$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538343a373030303a3a2f33362d3434203d3e20323136343532.roa File: 326131343a373538343a373030303a3a2f33362d3434203d3e20323136343532.roa (raw, json) Hash identifier: rpnwS+Y3sQ4e6qv+Gy6DoJIWfRow73aU7r2O2Z0c3vg= Subject key identifier: B3:94:64:4A:8C:F9:A2:C4:25:B0:85:84:11:56:2B:AF:27:CA:C4:D5 Certificate issuer: /CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Certificate serial: 3ED60F62B9F09F8DAE85D1356F93FFD1524D985D Authority key identifier: 0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538343a373030303a3a2f33362d3434203d3e20323136343532.roa Signing time: Tue 19 May 2026 15:42:17 +0000 ROA not before: Tue 19 May 2026 15:37:17 +0000 ROA not after: Tue 18 May 2027 15:42:17 +0000 asID: 216452 IP address blocks: 2a14:7584:7000::/36 maxlen: 44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Jun 2026 19:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:d6:0f:62:b9:f0:9f:8d:ae:85:d1:35:6f:93:ff:d1:52:4d:98:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45 Validity Not Before: May 19 15:37:17 2026 GMT Not After : May 18 15:42:17 2027 GMT Subject: CN=B394644A8CF9A2C425B0858411562BAF27CAC4D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:43:69:d8:25:8a:70:51:e1:7e:57:67:5d:0e: a9:ac:7b:99:09:59:83:58:be:4a:35:8f:3a:bf:9e: 95:ce:91:7c:62:69:05:be:42:a7:eb:f7:09:55:c6: ce:e9:84:75:2b:86:c1:20:96:e2:81:dd:ba:56:7c: f2:24:fa:2c:3d:ee:63:4f:61:08:80:e6:fd:aa:73: 45:19:4b:9b:29:53:fc:19:f9:d6:49:bc:00:c2:c8: 41:48:a3:0f:f6:c7:8f:21:a9:7f:d3:a8:60:a3:dd: 08:65:69:36:5c:9a:62:3a:73:33:4a:61:b7:24:cd: eb:f4:1b:98:96:48:ed:b5:45:95:78:e1:51:8c:80: d9:b2:bb:c5:ff:dc:44:e2:8c:03:47:48:5c:8c:97: e3:e3:60:01:c5:4a:80:11:ee:ff:17:5f:57:8f:55: 24:a0:6b:5e:8a:da:43:71:bd:11:43:79:54:66:b6: 99:de:a2:ac:af:90:0a:a4:36:69:e1:bb:d0:59:22: 66:d1:62:3b:97:1e:5e:97:8c:20:ce:d8:e4:84:68: ac:94:10:8c:b1:d4:6b:4b:f3:ef:02:c6:17:9d:36: 65:53:cc:df:40:1c:8d:8c:13:47:90:cd:ad:25:2c: 5b:09:e5:a2:af:e0:c8:c3:47:a7:fe:55:c2:50:38: 9f:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:94:64:4A:8C:F9:A2:C4:25:B0:85:84:11:56:2B:AF:27:CA:C4:D5 X509v3 Authority Key Identifier: keyid:0A:8B:61:A8:44:D6:C2:C7:AF:38:ED:CB:D1:65:D0:EF:FB:82:3E:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0A8B61A844D6C2C7AF38EDCBD165D0EFFB823E45.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/72c405f1-c32d-47ce-8943-0752ed13d8ef/1/326131343a373538343a373030303a3a2f33362d3434203d3e20323136343532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:7000::/36 Signature Algorithm: sha256WithRSAEncryption 71:21:bc:c3:d6:87:88:da:d3:28:f8:a4:a9:b4:7a:3b:69:0a: a5:5e:c9:e1:55:79:c4:80:f4:ca:55:98:82:7e:1a:de:37:41: 38:12:99:1a:8b:4d:d5:ea:34:9c:db:f2:6d:83:ca:ae:07:71: f3:a2:a7:36:b1:a8:00:3b:ab:2a:a2:50:1e:c3:49:1e:c2:64: 2c:83:50:a0:56:2f:ac:f6:42:65:d5:76:67:20:01:7e:a6:d9: 98:28:f3:13:46:f1:ac:05:94:43:66:3b:e0:73:bf:27:aa:89: cc:0d:c1:f1:48:dd:88:67:48:e1:09:4b:2a:f9:8a:91:9e:e9: 33:a8:d8:39:3a:5b:b4:b8:8c:9f:b7:cc:71:20:05:ba:f7:7c: 69:2e:94:4f:75:6e:e6:ff:9d:07:8a:cd:40:d5:3b:82:f0:21: 7e:87:aa:f2:0b:3e:a8:66:65:42:57:de:0d:4a:c5:dd:d7:fd: 3b:b4:23:4b:4d:5d:81:4e:86:79:b0:2b:87:f0:51:cb:f0:ea: d9:bd:8e:e7:7f:e4:e3:2c:d9:6c:1c:64:57:ea:c2:47:2b:49: 46:39:2a:54:3a:8a:09:b1:be:67:a9:49:9a:e4:07:ce:66:9f: af:c0:b0:87:87:cc:a6:6a:cb:55:99:d1:f2:a4:6f:b8:d6:58: bf:16:d2:17 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUPtYPYrnwn42uhdE1b5P/0VJNmF0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZG QjgyM0U0NTAeFw0yNjA1MTkxNTM3MTdaFw0yNzA1MTgxNTQyMTdaMDMxMTAvBgNV BAMTKEIzOTQ2NDRBOENGOUEyQzQyNUIwODU4NDExNTYyQkFGMjdDQUM0RDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcQ2nYJYpwUeF+V2ddDqmse5kJ WYNYvko1jzq/npXOkXxiaQW+Qqfr9wlVxs7phHUrhsEgluKB3bpWfPIk+iw97mNP YQiA5v2qc0UZS5spU/wZ+dZJvADCyEFIow/2x48hqX/TqGCj3QhlaTZcmmI6czNK Ybckzev0G5iWSO21RZV44VGMgNmyu8X/3ETijANHSFyMl+PjYAHFSoAR7v8XX1eP VSSga16K2kNxvRFDeVRmtpneoqyvkAqkNmnhu9BZImbRYjuXHl6XjCDO2OSEaKyU EIyx1GtL8+8CxhedNmVTzN9AHI2ME0eQza0lLFsJ5aKv4MjDR6f+VcJQOJ8/AgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUs5RkSoz5osQlsIWEEVYrryfKxNUwHwYDVR0j BBgwFoAUCothqETWwsevOO3L0WXQ7/uCPkUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzJjNDA1ZjEtYzMyZC00N2NlLTg5NDMtMDc1MmVkMTNk OGVmLzEvMEE4QjYxQTg0NEQ2QzJDN0FGMzhFRENCRDE2NUQwRUZGQjgyM0U0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wQThCNjFBODQ0RDZDMkM3QUYzOEVEQ0JE MTY1RDBFRkZCODIzRTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MmM0MDVmMS1jMzJkLTQ3Y2UtODk0My0wNzUyZWQxM2Q4ZWYvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTM3MzAzMDMwM2EzYTJmMzMzNjJkMzQzNDIwM2QzZTIwMzIz MTM2MzQzNTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1hHAwDQYJKoZIhvcNAQELBQADggEBAHEh vMPWh4ja0yj4pKm0ejtpCqVeyeFVecSA9MpVmIJ+Gt43QTgSmRqLTdXqNJzb8m2D yq4HcfOipzaxqAA7qyqiUB7DSR7CZCyDUKBWL6z2QmXVdmcgAX6m2Zgo8xNG8awF lENmO+BzvyeqicwNwfFI3YhnSOEJSyr5ipGe6TOo2Dk6W7S4jJ+3zHEgBbr3fGku lE91bub/nQeKzUDVO4LwIX6HqvILPqhmZUJX3g1Kxd3X/Tu0I0tNXYFOhnmwK4fw Ucvw6tm9jud/5OMs2WwcZFfqwkcrSUY5KlQ6igmxvmepSZrkB85mn6/AsIeHzKZq y1WZ0fKkb7jWWL8W0hc= -----END CERTIFICATE-----Generated at Sat Jun 6 05:53:16 2026 by rpki-client