$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323930303a3a2f34302d313238203d3e20323134363339.roa File: 326131343a373538333a323930303a3a2f34302d313238203d3e20323134363339.roa (raw, json) Hash identifier: Ig0MdxpLUWBFH0/Ucxj7iGLUl0RuOHs0CxE43qARgYQ= Subject key identifier: 8C:C0:A5:23:57:3B:C9:33:DB:E5:0B:B2:5F:91:E1:0C:AC:ED:1D:82 Certificate issuer: /CN=21291D2963EE74682B10BECBA6060EF246C76881 Certificate serial: 4890602E0F5250329573EC6764D6CA38DF40B290 Authority key identifier: 21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323930303a3a2f34302d313238203d3e20323134363339.roa Signing time: Mon 15 Sep 2025 16:58:58 +0000 ROA not before: Mon 15 Sep 2025 16:53:58 +0000 ROA not after: Mon 14 Sep 2026 16:58:58 +0000 asID: 214639 IP address blocks: 2a14:7583:2900::/40 maxlen: 128 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Sep 2025 21:02:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:90:60:2e:0f:52:50:32:95:73:ec:67:64:d6:ca:38:df:40:b2:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21291D2963EE74682B10BECBA6060EF246C76881 Validity Not Before: Sep 15 16:53:58 2025 GMT Not After : Sep 14 16:58:58 2026 GMT Subject: CN=8CC0A523573BC933DBE50BB25F91E10CACED1D82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:30:23:fe:0c:f1:43:b6:64:bf:52:d1:49:86: d3:fb:5e:70:96:d3:f2:58:b7:4b:80:d8:c8:a1:6e: 2b:5e:5d:6e:4c:c2:18:3d:25:78:69:56:9f:cf:ed: 55:fc:80:f8:0b:59:37:2b:a2:86:09:84:3c:6e:55: 91:83:33:ee:39:21:67:74:34:9c:59:2a:04:5d:bc: 6f:3c:4b:e1:45:e2:9c:50:49:c3:b2:60:6f:6c:fa: 92:df:2b:c2:8a:8a:db:a1:10:b4:d3:8e:fa:ac:a8: da:9f:39:86:59:0a:72:f1:39:10:18:d6:2d:e5:f7: 5b:ea:01:0f:99:bb:00:98:3e:33:3f:ea:b3:08:3c: 21:12:16:3d:90:d5:1b:4f:fa:76:51:48:93:cc:c7: 20:1b:5d:f7:ed:3c:0f:db:f3:a1:7e:f0:3b:d3:33: 14:79:94:16:ac:63:0b:cd:97:d9:4f:6f:fa:69:61: cb:1f:67:e7:b3:87:5f:6d:03:b0:48:f1:14:23:5f: 79:04:f9:b5:7d:f7:cb:32:39:e5:40:e0:00:60:6d: a1:82:46:88:1d:78:09:f4:a0:d9:e3:95:3a:e9:3f: f2:1a:d9:31:50:32:d4:9d:80:49:00:a7:84:15:01: 8e:95:3d:66:0a:c5:c0:46:ba:40:c1:7f:b2:9a:30: 23:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:C0:A5:23:57:3B:C9:33:DB:E5:0B:B2:5F:91:E1:0C:AC:ED:1D:82 X509v3 Authority Key Identifier: keyid:21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a323930303a3a2f34302d313238203d3e20323134363339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:2900::/40 Signature Algorithm: sha256WithRSAEncryption 29:7e:82:88:15:6c:2b:6e:6b:28:a4:9d:01:c6:c4:11:0d:bf: 8f:ea:f5:c8:02:47:a7:ed:22:af:13:4a:8e:18:7e:73:3f:df: 6f:25:f8:47:3b:8e:ca:44:6c:53:ae:4e:5b:2b:1c:d7:2c:33: 30:ca:ce:5d:39:d2:50:d1:11:6e:5d:6b:89:0e:6a:89:97:17: b4:fb:51:9d:57:72:3e:16:18:f2:5b:ef:bc:c0:50:46:78:fc: ba:e0:db:59:f5:85:b1:ce:6a:bd:33:37:30:85:86:a1:9c:1b: ba:63:31:e7:80:ce:12:a0:57:f2:fa:09:03:f6:86:a1:99:a2: 9d:7d:b0:92:61:ff:62:ef:26:b7:b4:07:6d:cd:06:5c:bb:bc: a5:86:f8:84:82:e2:82:bb:78:eb:0a:98:bf:5e:73:5e:7f:26: 0f:fa:a0:06:5e:3a:b1:73:d2:b9:6b:af:a9:44:e2:c4:8e:10: c7:94:da:cc:d4:28:6c:4f:4d:9b:7e:63:a5:68:7d:c6:3f:3d: 5a:68:56:2c:a3:03:c5:5c:fc:46:5a:b7:bf:1b:8b:bb:2e:fd: 4e:c0:ed:5c:60:48:0c:69:21:12:76:63:cc:f8:49:ba:1c:21: 4e:10:67:0b:5c:a2:a3:14:79:63:aa:81:2c:21:5d:a5:d8:cf: 03:df:7b:2f -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIUSJBgLg9SUDKVc+xnZNbKON9AspAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0 NkM3Njg4MTAeFw0yNTA5MTUxNjUzNThaFw0yNjA5MTQxNjU4NThaMDMxMTAvBgNV BAMTKDhDQzBBNTIzNTczQkM5MzNEQkU1MEJCMjVGOTFFMTBDQUNFRDFEODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuMCP+DPFDtmS/UtFJhtP7XnCW 0/JYt0uA2MihbiteXW5Mwhg9JXhpVp/P7VX8gPgLWTcrooYJhDxuVZGDM+45IWd0 NJxZKgRdvG88S+FF4pxQScOyYG9s+pLfK8KKituhELTTjvqsqNqfOYZZCnLxORAY 1i3l91vqAQ+ZuwCYPjM/6rMIPCESFj2Q1RtP+nZRSJPMxyAbXfftPA/b86F+8DvT MxR5lBasYwvNl9lPb/ppYcsfZ+ezh19tA7BI8RQjX3kE+bV998syOeVA4ABgbaGC RogdeAn0oNnjlTrpP/Ia2TFQMtSdgEkAp4QVAY6VPWYKxcBGukDBf7KaMCNhAgMB AAGjggKGMIICgjAdBgNVHQ4EFgQUjMClI1c7yTPb5QuyX5HhDKztHYIwHwYDVR0j BBgwFoAUISkdKWPudGgrEL7LpgYO8kbHaIEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4 MDhiLzgvMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0NkM3Njg4MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMTI5MUQyOTYzRUU3NDY4MkIxMEJFQ0JB NjA2MEVGMjQ2Qzc2ODgxLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvOC8zMjYxMzEz NDNhMzczNTM4MzMzYTMyMzkzMDMwM2EzYTJmMzQzMDJkMzEzMjM4MjAzZDNlMjAz MjMxMzQzNjMzMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYB BQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqFHWDKTANBgkqhkiG9w0BAQsFAAOCAQEA KX6CiBVsK25rKKSdAcbEEQ2/j+r1yAJHp+0irxNKjhh+cz/fbyX4RzuOykRsU65O Wysc1ywzMMrOXTnSUNERbl1riQ5qiZcXtPtRnVdyPhYY8lvvvMBQRnj8uuDbWfWF sc5qvTM3MIWGoZwbumMx54DOEqBX8voJA/aGoZminX2wkmH/Yu8mt7QHbc0GXLu8 pYb4hILigrt46wqYv15zXn8mD/qgBl46sXPSuWuvqUTixI4Qx5TazNQobE9Nm35j pWh9xj89WmhWLKMDxVz8Rlq3vxuLuy79TsDtXGBIDGkhEnZjzPhJuhwhThBnC1yi oxR5Y6qBLCFdpdjPA997Lw== -----END CERTIFICATE-----Generated at Thu Sep 18 10:22:11 2025 by rpki-client