$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34302d3430203d3e20323038343533.roa File: 326131343a316563373a663030303a3a2f34302d3430203d3e20323038343533.roa (raw, json) Hash identifier: kUd+OV7q9DAowS2L3/fdq/oS4HUMTFtScny+gWU7CG0= Subject key identifier: 8A:17:D8:85:40:DB:E8:4B:BF:99:50:90:BF:91:7D:97:F6:1A:55:B3 Certificate issuer: /CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71 Certificate serial: 2EEFE1D5726B54FF4E95ADCFD3AE711E6D02F7F3 Authority key identifier: 1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34302d3430203d3e20323038343533.roa Signing time: Tue 04 Mar 2025 18:03:58 +0000 ROA not before: Tue 04 Mar 2025 17:58:58 +0000 ROA not after: Tue 03 Mar 2026 18:03:58 +0000 asID: 208453 IP address blocks: 2a14:1ec7:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 07 Apr 2025 01:31:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:ef:e1:d5:72:6b:54:ff:4e:95:ad:cf:d3:ae:71:1e:6d:02:f7:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71 Validity Not Before: Mar 4 17:58:58 2025 GMT Not After : Mar 3 18:03:58 2026 GMT Subject: CN=8A17D88540DBE84BBF995090BF917D97F61A55B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6b:52:a8:4b:6e:a8:9d:77:7a:b1:59:8f:a5: 3e:e6:cc:12:a6:ee:26:52:fd:bb:d8:4c:b4:43:55: 12:3d:26:ee:3d:7e:cf:a3:77:d6:5a:b9:19:56:81: 32:3f:a6:db:5a:6f:f1:03:3f:59:44:0b:80:d7:0c: 77:73:f7:71:b3:b6:ee:85:76:12:7b:ee:42:f0:0c: 36:23:74:5c:b8:46:1f:ed:ac:80:f7:91:e3:d0:6b: c8:0a:ad:8d:b1:6a:2d:61:fb:c9:a9:3b:c5:0d:33: 5c:7e:cf:36:26:6d:19:c5:19:cb:d5:78:b4:d9:35: 4a:17:99:05:bb:05:57:2d:1f:68:40:7c:9f:79:59: b9:6f:69:38:8e:36:7f:4b:df:67:7e:7b:18:5c:af: cc:67:72:6d:d7:2d:3e:a7:8d:37:fb:f1:b9:74:7e: dd:6d:46:27:87:e5:4a:c5:10:d2:67:71:55:8d:b0: 55:ca:2a:bd:65:5a:c8:2b:a8:ef:54:2f:54:53:ef: 06:17:8b:ac:75:20:8c:6b:25:54:ce:cc:62:9d:c4: 8c:ae:25:ce:7f:c4:65:aa:9f:37:ed:fc:7a:a8:a2: f4:7e:f3:61:cd:b8:d0:c6:d3:c1:4b:2c:37:6c:bf: 18:b1:0d:6c:8e:ed:69:9c:c3:a9:6b:b7:6a:69:d5: 22:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:17:D8:85:40:DB:E8:4B:BF:99:50:90:BF:91:7D:97:F6:1A:55:B3 X509v3 Authority Key Identifier: keyid:1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34302d3430203d3e20323038343533.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec7:f000::/40 Signature Algorithm: sha256WithRSAEncryption ef:b3:15:08:00:7f:ab:74:a8:68:a4:32:fd:e0:55:04:1c:bd: 88:79:ed:44:d8:26:2a:77:81:52:fb:68:42:86:68:c3:fe:0f: b4:fa:8d:2c:4a:9f:db:90:ba:7a:ae:a7:76:c3:d1:01:4e:05: f5:fd:9b:7a:77:fc:0b:c0:08:69:6e:8e:ce:a5:d5:5b:ac:b6: de:b7:42:e0:7c:cd:e0:09:d5:b5:a1:9e:f1:a7:97:0b:bf:d7: 14:66:51:1f:27:f1:c0:e0:3c:6f:91:bf:18:72:83:d9:1e:19: 00:12:dd:cb:c4:f9:a8:00:eb:7b:ed:c9:65:15:df:b1:29:57: 00:bd:79:cd:a5:45:39:76:fa:82:89:fd:b5:14:a2:b5:00:78: ae:9c:b5:51:20:15:85:cb:36:12:c7:5a:2b:1a:81:a0:d9:5b: 30:17:b6:c8:25:87:13:ad:d3:4d:5d:9b:98:91:1e:a7:ca:6c: 1f:c8:fc:6e:cf:58:87:c0:d3:f3:b0:93:a1:96:62:fd:7f:5d: e2:88:f4:7f:a3:f6:96:db:db:c7:cd:18:94:44:f3:4e:5e:3e: 43:77:55:a9:80:c4:f9:52:8c:ff:9a:61:3d:83:c2:bc:83:1e: 91:9f:25:7a:28:47:55:6f:16:95:f8:b3:ff:2f:bd:31:f2:c6: 19:0d:96:89 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIULu/h1XJrVP9Ola3P065xHm0C9/MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVG ODNFMEU3MTAeFw0yNTAzMDQxNzU4NThaFw0yNjAzMDMxODAzNThaMDMxMTAvBgNV BAMTKDhBMTdEODg1NDBEQkU4NEJCRjk5NTA5MEJGOTE3RDk3RjYxQTU1QjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+a1KoS26onXd6sVmPpT7mzBKm 7iZS/bvYTLRDVRI9Ju49fs+jd9ZauRlWgTI/pttab/EDP1lEC4DXDHdz93Gztu6F dhJ77kLwDDYjdFy4Rh/trID3kePQa8gKrY2xai1h+8mpO8UNM1x+zzYmbRnFGcvV eLTZNUoXmQW7BVctH2hAfJ95WblvaTiONn9L32d+exhcr8xncm3XLT6njTf78bl0 ft1tRieH5UrFENJncVWNsFXKKr1lWsgrqO9UL1RT7wYXi6x1IIxrJVTOzGKdxIyu Jc5/xGWqnzft/HqoovR+82HNuNDG08FLLDdsvxixDWyO7Wmcw6lrt2pp1SLzAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUihfYhUDb6Eu/mVCQv5F9l/YaVbMwHwYDVR0j BBgwFoAUHb0dR/2ORXTIQhdDycxfDvg+DnEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE0NzZkNjItOWNmYS00ODcxLWEyZDktZmFkZjU3ODFj MTFiLzIvMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVGODNFMEU3MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8xREJEMUQ0N0ZEOEU0NTc0Qzg0MjE3NDND OUNDNUYwRUY4M0UwRTcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MTQ3NmQ2Mi05Y2ZhLTQ4NzEtYTJkOS1mYWRmNTc4MWMxMWIvMi8zMjYxMzEz NDNhMzE2NTYzMzczYTY2MzAzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz MDM4MzQzNTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhQex/AwDQYJKoZIhvcNAQELBQADggEBAO+z FQgAf6t0qGikMv3gVQQcvYh57UTYJip3gVL7aEKGaMP+D7T6jSxKn9uQunqup3bD 0QFOBfX9m3p3/AvACGlujs6l1Vustt63QuB8zeAJ1bWhnvGnlwu/1xRmUR8n8cDg PG+Rvxhyg9keGQAS3cvE+agA63vtyWUV37EpVwC9ec2lRTl2+oKJ/bUUorUAeK6c tVEgFYXLNhLHWisagaDZWzAXtsglhxOt001dm5iRHqfKbB/I/G7PWIfA0/Owk6GW Yv1/XeKI9H+j9pbb28fNGJRE805ePkN3VamAxPlSjP+aYT2DwryDHpGfJXooR1Vv FpX4s/8vvTHyxhkNlok= -----END CERTIFICATE-----Generated at Sun Apr 6 11:56:46 2025 by rpki-client