$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a343030303a3a2f33362d3438203d3e20323132353136.roa File: 326131343a373538343a343030303a3a2f33362d3438203d3e20323132353136.roa (raw, json) Hash identifier: 680SqDiYoq7HVpXkjaThtDMCA8zZT5AGhLNMwTkLjLA= Subject key identifier: E4:29:34:0F:39:C3:04:3F:32:71:F1:EE:89:C1:BB:F2:EB:6B:A4:1E Certificate issuer: /CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Certificate serial: 31B62B99DD057FAFE5D42A4EA592BAF57B9A69D4 Authority key identifier: 3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a343030303a3a2f33362d3438203d3e20323132353136.roa Signing time: Mon 09 Dec 2024 08:48:40 +0000 ROA not before: Mon 09 Dec 2024 08:43:40 +0000 ROA not after: Mon 08 Dec 2025 08:48:40 +0000 asID: 212516 IP address blocks: 2a14:7584:4000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Feb 2025 11:05:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:b6:2b:99:dd:05:7f:af:e5:d4:2a:4e:a5:92:ba:f5:7b:9a:69:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Validity Not Before: Dec 9 08:43:40 2024 GMT Not After : Dec 8 08:48:40 2025 GMT Subject: CN=E429340F39C3043F3271F1EE89C1BBF2EB6BA41E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:bd:dc:90:b3:95:05:28:4d:bd:12:a2:9e:90: 4d:c2:ff:82:6d:e2:1c:44:84:b6:b5:3d:37:bc:19: eb:80:08:16:e9:c7:84:71:bc:43:44:25:7b:26:48: 72:bc:01:3f:c8:ee:7d:46:00:39:95:7b:2f:6d:88: e0:6c:a9:ed:50:1a:92:96:69:56:fc:b1:33:dd:54: 29:ff:3c:c5:f8:76:92:8e:5e:ed:98:b4:ed:cd:92: 06:fa:81:b3:89:81:bd:11:fe:42:6d:3e:ff:81:eb: ea:ee:d8:3a:a8:6a:2e:f6:88:b4:09:aa:08:3e:3b: f2:bc:0e:8b:e4:62:58:db:a4:9c:1c:61:91:83:cc: 99:63:08:8d:48:39:23:a6:fb:88:20:15:88:08:f1: d1:19:cf:49:1a:9c:fe:8e:7c:17:31:d9:aa:4c:b6: d0:df:45:ce:90:ce:62:d0:82:fe:63:3e:8d:49:1d: 60:13:5a:82:ea:57:b3:3e:87:4b:ac:9c:08:1b:b9: 6f:ac:0d:87:de:fd:8b:f5:35:ee:7a:3d:22:c1:85: 9b:60:e0:f2:d6:64:16:85:f3:c2:54:40:77:b0:bb: 22:e3:3d:13:08:ac:29:5a:6e:69:03:c9:c3:ff:f7: 52:ab:18:a3:7d:de:a7:d2:32:3b:0d:aa:08:f7:b9: 29:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:29:34:0F:39:C3:04:3F:32:71:F1:EE:89:C1:BB:F2:EB:6B:A4:1E X509v3 Authority Key Identifier: keyid:3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a343030303a3a2f33362d3438203d3e20323132353136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4000::/36 Signature Algorithm: sha256WithRSAEncryption ac:4d:16:08:38:e5:5f:cd:90:be:9c:66:12:68:2a:7d:52:1b: 3c:b9:90:c5:98:67:65:95:eb:84:01:07:19:33:64:8c:c9:b2: f3:ae:9a:48:d2:af:32:6c:8f:9d:44:ef:53:57:0a:74:d8:f4: 00:7a:4e:cb:cc:5b:24:cd:51:d3:a7:d0:24:8c:84:c4:cf:39: fb:d5:33:d4:b0:28:e8:62:85:b6:3c:e7:31:98:3d:40:af:3a: dd:ef:e4:13:4a:1c:01:52:84:31:4c:86:4b:69:c5:33:af:d0: f2:2f:da:1f:79:1d:7d:6c:45:df:0c:03:9e:68:c0:f5:e4:6e: ee:10:69:7f:2d:e0:2d:a1:d6:76:aa:34:82:ad:bf:71:1a:2e: cf:62:a9:07:c6:06:ba:31:e6:b8:0b:ea:c4:b5:7b:b9:28:14: 62:43:93:97:6e:ed:c9:3c:06:d3:ee:dc:14:70:ae:a4:b7:d2: 5e:e4:8e:88:13:88:b2:61:8f:16:cc:30:e2:7e:94:d3:8e:90: dd:20:e2:55:07:02:40:68:ec:6a:30:8a:3c:59:ad:74:93:ac: 3f:97:58:5b:32:24:98:68:78:ca:d8:4c:94:97:82:44:50:47: 5b:ad:fd:bb:c8:1d:70:3d:5f:65:4c:ce:7a:6f:48:9d:2c:6c: 57:11:54:2c -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUMbYrmd0Ff6/l1CpOpZK69XuaadQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4 MkExMjJFMzAeFw0yNDEyMDkwODQzNDBaFw0yNTEyMDgwODQ4NDBaMDMxMTAvBgNV BAMTKEU0MjkzNDBGMzlDMzA0M0YzMjcxRjFFRTg5QzFCQkYyRUI2QkE0MUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZvdyQs5UFKE29EqKekE3C/4Jt 4hxEhLa1PTe8GeuACBbpx4RxvENEJXsmSHK8AT/I7n1GADmVey9tiOBsqe1QGpKW aVb8sTPdVCn/PMX4dpKOXu2YtO3Nkgb6gbOJgb0R/kJtPv+B6+ru2Dqoai72iLQJ qgg+O/K8DovkYljbpJwcYZGDzJljCI1IOSOm+4ggFYgI8dEZz0kanP6OfBcx2apM ttDfRc6QzmLQgv5jPo1JHWATWoLqV7M+h0usnAgbuW+sDYfe/Yv1Ne56PSLBhZtg 4PLWZBaF88JUQHewuyLjPRMIrClabmkDycP/91KrGKN93qfSMjsNqgj3uSmhAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQU5Ck0DznDBD8ycfHuicG78utrpB4wHwYDVR0j BBgwFoAUOjvhTQho455D4ntYVnbfW4KhIuMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzEvM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4MkExMjJFMy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zQTNCRTE0RDA4NjhFMzlFNDNFMjdCNTg1 Njc2REY1QjgyQTEyMkUzLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTM0MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz MTMyMzUzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1hEAwDQYJKoZIhvcNAQELBQADggEBAKxN Fgg45V/NkL6cZhJoKn1SGzy5kMWYZ2WV64QBBxkzZIzJsvOumkjSrzJsj51E71NX CnTY9AB6TsvMWyTNUdOn0CSMhMTPOfvVM9SwKOhihbY85zGYPUCvOt3v5BNKHAFS hDFMhktpxTOv0PIv2h95HX1sRd8MA55owPXkbu4QaX8t4C2h1naqNIKtv3EaLs9i qQfGBrox5rgL6sS1e7koFGJDk5du7ck8BtPu3BRwrqS30l7kjogTiLJhjxbMMOJ+ lNOOkN0g4lUHAkBo7GowijxZrXSTrD+XWFsyJJhoeMrYTJSXgkRQR1ut/bvIHXA9 X2VMznpvSJ0sbFcRVCw= -----END CERTIFICATE-----Generated at Wed Feb 5 16:47:53 2025 by rpki-client