$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a343830303a3a2f34382d3438203d3e20323131333538.roa File: 326131343a373538343a343830303a3a2f34382d3438203d3e20323131333538.roa (raw, json) Hash identifier: 5+vQb6lOPVb905YmSSgsG+hU/u4KZQA5Mhi2G2NVX+8= Subject key identifier: 0F:6E:98:47:19:9B:7E:8F:05:4D:A3:73:2C:6D:81:7A:08:91:74:09 Certificate issuer: /CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Certificate serial: 100BEE0318D0B7D21398E07D006228BD9848E50F Authority key identifier: 3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a343830303a3a2f34382d3438203d3e20323131333538.roa Signing time: Sat 22 Mar 2025 20:23:03 +0000 ROA not before: Sat 22 Mar 2025 20:18:03 +0000 ROA not after: Sat 21 Mar 2026 20:23:03 +0000 asID: 211358 IP address blocks: 2a14:7584:4800::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 07 Apr 2025 05:26:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:0b:ee:03:18:d0:b7:d2:13:98:e0:7d:00:62:28:bd:98:48:e5:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Validity Not Before: Mar 22 20:18:03 2025 GMT Not After : Mar 21 20:23:03 2026 GMT Subject: CN=0F6E9847199B7E8F054DA3732C6D817A08917409 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:fa:94:3c:c1:79:6c:5a:c0:5f:6e:7e:c2:06: 11:61:ad:1c:1c:2b:75:d2:24:36:0a:fe:53:03:d5: 4b:b4:31:16:4b:41:a8:0d:85:c3:3e:84:6b:d2:0c: 0b:4b:57:de:98:ff:82:e7:11:92:13:41:89:03:a6: a6:b6:27:3e:21:88:d3:49:df:99:5f:1c:bf:90:1d: 35:16:22:51:cb:14:3c:2a:b2:4a:ed:c4:7d:b6:7f: fe:57:a6:b1:b7:5a:e9:71:c4:cb:74:20:19:9a:83: 67:24:96:8a:1d:3a:d6:3e:cf:a6:09:8d:e5:df:84: f5:19:fa:f9:17:56:8b:96:ed:70:0a:8f:ac:b7:93: 63:16:4a:62:8a:f7:7e:92:47:8b:cc:78:71:71:a1: 73:90:d3:1c:0d:51:39:3a:fb:b4:fd:24:aa:2f:c0: 7f:38:e2:87:37:af:22:20:04:08:0d:00:c5:8c:8d: 96:c3:62:5a:ef:95:3c:ed:4f:09:5e:00:7f:0d:a5: 69:1c:0a:ae:6a:f7:13:b8:bf:30:27:86:e0:c7:90: 90:18:44:90:39:64:a0:de:55:cc:13:81:31:b8:3f: 27:1f:7d:2a:88:74:95:c1:a4:10:a7:cd:eb:7a:58: 94:c9:36:19:e1:71:23:0f:9c:29:5a:f7:ab:60:b7: 28:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:6E:98:47:19:9B:7E:8F:05:4D:A3:73:2C:6D:81:7A:08:91:74:09 X509v3 Authority Key Identifier: keyid:3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a343830303a3a2f34382d3438203d3e20323131333538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4800::/48 Signature Algorithm: sha256WithRSAEncryption c6:08:db:0e:82:33:33:3b:d2:68:80:be:cd:72:04:4b:b0:55: a6:2a:8f:c1:36:65:49:e4:72:77:ae:d5:39:7d:68:7c:20:60: 43:79:fa:51:36:e5:6e:ef:70:44:54:c6:6c:04:f4:d0:38:86: 92:02:6e:70:fb:d2:9e:78:03:70:34:3b:97:83:e6:23:cd:fb: 70:ee:04:ae:64:96:97:0e:44:dc:fa:4c:f9:36:50:36:80:83: 94:a7:68:59:a7:a7:e3:b5:ca:36:3b:e3:bc:d4:3e:98:62:16: d3:d3:38:ac:ad:d4:40:e8:b3:fc:11:4e:13:d8:84:f5:f5:1a: 13:ac:1a:bd:d4:4a:aa:7e:8e:4a:62:3b:d5:28:bf:0a:5a:61: b2:7d:5a:75:8f:e5:9a:8c:ab:f9:f2:a0:42:67:76:2e:c3:42: 6a:db:08:81:d4:fa:9c:76:5d:92:39:71:ea:f7:3f:0b:a7:59: 45:57:6c:65:3d:94:a2:d5:9e:f8:72:a0:bd:4c:62:ac:80:30: b5:c2:2f:ee:e1:51:da:a5:14:56:55:03:9b:85:e4:71:98:d5: 59:4b:48:6d:c2:39:b0:79:a0:ec:d9:fe:1f:40:f2:6a:2f:93: 01:d2:bb:c3:6c:01:de:aa:06:b2:6b:c7:4b:ae:32:6c:f2:7a: 55:02:d2:52 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUEAvuAxjQt9ITmOB9AGIovZhI5Q8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4 MkExMjJFMzAeFw0yNTAzMjIyMDE4MDNaFw0yNjAzMjEyMDIzMDNaMDMxMTAvBgNV BAMTKDBGNkU5ODQ3MTk5QjdFOEYwNTREQTM3MzJDNkQ4MTdBMDg5MTc0MDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG+pQ8wXlsWsBfbn7CBhFhrRwc K3XSJDYK/lMD1Uu0MRZLQagNhcM+hGvSDAtLV96Y/4LnEZITQYkDpqa2Jz4hiNNJ 35lfHL+QHTUWIlHLFDwqskrtxH22f/5XprG3WulxxMt0IBmag2ckloodOtY+z6YJ jeXfhPUZ+vkXVouW7XAKj6y3k2MWSmKK936SR4vMeHFxoXOQ0xwNUTk6+7T9JKov wH844oc3ryIgBAgNAMWMjZbDYlrvlTztTwleAH8NpWkcCq5q9xO4vzAnhuDHkJAY RJA5ZKDeVcwTgTG4PycffSqIdJXBpBCnzet6WJTJNhnhcSMPnCla96tgtyjVAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUD26YRxmbfo8FTaNzLG2BegiRdAkwHwYDVR0j BBgwFoAUOjvhTQho455D4ntYVnbfW4KhIuMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzEvM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4MkExMjJFMy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zQTNCRTE0RDA4NjhFMzlFNDNFMjdCNTg1 Njc2REY1QjgyQTEyMkUzLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTM0MzgzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTMxMzMzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1hEgAMA0GCSqGSIb3DQEBCwUAA4IBAQDG CNsOgjMzO9JogL7NcgRLsFWmKo/BNmVJ5HJ3rtU5fWh8IGBDefpRNuVu73BEVMZs BPTQOIaSAm5w+9KeeANwNDuXg+Yjzftw7gSuZJaXDkTc+kz5NlA2gIOUp2hZp6fj tco2O+O81D6YYhbT0zisrdRA6LP8EU4T2IT19RoTrBq91Eqqfo5KYjvVKL8KWmGy fVp1j+WajKv58qBCZ3Yuw0Jq2wiB1Pqcdl2SOXHq9z8Lp1lFV2xlPZSi1Z74cqC9 TGKsgDC1wi/u4VHapRRWVQObheRxmNVZS0htwjmweaDs2f4fQPJqL5MB0rvDbAHe qgaya8dLrjJs8npVAtJS -----END CERTIFICATE-----Generated at Sun Apr 6 17:46:59 2025 by rpki-client