$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538363a3a2f33322d3438203d3e20323132353136.roa File: 326131343a373538363a3a2f33322d3438203d3e20323132353136.roa (raw, json) Hash identifier: Vw1WsjcBBDgwNV11ZkFV4v0uL62C3aFoVi1BdXoCeFo= Subject key identifier: B1:73:51:BF:0C:64:02:B0:DC:6A:03:05:C8:30:A6:7E:A9:10:9F:6C Certificate issuer: /CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Certificate serial: 0668AE9AA2741C92EE7763EBF54C3B20AF41A1DA Authority key identifier: 3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538363a3a2f33322d3438203d3e20323132353136.roa Signing time: Sat 25 Jan 2025 01:30:30 +0000 ROA not before: Sat 25 Jan 2025 01:25:30 +0000 ROA not after: Sat 24 Jan 2026 01:30:30 +0000 asID: 212516 IP address blocks: 2a14:7586::/32 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Feb 2025 11:05:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:68:ae:9a:a2:74:1c:92:ee:77:63:eb:f5:4c:3b:20:af:41:a1:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A3BE14D0868E39E43E27B585676DF5B82A122E3 Validity Not Before: Jan 25 01:25:30 2025 GMT Not After : Jan 24 01:30:30 2026 GMT Subject: CN=B17351BF0C6402B0DC6A0305C830A67EA9109F6C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a3:b1:3e:d9:e1:1c:ef:8d:94:c6:17:9a:b5: c4:79:76:9a:43:b0:90:a4:99:0d:e6:0d:77:d6:29: 56:1d:7f:b4:33:35:90:da:49:bb:90:84:41:fd:14: aa:2d:1c:c1:a7:ad:72:49:cb:28:8e:d4:96:e3:75: b6:dd:ed:76:47:6f:2d:71:c2:55:e6:c0:a4:cd:8b: 2a:22:4a:8b:1a:16:17:bc:e1:d3:23:55:ed:1b:4b: e5:96:47:58:b5:7b:ff:45:81:e0:a9:ef:61:a8:9f: b5:1f:36:29:b9:af:33:6d:af:b5:d1:e7:5e:e8:62: 79:8e:28:05:0d:ec:42:d6:58:9a:d6:57:58:07:41: 0c:30:9e:36:13:7f:b0:4b:14:db:8b:86:c8:40:59: de:6b:2f:77:7e:1c:3e:bf:09:83:7a:5c:92:c4:c6: ab:68:39:02:36:a8:16:a2:f1:01:01:5d:3a:e4:78: 0b:c0:cb:f1:42:36:30:b1:5e:f6:e5:63:69:69:5c: be:89:30:a9:b1:6b:ba:f1:45:84:d0:26:81:b7:4d: 53:04:37:33:19:99:f3:a7:ef:82:40:48:a5:4d:78: a5:3d:35:28:80:7c:25:96:cd:ec:f3:ad:f9:b4:c1: 1e:89:fe:93:c9:ef:ec:12:cd:6c:34:c2:e7:1f:b6: 3d:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:73:51:BF:0C:64:02:B0:DC:6A:03:05:C8:30:A6:7E:A9:10:9F:6C X509v3 Authority Key Identifier: keyid:3A:3B:E1:4D:08:68:E3:9E:43:E2:7B:58:56:76:DF:5B:82:A1:22:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/3A3BE14D0868E39E43E27B585676DF5B82A122E3.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3A3BE14D0868E39E43E27B585676DF5B82A122E3.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/1/326131343a373538363a3a2f33322d3438203d3e20323132353136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7586::/32 Signature Algorithm: sha256WithRSAEncryption 31:e7:3d:e6:97:19:29:47:f8:08:b1:80:dd:b7:d0:75:c3:1d: 5b:11:ce:4c:b1:4e:28:51:0a:17:a2:42:df:4f:ab:6f:85:2d: 3a:39:38:11:48:36:ac:f3:31:cb:1b:3f:0f:58:11:d9:5a:2d: 0f:0b:61:da:cd:0e:7b:db:3a:e9:97:c2:7f:4e:e9:d6:25:15: 7b:c7:4f:6d:fc:6c:12:d6:09:e0:a7:1f:72:fe:ba:70:08:b0: b2:26:f3:81:9c:36:4b:64:1c:29:8d:7f:c3:89:81:42:d7:b8: 48:f9:31:d6:40:8f:14:07:69:50:e9:e0:65:7c:09:d7:8b:af: 1d:90:37:86:ce:55:c4:7c:53:82:c4:c8:dc:94:ba:22:19:3f: 3a:40:44:89:8c:77:7d:0a:8b:82:07:b7:11:62:d7:05:c2:8d: dd:bb:12:ce:31:04:40:7d:da:45:91:74:4e:f8:ff:dd:43:86: d7:fb:fd:64:e4:3e:54:91:74:a7:1c:f4:14:1d:d2:6f:70:ff: 6c:bb:e7:b0:05:86:ad:cd:c3:4a:b4:f8:07:9b:53:12:85:27: df:60:31:d4:b3:6b:e3:0f:3a:07:08:65:17:b8:b4:69:bd:05: a4:d6:eb:2f:17:ac:cd:94:cc:09:75:98:54:76:c9:51:b0:bd: 6f:dc:65:bf -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgIUBmiumqJ0HJLud2Pr9Uw7IK9BodowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4 MkExMjJFMzAeFw0yNTAxMjUwMTI1MzBaFw0yNjAxMjQwMTMwMzBaMDMxMTAvBgNV BAMTKEIxNzM1MUJGMEM2NDAyQjBEQzZBMDMwNUM4MzBBNjdFQTkxMDlGNkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0o7E+2eEc742UxheatcR5dppD sJCkmQ3mDXfWKVYdf7QzNZDaSbuQhEH9FKotHMGnrXJJyyiO1Jbjdbbd7XZHby1x wlXmwKTNiyoiSosaFhe84dMjVe0bS+WWR1i1e/9FgeCp72Gon7UfNim5rzNtr7XR 517oYnmOKAUN7ELWWJrWV1gHQQwwnjYTf7BLFNuLhshAWd5rL3d+HD6/CYN6XJLE xqtoOQI2qBai8QEBXTrkeAvAy/FCNjCxXvblY2lpXL6JMKmxa7rxRYTQJoG3TVME NzMZmfOn74JASKVNeKU9NSiAfCWWzezzrfm0wR6J/pPJ7+wSzWw0wucftj1pAgMB AAGjggJ5MIICdTAdBgNVHQ4EFgQUsXNRvwxkArDcagMFyDCmfqkQn2wwHwYDVR0j BBgwFoAUOjvhTQho455D4ntYVnbfW4KhIuMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTljODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFk NDdhLzEvM0EzQkUxNEQwODY4RTM5RTQzRTI3QjU4NTY3NkRGNUI4MkExMjJFMy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zQTNCRTE0RDA4NjhFMzlFNDNFMjdCNTg1 Njc2REY1QjgyQTEyMkUzLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUF BzALhoGNcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS81OWM4M2U1Yy00YjU1LTRhMWEtODAwMy0xYjdlY2M1MWQ0N2EvMS8zMjYxMzEz NDNhMzczNTM4MzYzYTNhMmYzMzMyMmQzNDM4MjAzZDNlMjAzMjMxMzIzNTMxMzYu cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAP MA0EAgACMAcDBQAqFHWGMA0GCSqGSIb3DQEBCwUAA4IBAQAx5z3mlxkpR/gIsYDd t9B1wx1bEc5MsU4oUQoXokLfT6tvhS06OTgRSDas8zHLGz8PWBHZWi0PC2HazQ57 2zrpl8J/TunWJRV7x09t/GwS1gngpx9y/rpwCLCyJvOBnDZLZBwpjX/DiYFC17hI +THWQI8UB2lQ6eBlfAnXi68dkDeGzlXEfFOCxMjclLoiGT86QESJjHd9CouCB7cR YtcFwo3duxLOMQRAfdpFkXRO+P/dQ4bX+/1k5D5UkXSnHPQUHdJvcP9su+ewBYat zcNKtPgHm1MShSffYDHUs2vjDzoHCGUXuLRpvQWk1usvF6zNlMwJdZhUdslRsL1v 3GW/ -----END CERTIFICATE-----Generated at Wed Feb 5 23:05:19 2025 by rpki-client