$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323030303a3a2f33362d313238203d3e20323035393431.roa File: 326131343a373538333a323030303a3a2f33362d313238203d3e20323035393431.roa (raw, json) Hash identifier: bttdf07pV56EPNWCClejJ5VLezHQTqirYk24CtzpecY= Subject key identifier: 00:64:B2:18:BE:00:4D:30:9B:61:0C:1F:ED:6A:B2:AA:94:05:47:93 Certificate issuer: /CN=21291D2963EE74682B10BECBA6060EF246C76881 Certificate serial: 0F3ABF95CCF5EB8CB2E53A2C24F06FFD3CE132DC Authority key identifier: 21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323030303a3a2f33362d313238203d3e20323035393431.roa Signing time: Tue 02 Sep 2025 00:26:16 +0000 ROA not before: Tue 02 Sep 2025 00:21:16 +0000 ROA not after: Tue 01 Sep 2026 00:26:16 +0000 asID: 205941 IP address blocks: 2a14:7583:2000::/36 maxlen: 128 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 07:37:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:3a:bf:95:cc:f5:eb:8c:b2:e5:3a:2c:24:f0:6f:fd:3c:e1:32:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21291D2963EE74682B10BECBA6060EF246C76881 Validity Not Before: Sep 2 00:21:16 2025 GMT Not After : Sep 1 00:26:16 2026 GMT Subject: CN=0064B218BE004D309B610C1FED6AB2AA94054793 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e7:9a:96:b5:0d:8d:53:a2:19:64:64:65:cb: 1a:da:3a:c4:d5:09:12:ee:76:26:7b:bb:41:ed:15: 3c:a3:32:c9:79:3f:a0:79:85:60:69:72:36:33:04: 2f:a2:37:fb:21:4c:f6:48:0c:f1:cc:4a:b7:67:f3: cd:2d:ed:96:9f:32:8d:14:61:0a:62:e1:3e:09:87: 9a:6e:b6:13:2f:95:4e:b1:d8:7e:46:4d:88:cb:94: 1f:87:bb:37:37:ab:45:4b:3c:7d:82:27:7d:2a:8f: 0a:e7:8d:6d:6e:34:6b:b2:6a:a0:17:55:a1:36:82: ee:15:dd:2c:ba:51:a9:09:24:56:15:9f:9b:9b:37: 0e:73:66:b0:db:bb:a1:28:53:a2:0e:26:1c:69:36: a5:f4:89:d6:26:c4:4c:35:e7:16:17:62:d8:66:e8: 5d:fb:20:6b:c3:c0:ae:69:b2:b3:11:5b:b5:9d:35: 37:00:5a:82:c5:bc:03:67:66:b8:4d:49:df:68:8c: f3:13:37:7b:79:08:c9:0e:4c:77:6b:c6:d8:bc:6e: a3:11:f4:4c:da:6b:44:05:c4:f1:b1:5e:a3:18:b4: b8:e4:7c:a5:3b:f4:4d:f1:96:62:92:fd:fd:5d:3d: db:f8:3a:ec:37:38:cd:3c:aa:f9:47:39:b3:5c:84: cf:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:64:B2:18:BE:00:4D:30:9B:61:0C:1F:ED:6A:B2:AA:94:05:47:93 X509v3 Authority Key Identifier: keyid:21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323030303a3a2f33362d313238203d3e20323035393431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:2000::/36 Signature Algorithm: sha256WithRSAEncryption 73:a0:70:02:5b:03:29:7e:cf:e1:30:f3:09:af:9b:d4:10:87: 77:ce:89:19:81:a0:f7:47:88:ef:03:90:79:97:0c:4a:f4:1f: 60:40:5e:67:80:c7:7d:39:32:64:de:16:81:e5:04:2a:97:5f: 7f:c1:a3:b2:b3:ce:c1:7a:db:6e:8a:83:07:47:ce:bb:1d:e1: ce:0d:14:30:2f:b7:e9:f3:82:9f:e2:3f:68:21:a6:5f:35:05: 2b:7e:55:ee:4f:f0:86:76:d3:df:2a:16:fb:c9:a9:a3:93:9d: 22:d1:91:9e:d9:96:13:f4:47:19:23:e4:d7:58:01:83:58:04: e5:f9:c4:2e:4e:e5:6f:ad:e7:f0:c7:a8:6f:67:e5:4e:05:1e: 92:38:5a:35:f5:ef:c1:df:d9:33:f2:f2:f6:d6:7d:4a:e1:9b: 94:1e:f2:b2:26:31:f4:14:12:b2:68:7c:46:66:4b:53:50:3e: e5:d7:0a:14:e6:46:9d:7d:98:44:e1:3d:f2:58:5a:f3:9e:26: fe:c1:3e:39:2b:cb:19:8e:87:be:72:78:95:30:92:e3:48:63: 8a:45:c0:94:df:5a:69:d9:6f:53:98:b5:30:70:52:d8:a6:32: 6a:ab:77:ef:9d:36:6c:ed:24:64:e3:b2:b2:9a:64:05:81:26: aa:f8:cd:4b -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIUDzq/lcz164yy5TosJPBv/TzhMtwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0 NkM3Njg4MTAeFw0yNTA5MDIwMDIxMTZaFw0yNjA5MDEwMDI2MTZaMDMxMTAvBgNV BAMTKDAwNjRCMjE4QkUwMDREMzA5QjYxMEMxRkVENkFCMkFBOTQwNTQ3OTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC455qWtQ2NU6IZZGRlyxraOsTV CRLudiZ7u0HtFTyjMsl5P6B5hWBpcjYzBC+iN/shTPZIDPHMSrdn880t7ZafMo0U YQpi4T4Jh5puthMvlU6x2H5GTYjLlB+Huzc3q0VLPH2CJ30qjwrnjW1uNGuyaqAX VaE2gu4V3Sy6UakJJFYVn5ubNw5zZrDbu6EoU6IOJhxpNqX0idYmxEw15xYXYthm 6F37IGvDwK5psrMRW7WdNTcAWoLFvANnZrhNSd9ojPMTN3t5CMkOTHdrxti8bqMR 9Ezaa0QFxPGxXqMYtLjkfKU79E3xlmKS/f1dPdv4Ouw3OM08qvlHObNchM9XAgMB AAGjggKGMIICgjAdBgNVHQ4EFgQUAGSyGL4ATTCbYQwf7WqyqpQFR5MwHwYDVR0j BBgwFoAUISkdKWPudGgrEL7LpgYO8kbHaIEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4 MDhiLzgvMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0NkM3Njg4MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMTI5MUQyOTYzRUU3NDY4MkIxMEJFQ0JB NjA2MEVGMjQ2Qzc2ODgxLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvOC8zMjYxMzEz NDNhMzczNTM4MzMzYTMyMzAzMDMwM2EzYTJmMzMzNjJkMzEzMjM4MjAzZDNlMjAz MjMwMzUzOTM0MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYB BQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqFHWDIDANBgkqhkiG9w0BAQsFAAOCAQEA c6BwAlsDKX7P4TDzCa+b1BCHd86JGYGg90eI7wOQeZcMSvQfYEBeZ4DHfTkyZN4W geUEKpdff8GjsrPOwXrbboqDB0fOux3hzg0UMC+36fOCn+I/aCGmXzUFK35V7k/w hnbT3yoW+8mpo5OdItGRntmWE/RHGSPk11gBg1gE5fnELk7lb63n8Meob2flTgUe kjhaNfXvwd/ZM/Ly9tZ9SuGblB7ysiYx9BQSsmh8RmZLU1A+5dcKFOZGnX2YROE9 8lha854m/sE+OSvLGY6HvnJ4lTCS40hjikXAlN9aadlvU5i1MHBS2KYyaqt37502 bO0kZOOysppkBYEmqvjNSw== -----END CERTIFICATE-----Generated at Fri Oct 24 16:44:13 2025 by rpki-client