d6:19:72:5e:83:cb:d1:fb:a8:b1:f8:10:d1:d8: f1:11:b6:f3:79:18:93:87:86:2e:b3:d8:0a:83:4c: 0d:55:d9:e5:48:c3:52:cc:70:27:16:d9:52:35:74: bd:a0:35:61:f9:92:7d:07:24:bc:f5:86:09:06:31: 27:b8:9f:8f:67:89:c8:49:8d:a0:a8:9a:dd:29:0c: 81:8d:40:53:24:36:ab:2a:5b:bc:4a:28:08:63:42: e6:4f:9d:23:a0:ab:95:21:72:16:ef:f8:fd:31:69: ed:c3:d7:f2:b6:b7:e8:66:31:10:5d:72:b1:b9:85: 8b:de:55:e9:b8:56:d3:86:a6:c3:1e:38:21:1b:3c: 95:d2:ca:12:2c:3d:f0:09:41:b0:7a:50:46:80:db: 64:3a:a3:de:a2:c9:31:93:63:8e:57:59:4b:48:37: 4e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:4F:9F:51:DE:A8:C9:97:BF:8C:52:47:2B:06:45:05:7D:3A:B3:A3 X509v3 Authority Key Identifier: keyid:7C:4E:25:71:D3:95:35:EB:83:B4:BD:D4:E4:66:8A:2D:2C:17:76:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/5/7C4E2571D39535EB83B4BDD4E4668A2D2C177631.crl Authority Information Access: CA Issuers - URI:rsync://krill.47272.net/repo/HYEHOST/5/7C4E2571D39535EB83B4BDD4E4668A2D2C177631.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/5/326130613a363034343a386666633a3a2f34382d3438203d3e203331383938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6044:8ffc::/48 Signature Algorithm: sha256WithRSAEncryption 85:6a:c3:80:c0:e8:0d:01:b0:7e:84:58:cb:c8:ea:33:f2:c6: 5b:5c:e7:80:0d:22:bd:df:f3:5e:f6:5c:e4:a0:70:ec:75:4b: 3b:a7:03:70:9d:6f:95:00:02:87:d3:9d:b2:a4:9e:12:d2:ad: b2:b4:f1:41:77:3a:22:25:59:6e:70:2f:d5:0c:a8:12:f3:39: 0a:ae:fe:1e:d1:aa:03:bd:9c:5d:fe:ea:0a:0e:25:39:02:53: 2f:ec:00:6a:42:4e:c0:78:b2:81:a7:89:7f:0c:8e:ee:f3:c5: 59:ea:4f:63:8a:5a:c9:12:e4:0b:39:34:20:34:96:ec:e3:9a: fc:48:1f:a6:9d:69:6d:77:d8:03:a4:b5:24:1e:0c:99:ec:83: a1:1d:74:c2:92:63:a0:e8:98:3f:8c:8d:df:a3:3e:85:ad:a0: da:5f:7c:43:4e:df:96:c0:fb:f0:e5:0a:30:0e:6f:23:8f:db: 64:3d:e9:44:26:e3:61:99:e1:01:0e:d7:b4:82:a2:5b:ba:22: 31:e6:76:6a:52:87:b6:73:ff:e1:f9:2e:d6:b0:4e:0d:46:49: 8e:db:65:8b:fe:58:bc:30:6e:c7:c9:04:31:b6:2f:52:09:31: 01:79:ec:dd:4e:44:ed:c5:f0:56:c3:65:e7:f2:75:69:ef:b9: b2:e8:1e:b8 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgIUcoRfV/xDG9FU9dFc2RBxKponHdswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0M0RTI1NzFEMzk1MzVFQjgzQjRCREQ0RTQ2NjhBMkQy QzE3NzYzMTAeFw0yNTA3MDQxMDE0MTlaFw0yNjA3MDMxMDE5MTlaMDMxMTAvBgNV BAMTKEJGNEY5RjUxREVBOEM5OTdCRjhDNTI0NzJCMDY0NTA1N0QzQUIzQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjd2SeQLPy8lNLtqELFgkvDgOv LcXUb7q2y7V+eUBL3rGXGN8eERQcXVeTGqlh/Klv61+6j/xiyuVG/rTE7G5mCuJc gmk+ewiR0iVOFTtV/eadjKltXQau6WrWGXJeg8vR+6ix+BDR2PERtvN5GJOHhi6z 2AqDTA1V2eVIw1LMcCcW2VI1dL2gNWH5kn0HJLz1hgkGMSe4n49nichJjaComt0p DIGNQFMkNqsqW7xKKAhjQuZPnSOgq5Uhchbv+P0xae3D1/K2t+hmMRBdcrG5hYve Vem4VtOGpsMeOCEbPJXSyhIsPfAJQbB6UEaA22Q6o96iyTGTY45XWUtIN051AgMB AAGjggJTMIICTzAdBgNVHQ4EFgQUv0+fUd6oyZe/jFJHKwZFBX06s6MwHwYDVR0j BBgwFoAUfE4lcdOVNeuDtL3U5GaKLSwXdjEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNDkxYTQzYmMtNzZlYy00YWJlLWJhN2QtZTczZTkwZDY2 MmNiLzUvN0M0RTI1NzFEMzk1MzVFQjgzQjRCREQ0RTQ2NjhBMkQyQzE3NzYzMS5j cmwwbwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL2tyaWxsLjQ3 MjcyLm5ldC9yZXBvL0hZRUhPU1QvNS83QzRFMjU3MUQzOTUzNUVCODNCNEJERDRF NDY2OEEyRDJDMTc3NjMxLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS80OTFhNDNiYy03NmVjLTRhYmUtYmE3ZC1lNzNlOTBkNjYyY2IvNS8zMjYxMzA2 MTNhMzYzMDM0MzQzYTM4NjY2NjYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzMz MTM4MzkzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoKYESP/DANBgkqhkiG9w0BAQsFAAOCAQEAhWrD gMDoDQGwfoRYy8jqM/LGW1zngA0ivd/zXvZc5KBw7HVLO6cDcJ1vlQACh9OdsqSe EtKtsrTxQXc6IiVZbnAv1QyoEvM5Cq7+HtGqA72cXf7qCg4lOQJTL+wAakJOwHiy gaeJfwyO7vPFWepPY4payRLkCzk0IDSW7OOa/Egfpp1pbXfYA6S1JB4MmeyDoR10 wpJjoOiYP4yN36M+ha2g2l98Q07flsD78OUKMA5vI4/bZD3pRCbjYZnhAQ7XtIKi W7oiMeZ2alKHtnP/4fku1rBODUZJjttli/5YvDBux8kEMbYvUgkxAXns3U5E7cXw VsNl5/J1ae+5sugeuA== -----END CERTIFICATE-----Generated at Sat Jul 5 11:43:15 2025 by rpki-client