$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346662653a3a2f34382d3438203d3e2036353137.roa File: 326131343a373538343a346662653a3a2f34382d3438203d3e2036353137.roa (raw, json) Hash identifier: xptTc8UfiLJf//oV4oJOzWfdwqREpi/ly50X2yQ1eVw= Subject key identifier: 37:E8:13:B6:2A:89:6D:A9:95:67:1E:00:96:49:20:EC:09:33:5B:6A Certificate issuer: /CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Certificate serial: 0D76723F0AA34E12AE327A2A80DC42564E167211 Authority key identifier: 3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346662653a3a2f34382d3438203d3e2036353137.roa Signing time: Thu 23 Jan 2025 14:46:40 +0000 ROA not before: Thu 23 Jan 2025 14:41:40 +0000 ROA not after: Thu 22 Jan 2026 14:46:40 +0000 asID: 6517 IP address blocks: 2a14:7584:4fbe::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Feb 2025 11:05:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:76:72:3f:0a:a3:4e:12:ae:32:7a:2a:80:dc:42:56:4e:16:72:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Validity Not Before: Jan 23 14:41:40 2025 GMT Not After : Jan 22 14:46:40 2026 GMT Subject: CN=37E813B62A896DA995671E00964920EC09335B6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:30:8d:bb:00:ea:7e:5b:e1:83:b7:74:ad:68: 4c:86:38:03:ed:10:9b:30:b8:6c:8d:63:66:ee:b4: 81:18:75:ba:d6:db:0c:4e:5d:18:85:51:07:ee:d7: 56:ad:aa:a9:12:1f:29:33:81:4b:ac:d6:6e:76:e7: 6b:ad:f3:98:8e:c1:f6:57:cf:d8:70:79:5d:2f:d7: e7:85:91:e5:43:9a:64:9a:49:69:55:53:8c:99:3a: 17:7e:8a:0e:50:9a:21:1f:60:a9:fa:bb:1e:88:48: 1d:9e:58:eb:0c:d4:71:90:7d:8f:bc:94:96:3a:b5: 50:3b:e2:3a:71:83:45:59:44:9b:b8:56:ed:de:7e: 9c:88:2d:e3:ed:77:2f:53:98:c4:95:29:7e:97:b4: 94:d0:ba:6d:82:89:fd:e9:29:26:d5:5a:bb:de:c0: 21:39:c4:dc:f2:ab:bb:15:60:94:18:9c:26:50:94: 77:78:94:34:6e:ca:a6:af:1e:6c:dd:fd:71:8b:6a: cf:2b:65:19:a1:da:62:ca:58:83:88:07:f8:47:02: e1:d4:a6:5d:ba:f6:89:e7:ec:f6:6c:27:a9:46:e0: 79:4f:4e:31:d6:91:a1:68:bf:a5:94:bb:05:ef:93: 8f:e8:07:66:d0:46:04:8e:0c:58:2b:b7:d4:da:41: 99:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:E8:13:B6:2A:89:6D:A9:95:67:1E:00:96:49:20:EC:09:33:5B:6A X509v3 Authority Key Identifier: keyid:3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346662653a3a2f34382d3438203d3e2036353137.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4fbe::/48 Signature Algorithm: sha256WithRSAEncryption 7f:d8:ab:d4:4a:66:f8:f7:3d:59:2d:e6:77:84:fd:c2:12:91: 7e:89:8b:a9:b8:8d:c9:58:4e:a5:f0:7b:0c:bd:fd:88:2b:93: d7:0f:28:f1:13:84:cc:6f:05:47:76:62:ba:1f:fd:e9:0c:b9: e2:dc:90:86:a2:ca:85:06:24:08:3a:62:36:55:3f:5d:24:8d: 0e:42:ec:3e:ad:c0:c2:eb:6f:03:a8:c0:2c:9c:72:d0:13:46: 68:b9:3e:23:6d:69:0b:46:a5:be:e9:cd:11:22:aa:e9:37:2d: 60:c6:ed:bf:46:c8:25:f7:cc:1b:c9:48:01:ca:1c:a2:8a:e5: f0:35:d9:90:de:23:68:91:72:c5:23:fa:25:72:ae:16:1a:66: b7:f3:49:60:f3:72:f2:6a:50:08:71:0f:0d:d9:84:8b:1b:fd: a9:12:af:c0:2b:a3:c0:44:20:c5:43:16:10:67:3d:59:eb:9c: 07:93:49:ba:be:47:5c:9c:4c:2c:e9:58:4a:d0:f3:f2:58:e6: 57:a9:42:a8:7a:29:12:ad:0a:80:88:ad:f2:d7:9e:62:38:32: 90:a9:cd:24:34:df:c3:41:a1:e3:90:b5:54:6a:94:5e:6c:5d: bf:3b:96:9b:77:c2:ba:0e:3d:3b:97:73:9f:b7:24:c5:e8:19: 89:1b:8a:f3 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgIUDXZyPwqjThKuMnoqgNxCVk4WchEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4 MkExMjJFMzAeFw0yNTAxMjMxNDQxNDBaFw0yNjAxMjIxNDQ2NDBaMDMxMTAvBgNV BAMTKDM3RTgxM0I2MkE4OTZEQTk5NTY3MUUwMDk2NDkyMEVDMDkzMzVCNkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYMI27AOp+W+GDt3StaEyGOAPt EJswuGyNY2butIEYdbrW2wxOXRiFUQfu11atqqkSHykzgUus1m5252ut85iOwfZX z9hweV0v1+eFkeVDmmSaSWlVU4yZOhd+ig5QmiEfYKn6ux6ISB2eWOsM1HGQfY+8 lJY6tVA74jpxg0VZRJu4Vu3efpyILePtdy9TmMSVKX6XtJTQum2Cif3pKSbVWrve wCE5xNzyq7sVYJQYnCZQlHd4lDRuyqavHmzd/XGLas8rZRmh2mLKWIOIB/hHAuHU pl269onn7PZsJ6lG4HlPTjHWkaFov6WUuwXvk4/oB2bQRgSODFgrt9TaQZmhAgMB AAGjggKBMIICfTAdBgNVHQ4EFgQUN+gTtiqJbamVZx4Alkkg7AkzW2owHwYDVR0j BBgwFoAUOjvhTQho455D4ntYVnbfW4KhIuMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzEvM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4MkExMjJFMy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zQTNCRTE0RDA4NjhFMzlFNDNFMjdCNTg1 Njc2REY1QjgyQTEyMkUzLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTM0NjY2MjY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzYz NTMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB Af8EEzARMA8EAgACMAkDBwAqFHWET74wDQYJKoZIhvcNAQELBQADggEBAH/Yq9RK Zvj3PVkt5neE/cISkX6Ji6m4jclYTqXwewy9/Ygrk9cPKPEThMxvBUd2Yrof/ekM ueLckIaiyoUGJAg6YjZVP10kjQ5C7D6twMLrbwOowCycctATRmi5PiNtaQtGpb7p zREiquk3LWDG7b9GyCX3zBvJSAHKHKKK5fA12ZDeI2iRcsUj+iVyrhYaZrfzSWDz cvJqUAhxDw3ZhIsb/akSr8Aro8BEIMVDFhBnPVnrnAeTSbq+R1ycTCzpWErQ8/JY 5lepQqh6KRKtCoCIrfLXnmI4MpCpzSQ038NBoeOQtVRqlF5sXb87lpt3wroOPTuX c5+3JMXoGYkbivM= -----END CERTIFICATE-----Generated at Wed Feb 5 22:50:04 2025 by rpki-client