$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346666663a3a2f34382d3438203d3e20323135323838.roa File: 326131343a373538343a346666663a3a2f34382d3438203d3e20323135323838.roa (raw, json) Hash identifier: nsYSNBfymkV5hvBNRaiVnDdkfFTTORy7B18OOzknSjI= Subject key identifier: 99:44:CC:60:83:BB:26:2D:2D:03:43:4F:7D:84:76:8A:1E:0D:4B:85 Certificate issuer: /CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Certificate serial: 6A18B0B9CCF325C9A2B056C37FC6D70593726C4C Authority key identifier: 3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346666663a3a2f34382d3438203d3e20323135323838.roa Signing time: Tue 10 Dec 2024 11:15:17 +0000 ROA not before: Tue 10 Dec 2024 11:10:17 +0000 ROA not after: Tue 09 Dec 2025 11:15:17 +0000 asID: 215288 IP address blocks: 2a14:7584:4fff::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Feb 2025 11:05:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:18:b0:b9:cc:f3:25:c9:a2:b0:56:c3:7f:c6:d7:05:93:72:6c:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Validity Not Before: Dec 10 11:10:17 2024 GMT Not After : Dec 9 11:15:17 2025 GMT Subject: CN=9944CC6083BB262D2D03434F7D84768A1E0D4B85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7c:61:12:68:14:15:85:d4:46:4a:5a:04:c6: ec:8e:37:07:ec:21:5f:fb:99:cc:d1:b4:87:66:1e: 3d:c7:5a:9a:4b:a2:f9:7b:4e:ee:42:39:1e:41:39: fd:98:44:a5:27:e9:62:9c:8d:da:0a:d4:00:bc:fe: 21:62:df:54:9c:76:ea:cb:71:62:c4:60:eb:6f:c8: 5b:ad:97:c4:19:32:1e:bb:d5:bd:31:40:e5:32:a6: ca:6b:5a:9c:e9:69:5a:79:6d:2d:ca:27:f3:a5:ba: 8a:05:ff:50:ed:85:44:e0:b0:07:c1:12:31:bb:44: 8a:ed:c4:3e:1e:10:47:2c:49:3d:d1:4e:35:81:90: 6f:89:68:54:70:00:5a:f9:75:51:25:cc:2d:60:d7: 07:f9:7d:40:93:33:3b:0f:75:44:f5:0f:22:fe:34: 25:f8:87:41:ed:4e:4b:ca:37:88:50:2b:46:51:cc: 54:36:b8:d7:48:7a:ad:15:7a:e4:bf:3c:33:f0:76: 4a:1e:ce:d8:ef:30:9d:67:dd:96:bb:81:53:c6:76: 93:2d:22:84:65:2f:80:1b:5a:5d:b5:71:9b:31:41: 12:7e:a7:36:d5:39:a5:b8:ac:20:2a:b9:a1:eb:62: 4e:df:3c:a0:d8:21:b7:b5:d6:a4:43:9f:61:b0:96: 0e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:44:CC:60:83:BB:26:2D:2D:03:43:4F:7D:84:76:8A:1E:0D:4B:85 X509v3 Authority Key Identifier: keyid:3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538343a346666663a3a2f34382d3438203d3e20323135323838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:4fff::/48 Signature Algorithm: sha256WithRSAEncryption 97:79:38:46:42:8e:11:11:6b:bd:0f:0e:4c:f8:21:ca:2e:74: 87:cc:61:55:3b:da:fa:af:17:70:08:31:b7:b8:78:46:8d:c2: 7d:34:da:af:2b:65:c2:2b:84:08:df:52:31:5e:df:eb:b2:40: 0d:b4:15:5f:bc:6e:b9:2b:e4:11:e9:19:51:96:10:4c:09:65: 57:8f:f4:f8:3f:a1:ff:c6:46:f2:3f:30:34:1f:82:03:dd:d5: 9c:66:52:08:f6:4a:76:9d:fe:88:df:2e:1d:4e:a8:11:38:72: 64:bb:6a:38:57:0c:54:40:8c:da:9c:8d:ce:79:17:d4:fd:53: 19:3b:29:59:4b:2e:8f:e4:83:75:f3:41:ac:b9:98:c8:6f:2c: 2e:1f:29:c5:59:c1:59:5c:4b:3c:d1:ec:68:1e:c6:87:ff:58: 98:0a:a0:28:ee:c3:f2:91:1b:e6:7e:f1:da:fe:cc:ee:c0:55: 6f:1d:4b:c3:3b:cd:64:6f:5d:60:0b:14:25:b3:a5:a7:5e:c8: f6:a3:87:b8:75:64:7f:9b:9a:e6:e3:05:01:32:60:dd:8b:4d: 0e:84:02:43:b2:01:1b:7e:14:c2:fa:36:f7:8f:0a:56:52:f6: ff:f1:15:8f:d2:49:c0:fe:5c:8e:6e:25:1c:95:5b:56:99:12: a3:d5:9c:e6 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUahiwuczzJcmisFbDf8bXBZNybEwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4 MkExMjJFMzAeFw0yNDEyMTAxMTEwMTdaFw0yNTEyMDkxMTE1MTdaMDMxMTAvBgNV BAMTKDk5NDRDQzYwODNCQjI2MkQyRDAzNDM0RjdEODQ3NjhBMUUwRDRCODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmfGESaBQVhdRGSloExuyONwfs IV/7mczRtIdmHj3HWppLovl7Tu5COR5BOf2YRKUn6WKcjdoK1AC8/iFi31ScdurL cWLEYOtvyFutl8QZMh671b0xQOUypsprWpzpaVp5bS3KJ/OluooF/1DthUTgsAfB EjG7RIrtxD4eEEcsST3RTjWBkG+JaFRwAFr5dVElzC1g1wf5fUCTMzsPdUT1DyL+ NCX4h0HtTkvKN4hQK0ZRzFQ2uNdIeq0VeuS/PDPwdkoeztjvMJ1n3Za7gVPGdpMt IoRlL4AbWl21cZsxQRJ+pzbVOaW4rCAquaHrYk7fPKDYIbe11qRDn2Gwlg5PAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUmUTMYIO7Ji0tA0NPfYR2ih4NS4UwHwYDVR0j BBgwFoAUOjvhTQho455D4ntYVnbfW4KhIuMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzEvM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4MkExMjJFMy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zQTNCRTE0RDA4NjhFMzlFNDNFMjdCNTg1 Njc2REY1QjgyQTEyMkUzLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTM0NjY2NjY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM1MzIzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1hE//MA0GCSqGSIb3DQEBCwUAA4IBAQCX eThGQo4REWu9Dw5M+CHKLnSHzGFVO9r6rxdwCDG3uHhGjcJ9NNqvK2XCK4QI31Ix Xt/rskANtBVfvG65K+QR6RlRlhBMCWVXj/T4P6H/xkbyPzA0H4ID3dWcZlII9kp2 nf6I3y4dTqgROHJku2o4VwxUQIzanI3OeRfU/VMZOylZSy6P5IN180GsuZjIbywu HynFWcFZXEs80exoHsaH/1iYCqAo7sPykRvmfvHa/szuwFVvHUvDO81kb11gCxQl s6WnXsj2o4e4dWR/m5rm4wUBMmDdi00OhAJDsgEbfhTC+jb3jwpWUvb/8RWP0knA /lyObiUclVtWmRKj1Zzm -----END CERTIFICATE-----Generated at Wed Feb 5 22:52:16 2025 by rpki-client