$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323030303a3a2f34312d313238203d3e20323133343133.roa File: 326131343a373538333a323030303a3a2f34312d313238203d3e20323133343133.roa (raw, json) Hash identifier: qcv62vhft+CfRefcIljQMYwhTtHw5pqiJA6YzH0JoaE= Subject key identifier: 31:73:C2:5F:9F:52:A5:E8:D8:55:F4:86:8E:7D:64:D4:79:F8:8A:10 Certificate issuer: /CN=21291D2963EE74682B10BECBA6060EF246C76881 Certificate serial: 7D642C0BAB1801B061512C3D5E55148F81A68D11 Authority key identifier: 21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323030303a3a2f34312d313238203d3e20323133343133.roa Signing time: Tue 02 Sep 2025 00:25:29 +0000 ROA not before: Tue 02 Sep 2025 00:20:29 +0000 ROA not after: Tue 01 Sep 2026 00:25:29 +0000 asID: 213413 IP address blocks: 2a14:7583:2000::/41 maxlen: 128 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Sep 2025 09:27:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:64:2c:0b:ab:18:01:b0:61:51:2c:3d:5e:55:14:8f:81:a6:8d:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21291D2963EE74682B10BECBA6060EF246C76881 Validity Not Before: Sep 2 00:20:29 2025 GMT Not After : Sep 1 00:25:29 2026 GMT Subject: CN=3173C25F9F52A5E8D855F4868E7D64D479F88A10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:02:30:76:6c:68:cd:2a:b8:52:fa:58:b5:27: 67:3b:26:4a:92:85:33:ea:55:db:3b:5b:4b:cd:3d: d8:57:ae:a2:c3:f0:bc:7e:ac:59:12:6f:db:20:f7: 22:ac:6e:97:b7:8c:30:e4:94:4d:05:92:4f:18:20: 58:e3:c1:a4:7b:d3:1c:5b:60:b8:1f:32:91:f9:39: dc:be:7d:12:44:a9:e3:a9:59:bc:cd:f2:2c:f1:12: af:70:cf:77:ac:ba:54:16:f4:59:70:7b:73:83:36: 58:19:22:8e:86:bf:07:65:c7:64:76:a1:00:61:de: 41:37:d9:c6:3f:e1:dd:e2:90:5d:d6:a9:19:a2:a2: c3:35:63:46:41:c6:38:b8:4c:64:12:e6:6f:7b:03: f5:23:19:b2:2e:40:01:48:b0:49:3d:33:17:41:f0: 75:ed:22:b0:4f:dc:ba:36:a2:fc:a5:2b:90:e0:72: 18:c0:99:a3:18:54:25:4d:e1:55:35:97:48:62:6a: 7b:b1:f8:88:fe:d0:cb:42:a8:7d:ac:6c:fe:c6:b7: 5d:43:8c:55:45:35:7e:71:c9:7a:6c:bf:d2:15:d6: c3:39:42:90:06:48:ba:02:60:2c:16:ad:d1:5e:f7: 18:5b:72:73:81:a2:64:fe:cd:3e:33:c6:87:5b:22: 57:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:73:C2:5F:9F:52:A5:E8:D8:55:F4:86:8E:7D:64:D4:79:F8:8A:10 X509v3 Authority Key Identifier: keyid:21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323030303a3a2f34312d313238203d3e20323133343133.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:2000::/41 Signature Algorithm: sha256WithRSAEncryption 22:44:01:b4:7d:0f:93:f5:6a:96:04:b4:71:b8:e6:db:ca:2c: 4f:f5:b6:b1:36:bb:fd:35:6a:80:c9:53:a1:fa:cb:5d:d6:65: 83:b8:6a:f8:32:78:0a:84:7e:d8:be:1c:39:70:e3:a1:4a:3c: 60:85:62:96:84:a8:5a:df:bd:5a:ec:82:27:3a:b0:8c:a2:22: f8:6d:6b:f5:c6:35:6e:e4:3e:d3:6b:0f:66:12:3d:96:2b:70: 39:a0:25:a5:7c:07:75:d6:e5:0e:8c:31:80:cc:1a:cf:f5:dd: b1:4c:0c:0f:8e:08:27:ee:f9:b4:24:f7:13:2b:f1:f9:0e:fa: 73:79:48:31:88:17:04:97:b0:ce:09:c7:2f:99:40:09:ef:b5: c9:a2:71:2a:9c:4c:35:f4:b1:62:67:d8:4b:f4:8c:62:da:90: 9e:f1:16:4f:5a:a4:66:d9:42:67:30:60:9b:ac:a5:7c:fe:5e: 78:a0:cb:17:16:a9:ff:84:d9:9c:ef:96:4d:3a:f5:22:5c:72: a2:07:04:00:8d:29:4f:c1:4c:13:bf:bb:b7:80:2d:42:52:c4: f6:5e:39:c0:70:b0:0f:5a:21:79:df:17:06:b9:97:7e:d9:be: ae:4d:9f:b5:af:f3:72:71:6c:f6:5a:1e:f2:5a:9e:62:89:11: b7:c5:17:03 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgIUfWQsC6sYAbBhUSw9XlUUj4GmjREwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0 NkM3Njg4MTAeFw0yNTA5MDIwMDIwMjlaFw0yNjA5MDEwMDI1MjlaMDMxMTAvBgNV BAMTKDMxNzNDMjVGOUY1MkE1RThEODU1RjQ4NjhFN0Q2NEQ0NzlGODhBMTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfAjB2bGjNKrhS+li1J2c7JkqS hTPqVds7W0vNPdhXrqLD8Lx+rFkSb9sg9yKsbpe3jDDklE0Fkk8YIFjjwaR70xxb YLgfMpH5Ody+fRJEqeOpWbzN8izxEq9wz3esulQW9Flwe3ODNlgZIo6Gvwdlx2R2 oQBh3kE32cY/4d3ikF3WqRmiosM1Y0ZBxji4TGQS5m97A/UjGbIuQAFIsEk9MxdB 8HXtIrBP3Lo2ovylK5DgchjAmaMYVCVN4VU1l0hianux+Ij+0MtCqH2sbP7Gt11D jFVFNX5xyXpsv9IV1sM5QpAGSLoCYCwWrdFe9xhbcnOBomT+zT4zxodbIldrAgMB AAGjggKHMIICgzAdBgNVHQ4EFgQUMXPCX59SpejYVfSGjn1k1Hn4ihAwHwYDVR0j BBgwFoAUISkdKWPudGgrEL7LpgYO8kbHaIEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4 MDhiLzgvMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0NkM3Njg4MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMTI5MUQyOTYzRUU3NDY4MkIxMEJFQ0JB NjA2MEVGMjQ2Qzc2ODgxLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvOC8zMjYxMzEz NDNhMzczNTM4MzMzYTMyMzAzMDMwM2EzYTJmMzQzMTJkMzEzMjM4MjAzZDNlMjAz MjMxMzMzNDMxMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB BQUHAQcBAf8EEzARMA8EAgACMAkDBwcqFHWDIAAwDQYJKoZIhvcNAQELBQADggEB ACJEAbR9D5P1apYEtHG45tvKLE/1trE2u/01aoDJU6H6y13WZYO4avgyeAqEfti+ HDlw46FKPGCFYpaEqFrfvVrsgic6sIyiIvhta/XGNW7kPtNrD2YSPZYrcDmgJaV8 B3XW5Q6MMYDMGs/13bFMDA+OCCfu+bQk9xMr8fkO+nN5SDGIFwSXsM4Jxy+ZQAnv tcmicSqcTDX0sWJn2Ev0jGLakJ7xFk9apGbZQmcwYJuspXz+XnigyxcWqf+E2Zzv lk069SJccqIHBACNKU/BTBO/u7eALUJSxPZeOcBwsA9aIXnfFwa5l37Zvq5Nn7Wv 83JxbPZaHvJanmKJEbfFFwM= -----END CERTIFICATE-----Generated at Sun Sep 7 17:19:18 2025 by rpki-client