$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a326663303a3a2f34322d313238203d3e20323039393531.roa File: 326131343a373538333a326663303a3a2f34322d313238203d3e20323039393531.roa (raw, json) Hash identifier: jIJw+Ij9NG2RfUUb/WG8RYGFziJgDuus3WTSfe1Q8Q0= Subject key identifier: D4:AF:CE:15:26:35:BA:2C:FA:B6:DA:F4:5D:03:59:B9:F9:A4:94:C9 Certificate issuer: /CN=21291D2963EE74682B10BECBA6060EF246C76881 Certificate serial: 3E3C257B03C950E057E68A9DD9AC89ED62EC8604 Authority key identifier: 21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a326663303a3a2f34322d313238203d3e20323039393531.roa Signing time: Wed 03 Sep 2025 18:04:12 +0000 ROA not before: Wed 03 Sep 2025 17:59:12 +0000 ROA not after: Wed 02 Sep 2026 18:04:12 +0000 asID: 209951 IP address blocks: 2a14:7583:2fc0::/42 maxlen: 128 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Sep 2025 01:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:3c:25:7b:03:c9:50:e0:57:e6:8a:9d:d9:ac:89:ed:62:ec:86:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21291D2963EE74682B10BECBA6060EF246C76881 Validity Not Before: Sep 3 17:59:12 2025 GMT Not After : Sep 2 18:04:12 2026 GMT Subject: CN=D4AFCE152635BA2CFAB6DAF45D0359B9F9A494C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:9b:22:0a:ef:f2:b2:e3:90:61:60:a4:9a:9b: 16:b3:b7:93:27:d1:4c:a1:92:89:b7:0b:89:4c:a7: a6:61:f1:00:af:0b:09:62:a5:ec:e9:fd:61:0b:2f: dd:70:53:1c:d5:e2:94:d3:20:ae:99:9b:9e:f2:06: 60:66:8e:52:45:af:24:40:82:6c:c0:a3:5c:d3:e7: c6:68:df:89:fa:cd:a0:85:70:e9:60:8b:86:6a:ea: 30:b6:c1:3a:13:ee:94:2c:e2:87:1a:6f:29:49:f3: c2:4f:53:c1:a7:15:d8:cf:9b:07:d3:eb:49:4b:75: a8:be:c6:ee:99:2b:ab:09:cd:bd:02:6d:57:3f:41: c3:71:0a:f8:11:6c:17:60:d8:f1:67:26:b7:eb:a9: c4:7b:97:91:de:2c:fd:09:f3:83:63:2a:a3:8c:d7: 54:3c:0f:27:28:f8:76:f2:59:b4:2c:b2:1a:26:a0: 3e:54:b3:f7:79:08:de:f5:3e:08:56:4b:ba:96:ba: 9d:3b:42:1d:ba:55:2f:5c:85:c5:3f:9f:fa:2b:cb: 13:46:a1:d0:1d:e4:df:fe:1d:0e:45:34:ba:f2:39: 98:06:e5:aa:59:21:e8:3d:7d:94:12:13:a6:a4:91: 4e:dd:ee:65:54:b4:13:db:7a:11:dc:6b:eb:c2:9d: 5b:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:AF:CE:15:26:35:BA:2C:FA:B6:DA:F4:5D:03:59:B9:F9:A4:94:C9 X509v3 Authority Key Identifier: keyid:21:29:1D:29:63:EE:74:68:2B:10:BE:CB:A6:06:0E:F2:46:C7:68:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/21291D2963EE74682B10BECBA6060EF246C76881.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21291D2963EE74682B10BECBA6060EF246C76881.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/8/326131343a373538333a326663303a3a2f34322d313238203d3e20323039393531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:2fc0::/42 Signature Algorithm: sha256WithRSAEncryption 87:d2:31:b5:c9:8e:4e:10:8b:03:0a:a8:e4:9f:cc:87:c1:9e: 94:1f:11:15:40:e9:b7:22:e1:8e:1a:79:57:be:0d:64:dd:81: a2:20:f4:ec:2f:f9:61:4c:b6:ee:40:a1:e4:4b:5e:97:8b:ea: 97:d2:d6:d3:ec:b7:75:43:97:30:cd:16:c7:65:f4:5b:0f:a9: 8c:37:34:86:d4:5c:9d:a6:bf:1e:11:47:31:84:4a:54:9d:8b: e7:d0:3d:6f:7d:ec:50:14:f6:49:e4:f4:4c:7e:93:65:a4:3d: 02:13:50:22:ce:d6:0c:0a:b1:fe:25:10:9c:40:e1:1a:86:ab: bd:e9:d4:e9:21:5f:8b:89:1d:18:b7:c8:62:10:d3:e0:e4:d9: 13:70:87:9d:64:c9:2d:93:07:2e:c2:0c:27:f2:68:dc:59:ef: 12:7c:d0:f4:62:c0:a6:c9:10:63:05:39:2c:fc:0f:38:5a:17: df:f5:6c:c8:16:1e:cf:ae:79:e6:93:e0:13:e3:bf:84:87:68: 1f:b2:de:5e:8b:ac:e3:1b:b0:4b:13:14:ad:a2:c8:a0:a9:26: 96:9c:d1:e7:01:84:b6:93:df:06:d9:c8:72:2c:df:57:b0:86: d2:bd:c9:af:98:a4:3b:f6:67:57:ba:ec:d1:e1:98:7d:1c:7d: 9f:ee:66:98 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgIUPjwlewPJUOBX5oqd2ayJ7WLshgQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0 NkM3Njg4MTAeFw0yNTA5MDMxNzU5MTJaFw0yNjA5MDIxODA0MTJaMDMxMTAvBgNV BAMTKEQ0QUZDRTE1MjYzNUJBMkNGQUI2REFGNDVEMDM1OUI5RjlBNDk0QzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfmyIK7/Ky45BhYKSamxazt5Mn 0Uyhkom3C4lMp6Zh8QCvCwlipezp/WELL91wUxzV4pTTIK6Zm57yBmBmjlJFryRA gmzAo1zT58Zo34n6zaCFcOlgi4Zq6jC2wToT7pQs4ocabylJ88JPU8GnFdjPmwfT 60lLdai+xu6ZK6sJzb0CbVc/QcNxCvgRbBdg2PFnJrfrqcR7l5HeLP0J84NjKqOM 11Q8Dyco+HbyWbQsshomoD5Us/d5CN71PghWS7qWup07Qh26VS9chcU/n/oryxNG odAd5N/+HQ5FNLryOZgG5apZIeg9fZQSE6akkU7d7mVUtBPbehHca+vCnVtrAgMB AAGjggKHMIICgzAdBgNVHQ4EFgQU1K/OFSY1uiz6ttr0XQNZufmklMkwHwYDVR0j BBgwFoAUISkdKWPudGgrEL7LpgYO8kbHaIEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4 MDhiLzgvMjEyOTFEMjk2M0VFNzQ2ODJCMTBCRUNCQTYwNjBFRjI0NkM3Njg4MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMTI5MUQyOTYzRUU3NDY4MkIxMEJFQ0JB NjA2MEVGMjQ2Qzc2ODgxLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvOC8zMjYxMzEz NDNhMzczNTM4MzMzYTMyNjY2MzMwM2EzYTJmMzQzMjJkMzEzMjM4MjAzZDNlMjAz MjMwMzkzOTM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB BQUHAQcBAf8EEzARMA8EAgACMAkDBwYqFHWDL8AwDQYJKoZIhvcNAQELBQADggEB AIfSMbXJjk4QiwMKqOSfzIfBnpQfERVA6bci4Y4aeVe+DWTdgaIg9Owv+WFMtu5A oeRLXpeL6pfS1tPst3VDlzDNFsdl9FsPqYw3NIbUXJ2mvx4RRzGESlSdi+fQPW99 7FAU9knk9Ex+k2WkPQITUCLO1gwKsf4lEJxA4RqGq73p1OkhX4uJHRi3yGIQ0+Dk 2RNwh51kyS2TBy7CDCfyaNxZ7xJ80PRiwKbJEGMFOSz8DzhaF9/1bMgWHs+ueeaT 4BPjv4SHaB+y3l6LrOMbsEsTFK2iyKCpJpac0ecBhLaT3wbZyHIs31ewhtK9ya+Y pDv2Z1e67NHhmH0cfZ/uZpg= -----END CERTIFICATE-----Generated at Mon Sep 8 10:23:46 2025 by rpki-client