$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa File: 326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa (raw, json) Hash identifier: bhxVymRF822sGUYT46rm76gxr9MTDGnqCYuxjLcYLpE= Subject key identifier: 63:2F:49:21:24:0A:44:6D:AA:83:2F:42:94:1B:EB:8E:6F:EF:59:28 Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 421C4912C0B89C78243D8C9D4436CE7D838D01CC Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa Signing time: Fri 15 May 2026 07:05:52 +0000 ROA not before: Fri 15 May 2026 07:00:52 +0000 ROA not after: Fri 14 May 2027 07:05:52 +0000 asID: 215364 IP address blocks: 2a14:7581:9000::/38 maxlen: 38 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Jun 2026 13:27:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:1c:49:12:c0:b8:9c:78:24:3d:8c:9d:44:36:ce:7d:83:8d:01:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: May 15 07:00:52 2026 GMT Not After : May 14 07:05:52 2027 GMT Subject: CN=632F4921240A446DAA832F42941BEB8E6FEF5928 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d4:3e:95:f0:66:b5:06:9b:89:d5:ca:2f:db: e4:44:5b:73:09:ef:f7:71:d2:9b:33:4e:20:a8:fc: 2f:52:32:8e:cc:05:18:a3:06:1c:81:a3:2a:29:5d: 9a:fb:ff:76:56:cf:6d:fd:c3:58:92:43:9b:b1:d3: 07:6d:b9:b9:86:48:f1:ec:cc:70:f4:6e:f1:ae:57: f5:2d:38:5a:b8:af:49:e7:18:90:07:8b:89:07:2b: 11:1c:c3:aa:db:42:6a:b1:c5:49:fb:38:0c:72:f2: cb:5f:2a:7c:26:fd:7b:5c:f7:3a:65:c2:17:49:74: c6:fa:bf:df:e0:88:38:7e:c0:a0:0f:38:74:5f:f9: 14:91:75:96:de:7a:aa:56:63:85:79:7c:33:29:ea: ba:a9:83:fa:60:a7:a9:9f:98:43:85:af:16:90:da: 45:cd:6c:68:ca:96:ba:5c:52:f6:e4:ff:e4:22:09: 77:59:07:53:0b:9a:8c:df:8f:d2:37:55:05:7a:b1: 3f:82:de:bb:28:78:b6:ae:c2:2b:58:d6:20:17:68: 24:83:c1:4b:cf:f7:5f:a4:21:d7:ae:fc:4e:a1:08: 2c:50:a1:7c:14:26:5b:34:4f:ca:f2:f8:42:16:91: a8:bc:da:2c:f2:57:dd:d0:d4:1d:20:00:73:c8:32: f4:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:2F:49:21:24:0A:44:6D:AA:83:2F:42:94:1B:EB:8E:6F:EF:59:28 X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9000::/38 Signature Algorithm: sha256WithRSAEncryption a2:48:76:81:c6:9e:69:13:3d:ed:48:a0:df:d8:78:ff:e5:5c: a9:a1:52:56:2d:28:36:dc:06:29:70:e1:50:58:34:2c:dc:7c: 17:8f:29:9b:cc:21:1c:b3:4a:ed:e8:f6:41:1f:8f:43:e4:3e: 3e:ef:3b:4c:1d:20:f5:86:25:b7:4f:34:bf:21:e8:f3:71:35: 88:33:30:bc:0c:4d:bb:e4:30:ec:8d:a1:6e:03:71:78:0e:e9: 5e:0b:8b:90:24:e4:1a:98:33:d7:23:79:08:1b:80:aa:21:2e: eb:5b:91:9c:6b:d7:60:e1:7b:dd:4c:ad:1e:21:61:75:eb:44: 74:59:99:4d:f2:3b:70:6e:7e:d0:b8:b5:60:11:fd:f6:0a:23: ef:0f:17:bb:ee:13:02:01:18:90:0d:e8:ae:2a:92:99:b7:80: 5e:46:76:5b:e4:dd:03:12:ca:9c:18:83:91:66:15:19:16:7f: 80:f0:7c:c3:15:19:d2:a9:fa:15:be:c4:97:97:d0:2b:eb:f1: 85:73:ca:70:2e:64:4f:89:92:ae:59:8c:6c:af:ae:93:7b:fb: ee:b6:50:8a:c6:41:10:f3:74:5f:fa:e6:66:f2:e3:bd:9f:96: 45:df:d2:17:58:93:95:28:bb:61:45:1f:2f:48:93:08:14:9c: c8:fd:2a:29 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUQhxJEsC4nHgkPYydRDbOfYONAcwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNjA1MTUwNzAwNTJaFw0yNzA1MTQwNzA1NTJaMDMxMTAvBgNV BAMTKDYzMkY0OTIxMjQwQTQ0NkRBQTgzMkY0Mjk0MUJFQjhFNkZFRjU5MjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw1D6V8Ga1BpuJ1cov2+REW3MJ 7/dx0pszTiCo/C9SMo7MBRijBhyBoyopXZr7/3ZWz239w1iSQ5ux0wdtubmGSPHs zHD0bvGuV/UtOFq4r0nnGJAHi4kHKxEcw6rbQmqxxUn7OAxy8stfKnwm/Xtc9zpl whdJdMb6v9/giDh+wKAPOHRf+RSRdZbeeqpWY4V5fDMp6rqpg/pgp6mfmEOFrxaQ 2kXNbGjKlrpcUvbk/+QiCXdZB1MLmozfj9I3VQV6sT+C3rsoeLauwitY1iAXaCSD wUvP91+kIdeu/E6hCCxQoXwUJls0T8ry+EIWkai82izyV93Q1B0gAHPIMvQ9AgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUYy9JISQKRG2qgy9ClBvrjm/vWSgwHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzAzMDMwM2EzYTJmMzMzODJkMzMzODIwM2QzZTIwMzIz MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYCKhR1gZAwDQYJKoZIhvcNAQELBQADggEBAKJI doHGnmkTPe1IoN/YeP/lXKmhUlYtKDbcBilw4VBYNCzcfBePKZvMIRyzSu3o9kEf j0PkPj7vO0wdIPWGJbdPNL8h6PNxNYgzMLwMTbvkMOyNoW4DcXgO6V4Li5Ak5BqY M9cjeQgbgKohLutbkZxr12Dhe91MrR4hYXXrRHRZmU3yO3BuftC4tWAR/fYKI+8P F7vuEwIBGJAN6K4qkpm3gF5Gdlvk3QMSypwYg5FmFRkWf4DwfMMVGdKp+hW+xJeX 0Cvr8YVzynAuZE+Jkq5ZjGyvrpN7++62UIrGQRDzdF/65mby472flkXf0hdYk5Uo u2FFHy9IkwgUnMj9Kik= -----END CERTIFICATE-----Generated at Thu Jun 11 21:48:03 2026 by rpki-client