$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538303a666639303a3a2f34342d313238203d3e20323035393431.roa File: 326131343a373538303a666639303a3a2f34342d313238203d3e20323035393431.roa (raw, json) Hash identifier: 5FD/Mehv7v0xNezRDRW9iBPyN5Dfwk8GJ9l323IIqtY= Subject key identifier: 69:B2:54:C5:59:3A:D8:A8:9A:EA:A1:09:D6:9B:29:2A:2D:4D:DB:90 Certificate issuer: /CN=21291D2963EE74682B10BECBA6060EF246C76881 Certificate serial: 3C297B69CCE0FC09BFAE8C6A588E095FF6E94BFF Authority key identifier: 21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538303a666639303a3a2f34342d313238203d3e20323035393431.roa Signing time: Tue 02 Sep 2025 00:24:52 +0000 ROA not before: Tue 02 Sep 2025 00:19:52 +0000 ROA not after: Tue 01 Sep 2026 00:24:52 +0000 asID: 205941 IP address blocks: 2a14:7580:ff90::/44 maxlen: 128 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Sep 2025 09:12:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:29:7b:69:cc:e0:fc:09:bf:ae:8c:6a:58:8e:09:5f:f6:e9:4b:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21291D2963EE74682B10BECBA6060EF246C76881 Validity Not Before: Sep 2 00:19:52 2025 GMT Not After : Sep 1 00:24:52 2026 GMT Subject: CN=69B254C5593AD8A89AEAA109D69B292A2D4DDB90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:53:9d:61:85:41:d3:70:b9:7d:68:1f:90:d8: 46:64:df:a0:f0:71:dd:67:4a:31:09:ca:5d:8b:5e: 76:7a:b1:96:bb:2a:99:ef:1b:b8:05:b5:c4:22:95: a2:3e:bd:67:10:43:f9:ce:c3:ce:d4:bd:3f:ab:07: 3e:8a:8f:0d:49:3d:9f:e4:4d:e0:03:87:96:de:44: c8:66:b9:5c:d4:1a:df:53:c9:da:28:19:81:a4:f4: cd:70:1a:57:e1:c4:bb:2a:68:cc:0c:1d:c5:9c:c6: 01:88:63:de:05:1e:fc:8b:ad:57:22:e5:69:b9:4b: 5d:f1:59:6d:4c:5a:e6:d3:2e:44:ea:63:7a:0b:8a: 0f:8b:9e:d6:0d:47:a9:d5:dc:d7:f2:1f:04:3f:d8: 27:0e:24:83:e3:cc:25:d8:db:00:ab:ea:54:67:05: e1:d7:ee:b1:dc:a2:67:1f:61:e4:27:79:8b:1e:77: 61:47:11:d1:33:59:90:73:11:2d:ea:ff:71:e0:7e: c4:8e:bd:d5:3e:ea:56:8a:a4:18:12:2c:3f:2a:13: 0e:b2:81:4f:85:b0:db:3e:39:48:98:0b:98:0c:93: d4:df:f5:d4:e4:61:f6:e2:55:2c:08:38:67:96:0f: 6b:af:08:fc:43:04:c0:d3:5b:eb:97:7e:94:88:da: 24:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:B2:54:C5:59:3A:D8:A8:9A:EA:A1:09:D6:9B:29:2A:2D:4D:DB:90 X509v3 Authority Key Identifier: keyid:21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538303a666639303a3a2f34342d313238203d3e20323035393431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff90::/44 Signature Algorithm: sha256WithRSAEncryption 12:38:26:40:8b:58:ee:3b:1b:5d:d3:a2:ce:5c:3e:29:49:42: fd:72:68:bb:b2:ec:10:c8:3c:a7:62:45:24:7f:3a:cf:92:6c: 5f:5f:83:b0:c2:2c:cb:c7:d0:bf:f2:e5:93:75:e0:d1:67:3b: 17:2a:72:b0:13:eb:38:45:ea:fd:ea:dc:c6:92:65:14:0e:fa: dc:d4:53:3a:f4:d9:ea:f7:22:60:3f:5e:a8:8c:79:41:6b:e9: 91:cb:3b:cf:50:17:33:24:23:89:e9:93:7e:f1:d8:a4:31:8a: d5:1f:4c:a3:2c:fe:56:be:26:cf:56:7c:78:1c:6e:20:00:88: 11:8f:7d:14:8c:d2:55:36:f9:22:f2:3a:bd:85:8e:ea:98:2e: 59:9d:95:7e:ac:6b:bf:90:31:9b:ca:3b:26:19:9c:20:57:6e: b5:e2:7c:92:e9:f7:b7:d3:89:d5:d1:ed:f2:a7:ea:e5:5a:e7: ed:44:c1:44:82:29:90:77:8e:e7:da:ce:34:9c:0b:50:72:08: 7c:b2:39:13:0a:4c:e1:b6:05:cc:81:e7:9e:4a:d6:5a:b8:ff: f6:3e:c5:a0:47:06:06:fc:aa:7d:b4:17:b8:a3:e4:c1:b3:2c: 06:31:05:c1:9c:5c:2d:1c:46:4e:b0:73:79:70:46:10:8f:69: 79:f5:9e:3d -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgIUPCl7aczg/Am/roxqWI4JX/bpS/8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0 NkM3Njg4MTAeFw0yNTA5MDIwMDE5NTJaFw0yNjA5MDEwMDI0NTJaMDMxMTAvBgNV BAMTKDY5QjI1NEM1NTkzQUQ4QTg5QUVBQTEwOUQ2OUIyOTJBMkQ0RERCOTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdU51hhUHTcLl9aB+Q2EZk36Dw cd1nSjEJyl2LXnZ6sZa7KpnvG7gFtcQilaI+vWcQQ/nOw87UvT+rBz6Kjw1JPZ/k TeADh5beRMhmuVzUGt9TydooGYGk9M1wGlfhxLsqaMwMHcWcxgGIY94FHvyLrVci 5Wm5S13xWW1MWubTLkTqY3oLig+LntYNR6nV3NfyHwQ/2CcOJIPjzCXY2wCr6lRn BeHX7rHcomcfYeQneYsed2FHEdEzWZBzES3q/3HgfsSOvdU+6laKpBgSLD8qEw6y gU+FsNs+OUiYC5gMk9Tf9dTkYfbiVSwIOGeWD2uvCPxDBMDTW+uXfpSI2iS3AgMB AAGjggKHMIICgzAdBgNVHQ4EFgQUabJUxVk62Kia6qEJ1pspKi1N25AwHwYDVR0j BBgwFoAUISkdKWPudGgrEL7LpgYO8kbHaIEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4 MDhiLzgvMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0NkM3Njg4MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMTI5MUQyOTYzRUU3NDY4MkIxMEJFQ0JB NjA2MEVGMjQ2Qzc2ODgxLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvOC8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzOTMwM2EzYTJmMzQzNDJkMzEzMjM4MjAzZDNlMjAz MjMwMzUzOTM0MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB BQUHAQcBAf8EEzARMA8EAgACMAkDBwQqFHWA/5AwDQYJKoZIhvcNAQELBQADggEB ABI4JkCLWO47G13Tos5cPilJQv1yaLuy7BDIPKdiRSR/Os+SbF9fg7DCLMvH0L/y 5ZN14NFnOxcqcrAT6zhF6v3q3MaSZRQO+tzUUzr02er3ImA/XqiMeUFr6ZHLO89Q FzMkI4npk37x2KQxitUfTKMs/la+Js9WfHgcbiAAiBGPfRSM0lU2+SLyOr2FjuqY LlmdlX6sa7+QMZvKOyYZnCBXbrXifJLp97fTidXR7fKn6uVa5+1EwUSCKZB3jufa zjScC1ByCHyyORMKTOG2BcyB555K1lq4//Y+xaBHBgb8qn20F7ij5MGzLAYxBcGc XC0cRk6wc3lwRhCPaXn1nj0= -----END CERTIFICATE-----Generated at Mon Sep 8 16:55:26 2025 by rpki-client