$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030643a3a2f34382d3438203d3e20323136313133.roa File: 326131343a316563373a663030643a3a2f34382d3438203d3e20323136313133.roa (raw, json) Hash identifier: RA+L2a9rUnQEkE0h3dE9SdgUVHKokLJZl3eEmnwupDU= Subject key identifier: 32:DF:E5:07:58:A4:18:D0:3B:3D:30:B8:E1:C5:1D:DC:BF:B6:45:94 Certificate issuer: /CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71 Certificate serial: 1FB685F9B4B4AB2D5B962F6F62681A4733815845 Authority key identifier: 1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030643a3a2f34382d3438203d3e20323136313133.roa Signing time: Sun 23 Mar 2025 21:03:58 +0000 ROA not before: Sun 23 Mar 2025 20:58:58 +0000 ROA not after: Sun 22 Mar 2026 21:03:58 +0000 asID: 216113 IP address blocks: 2a14:1ec7:f00d::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 12:14:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:b6:85:f9:b4:b4:ab:2d:5b:96:2f:6f:62:68:1a:47:33:81:58:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71 Validity Not Before: Mar 23 20:58:58 2025 GMT Not After : Mar 22 21:03:58 2026 GMT Subject: CN=32DFE50758A418D03B3D30B8E1C51DDCBFB64594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:8f:c8:d0:90:90:bd:f8:a5:65:c7:06:f2:ab: d2:a0:c6:e3:ec:a8:31:85:81:16:ea:be:46:b5:ea: 6a:21:fd:58:f8:50:aa:5c:41:de:a3:cd:bf:76:12: 05:80:c8:31:64:87:1a:25:9b:7c:90:17:aa:d7:82: 48:46:50:56:8a:b1:60:f4:a5:65:85:3b:6a:19:17: 3c:f4:37:f3:0c:95:f9:95:2b:ee:28:4f:44:a8:86: b7:4a:00:35:24:c2:a8:5b:63:fa:6a:64:8d:3e:c0: 5a:c9:a4:f4:fb:a5:25:5a:b0:f8:1b:7f:00:d1:ee: 03:26:f7:47:99:bc:ff:3f:bc:d9:d9:16:40:f3:c3: ae:19:21:2e:52:f9:e3:ca:5e:b6:46:36:5b:22:17: 76:dc:1b:b3:00:03:e2:0f:6d:b5:63:df:13:12:49: 4c:de:06:5c:af:a5:94:5e:ba:03:3e:93:6c:74:18: 6b:9c:14:37:ba:4e:3a:b0:9c:75:f1:73:68:7d:f8: ec:c7:a1:69:47:cf:50:5f:db:65:ce:c8:46:9f:ca: bd:ea:90:95:f1:09:df:d6:11:70:49:58:02:ee:77: 89:8d:b7:74:07:cf:00:38:16:2f:e9:35:ca:9b:aa: 20:99:54:36:a1:9d:8d:a6:8b:25:5d:f6:18:42:e8: 9d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:DF:E5:07:58:A4:18:D0:3B:3D:30:B8:E1:C5:1D:DC:BF:B6:45:94 X509v3 Authority Key Identifier: keyid:1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030643a3a2f34382d3438203d3e20323136313133.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec7:f00d::/48 Signature Algorithm: sha256WithRSAEncryption c7:d0:af:c5:f4:38:bc:b0:bd:8d:8e:d9:db:d1:1d:f5:97:a7: c1:fb:3b:2a:07:47:e4:55:66:ec:de:98:10:d2:ec:c2:d8:dd: de:13:e8:f3:2d:ac:2e:39:46:69:03:e2:73:3d:16:44:7d:64: cd:69:4e:b6:cd:d5:6b:d4:89:c1:ce:7a:ba:96:5e:99:ef:ee: fe:e8:d0:d1:6c:0c:1e:b6:f7:e9:d3:d8:23:fa:57:e7:70:cc: fb:7a:6c:a5:e5:f1:f2:3d:9e:15:9e:63:7d:4c:4e:72:5a:64: 06:ba:14:e1:ec:a8:19:25:b6:4c:83:3b:39:fa:b1:a3:63:8d: 53:15:d1:fd:88:97:5d:80:70:39:51:5f:44:b7:16:84:e1:04: e6:da:25:df:bb:ac:ac:9a:f8:d5:ad:94:70:7c:ed:2e:a3:e5: 25:5c:35:e2:55:a3:1c:c6:fc:67:a8:ee:39:8b:7b:24:9c:d7: 78:4d:fd:89:86:eb:31:43:9f:d4:1c:7d:b6:50:c0:fd:08:ec: 41:6a:78:54:c5:d2:b8:14:a3:0b:81:77:3c:d6:66:c1:6a:1c: e3:3b:73:5a:b6:b4:59:31:a3:66:7d:ec:d8:57:14:7e:58:73: 88:96:bd:7d:bb:48:ea:16:32:8f:1c:d8:4d:0c:8e:45:9e:6a: 54:81:c4:f3 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUH7aF+bS0qy1bli9vYmgaRzOBWEUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVG ODNFMEU3MTAeFw0yNTAzMjMyMDU4NThaFw0yNjAzMjIyMTAzNThaMDMxMTAvBgNV BAMTKDMyREZFNTA3NThBNDE4RDAzQjNEMzBCOEUxQzUxRERDQkZCNjQ1OTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIj8jQkJC9+KVlxwbyq9KgxuPs qDGFgRbqvka16moh/Vj4UKpcQd6jzb92EgWAyDFkhxolm3yQF6rXgkhGUFaKsWD0 pWWFO2oZFzz0N/MMlfmVK+4oT0SohrdKADUkwqhbY/pqZI0+wFrJpPT7pSVasPgb fwDR7gMm90eZvP8/vNnZFkDzw64ZIS5S+ePKXrZGNlsiF3bcG7MAA+IPbbVj3xMS SUzeBlyvpZReugM+k2x0GGucFDe6TjqwnHXxc2h9+OzHoWlHz1Bf22XOyEafyr3q kJXxCd/WEXBJWALud4mNt3QHzwA4Fi/pNcqbqiCZVDahnY2miyVd9hhC6J0/AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUMt/lB1ikGNA7PTC44cUd3L+2RZQwHwYDVR0j BBgwFoAUHb0dR/2ORXTIQhdDycxfDvg+DnEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE0NzZkNjItOWNmYS00ODcxLWEyZDktZmFkZjU3ODFj MTFiLzIvMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVGODNFMEU3MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8xREJEMUQ0N0ZEOEU0NTc0Qzg0MjE3NDND OUNDNUYwRUY4M0UwRTcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MTQ3NmQ2Mi05Y2ZhLTQ4NzEtYTJkOS1mYWRmNTc4MWMxMWIvMi8zMjYxMzEz NDNhMzE2NTYzMzczYTY2MzAzMDY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM2MzEzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhQex/ANMA0GCSqGSIb3DQEBCwUAA4IBAQDH 0K/F9Di8sL2Njtnb0R31l6fB+zsqB0fkVWbs3pgQ0uzC2N3eE+jzLawuOUZpA+Jz PRZEfWTNaU62zdVr1InBznq6ll6Z7+7+6NDRbAwetvfp09gj+lfncMz7emyl5fHy PZ4VnmN9TE5yWmQGuhTh7KgZJbZMgzs5+rGjY41TFdH9iJddgHA5UV9EtxaE4QTm 2iXfu6ysmvjVrZRwfO0uo+UlXDXiVaMcxvxnqO45i3sknNd4Tf2JhusxQ5/UHH22 UMD9COxBanhUxdK4FKMLgXc81mbBahzjO3NatrRZMaNmfezYVxR+WHOIlr19u0jq FjKPHNhNDI5FnmpUgcTz -----END CERTIFICATE-----Generated at Sat Apr 5 04:35:14 2025 by rpki-client