$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa File: 326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa (raw, json) Hash identifier: 2LuyqKKWcdoqL1q9FKGl+zX6qwvAs9rBA48b+Sgpn8w= Subject key identifier: 5C:E0:BE:4A:55:D8:E8:53:E5:A9:F0:18:44:C1:F2:FD:5F:23:74:52 Certificate issuer: /CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Certificate serial: 64831404F816B5745431295B374C03DB3F6D5906 Authority key identifier: 3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa Signing time: Sat 01 Mar 2025 17:56:38 +0000 ROA not before: Sat 01 Mar 2025 17:51:38 +0000 ROA not after: Sat 28 Feb 2026 17:56:38 +0000 asID: 212516 IP address blocks: 2a14:7584:4f00::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 06 Apr 2025 09:55:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:83:14:04:f8:16:b5:74:54:31:29:5b:37:4c:03:db:3f:6d:59:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Validity Not Before: Mar 1 17:51:38 2025 GMT Not After : Feb 28 17:56:38 2026 GMT Subject: CN=5CE0BE4A55D8E853E5A9F01844C1F2FD5F237452 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:9e:e4:36:7a:92:9c:a0:a4:11:3c:c4:9f:a6: 10:12:bf:c8:fe:01:63:24:08:25:24:66:9c:ef:cd: 8c:8b:d1:9d:c6:7e:67:d8:ac:a3:36:b9:a8:8a:2d: 6f:ec:b5:3d:de:43:f2:3c:57:46:40:bd:fd:d3:cf: dc:05:16:21:19:27:9f:1c:20:1d:b6:d7:8e:63:84: 04:c1:02:d6:c1:ab:23:b8:ae:0c:a0:f9:ef:b9:9c: 38:bf:9f:df:62:4a:02:4f:94:76:b8:9f:2d:a7:71: dd:b1:41:08:bf:cd:4a:bd:48:88:94:54:0d:74:f4: fb:4f:cb:1c:7d:7e:3e:f0:17:7f:99:18:c0:ef:64: d6:b7:93:97:63:cc:fb:a8:58:86:00:c9:3e:87:c4: 1d:06:37:1e:aa:8d:0b:67:2b:fe:75:8a:e4:ad:95: dd:ab:c6:76:01:c0:99:49:c1:c5:c7:04:d6:31:7e: 0f:8b:9d:ae:77:72:7d:6c:0b:54:46:c7:93:4e:ab: d1:6e:ae:99:c5:77:dc:15:7e:d2:31:8d:46:46:df: ff:f8:dc:96:13:d1:39:b3:cb:3d:2d:cd:22:58:ad: 5c:24:3e:35:5c:c4:bb:97:85:8b:2d:6a:94:f8:0b: 15:6f:75:3c:92:93:fd:62:99:a1:51:64:77:59:13: d3:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:E0:BE:4A:55:D8:E8:53:E5:A9:F0:18:44:C1:F2:FD:5F:23:74:52 X509v3 Authority Key Identifier: keyid:3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346630303a3a2f34302d3430203d3e20323132353136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4f00::/40 Signature Algorithm: sha256WithRSAEncryption 4f:40:ca:07:1b:fb:b8:10:38:4b:f6:26:fa:c5:7c:ae:af:0e: 19:53:25:58:f1:4f:b6:f3:be:7d:b2:25:23:5a:d8:9c:e3:bd: 29:aa:de:e1:e7:e2:4d:55:06:32:e4:8f:7f:00:9a:a2:ff:c7: bd:61:44:33:37:2e:05:5a:9a:29:75:51:0a:69:8d:77:06:fb: ef:30:aa:d8:f0:fa:09:af:ef:2a:b9:2d:bd:82:ef:44:45:f8: 6e:7b:ea:32:24:ad:aa:4e:15:6b:01:6b:a2:1b:06:00:30:3b: ab:b4:03:39:4c:30:45:c6:aa:ee:a3:fb:f2:61:75:c0:92:c4: 00:d7:af:7a:b4:01:d2:2b:0d:96:4e:65:02:e7:28:09:59:0e: f4:b6:9d:f1:a3:3c:ed:80:70:58:08:60:8b:62:2d:36:52:a7: e8:c8:8c:a8:88:bd:af:03:19:0c:e9:33:22:0d:ff:8b:85:6f: a7:db:1b:e2:68:5d:2f:3c:54:55:ca:45:a9:39:49:31:3e:8a: 1d:25:65:6b:06:90:1b:d1:12:3a:fd:3a:02:cd:c0:3a:11:d6: ae:1e:ae:17:77:00:7c:b3:a1:ac:63:94:6d:1e:43:7f:bc:c9: 3c:79:77:68:4e:79:24:50:8e:78:8d:23:db:e7:0e:ef:f2:75: d9:f4:25:9b -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUZIMUBPgWtXRUMSlbN0wD2z9tWQYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4 MkExMjJFMzAeFw0yNTAzMDExNzUxMzhaFw0yNjAyMjgxNzU2MzhaMDMxMTAvBgNV BAMTKDVDRTBCRTRBNTVEOEU4NTNFNUE5RjAxODQ0QzFGMkZENUYyMzc0NTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpnuQ2epKcoKQRPMSfphASv8j+ AWMkCCUkZpzvzYyL0Z3GfmfYrKM2uaiKLW/stT3eQ/I8V0ZAvf3Tz9wFFiEZJ58c IB22145jhATBAtbBqyO4rgyg+e+5nDi/n99iSgJPlHa4ny2ncd2xQQi/zUq9SIiU VA109PtPyxx9fj7wF3+ZGMDvZNa3k5djzPuoWIYAyT6HxB0GNx6qjQtnK/51iuSt ld2rxnYBwJlJwcXHBNYxfg+Lna53cn1sC1RGx5NOq9FurpnFd9wVftIxjUZG3//4 3JYT0Tmzyz0tzSJYrVwkPjVcxLuXhYstapT4CxVvdTySk/1imaFRZHdZE9MRAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUXOC+SlXY6FPlqfAYRMHy/V8jdFIwHwYDVR0j BBgwFoAUOjvhTQho455D4ntYVnbfW4KhIuMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzEvM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4MkExMjJFMy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zQTNCRTE0RDA4NjhFMzlFNDNFMjdCNTg1 Njc2REY1QjgyQTEyMkUzLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTM0NjYzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz MTMyMzUzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1hE8wDQYJKoZIhvcNAQELBQADggEBAE9A ygcb+7gQOEv2JvrFfK6vDhlTJVjxT7bzvn2yJSNa2JzjvSmq3uHn4k1VBjLkj38A mqL/x71hRDM3LgVamil1UQppjXcG++8wqtjw+gmv7yq5Lb2C70RF+G576jIkrapO FWsBa6IbBgAwO6u0AzlMMEXGqu6j+/JhdcCSxADXr3q0AdIrDZZOZQLnKAlZDvS2 nfGjPO2AcFgIYItiLTZSp+jIjKiIva8DGQzpMyIN/4uFb6fbG+JoXS88VFXKRak5 STE+ih0lZWsGkBvREjr9OgLNwDoR1q4erhd3AHyzoaxjlG0eQ3+8yTx5d2hOeSRQ jniNI9vnDu/yddn0JZs= -----END CERTIFICATE-----Generated at Sat Apr 5 23:16:49 2025 by rpki-client