$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f34342d3438203d3e20323135333634.roa File: 326131343a373538313a393030303a3a2f34342d3438203d3e20323135333634.roa (raw, json) Hash identifier: /qvikyZ1jwoQhEkEJgEO8D+K9YIohf2J0C8X3+ZK7FI= Subject key identifier: B9:A8:40:D2:8C:1E:99:DE:A3:F0:AE:56:26:67:11:A4:54:5B:66:9D Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 540A6A00EFB34534FFB8E7A68F081DF578F20DC5 Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f34342d3438203d3e20323135333634.roa Signing time: Wed 01 Jan 2025 15:56:42 +0000 ROA not before: Wed 01 Jan 2025 15:51:42 +0000 ROA not after: Wed 31 Dec 2025 15:56:42 +0000 asID: 215364 IP address blocks: 2a14:7581:9000::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 07 Apr 2025 05:26:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:0a:6a:00:ef:b3:45:34:ff:b8:e7:a6:8f:08:1d:f5:78:f2:0d:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: Jan 1 15:51:42 2025 GMT Not After : Dec 31 15:56:42 2025 GMT Subject: CN=B9A840D28C1E99DEA3F0AE56266711A4545B669D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:da:92:b6:f0:ae:ea:3e:f6:a0:14:3b:6e:e1: 0c:3e:1e:31:6d:17:8f:a7:6c:1a:7d:59:a3:3b:44: ab:f1:f1:0d:1e:66:78:40:c2:66:c2:50:46:05:cc: b6:aa:a7:b3:ee:6c:8a:48:07:53:f0:df:89:13:fe: 98:da:b7:c4:32:44:f6:56:cc:76:3a:84:36:34:da: f5:09:7f:8c:3e:c3:5a:33:48:56:75:1d:3a:9a:db: 94:00:44:57:bb:f3:14:b1:a2:fa:cc:82:2e:e5:a9: 67:29:19:c6:0a:0c:20:92:11:08:27:fd:54:cc:56: af:db:9a:94:50:32:47:78:df:84:eb:80:c3:ae:7c: 5a:57:9f:e3:6b:d7:fb:6b:bd:c6:37:4a:7e:72:d8: ee:d3:e6:2f:3d:e0:99:9e:ce:32:6e:b1:cb:dc:08: f2:f8:b5:60:15:66:0f:fa:4f:20:6f:fc:af:1a:11: 40:ab:e8:df:d8:a1:0b:73:41:e6:83:d0:71:7b:f9: 0f:01:5b:c5:e0:b7:73:e1:46:04:95:b7:44:c2:99: 3b:d2:3b:c5:d3:10:7e:21:c2:85:0a:6a:5e:5e:5d: 2b:70:08:2c:66:0c:37:9c:73:34:6c:85:e4:a4:6f: 7e:01:42:a4:18:0a:a7:7c:8f:fc:e3:70:b6:c6:68: 9d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:A8:40:D2:8C:1E:99:DE:A3:F0:AE:56:26:67:11:A4:54:5B:66:9D X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f34342d3438203d3e20323135333634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9000::/44 Signature Algorithm: sha256WithRSAEncryption 43:88:95:bf:79:cf:97:8a:62:ef:a3:1b:21:0b:ea:96:fd:ce: fe:2b:b7:4c:cc:f7:aa:b5:e3:17:90:bd:fa:dc:00:a7:70:66: 25:27:4a:e1:af:9f:53:8d:7c:46:e6:82:3a:12:f6:17:ad:4b: 4b:c9:51:af:0b:c5:74:7e:28:dd:60:6f:0d:1f:c7:98:ed:f9: 2c:d5:38:f5:c2:00:93:a5:89:e2:99:53:ec:04:4a:46:6c:22: fb:28:8f:5b:38:50:e3:8c:13:dc:06:89:ff:1c:cc:9c:05:30: 45:32:77:13:c2:b1:cc:ca:ff:1a:d5:cd:a1:46:e1:95:27:33: 7b:c9:34:11:dd:b9:fe:bb:db:2c:be:e8:85:b8:c4:db:e1:76: 7c:f0:4a:0a:a3:f0:cb:63:81:03:ac:4b:5f:4c:83:1e:97:fe: b5:a1:92:fb:d8:0e:9e:ec:43:a6:08:3a:65:78:a3:a7:72:28: 0b:5d:37:4c:88:2f:75:eb:db:dc:9d:a3:c0:f4:64:d9:23:8c: 58:e3:67:3e:8c:6b:fa:ad:e2:d5:61:ef:dd:64:ae:20:ad:20: 0b:dd:73:d4:ad:79:86:33:c8:0c:56:0c:8e:a3:ba:30:b2:2c: 42:87:26:7e:24:66:49:58:8b:be:54:42:6f:63:10:1b:32:e4: 7a:ee:3c:73 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUVApqAO+zRTT/uOemjwgd9XjyDcUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNTAxMDExNTUxNDJaFw0yNTEyMzExNTU2NDJaMDMxMTAvBgNV BAMTKEI5QTg0MEQyOEMxRTk5REVBM0YwQUU1NjI2NjcxMUE0NTQ1QjY2OUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU2pK28K7qPvagFDtu4Qw+HjFt F4+nbBp9WaM7RKvx8Q0eZnhAwmbCUEYFzLaqp7PubIpIB1Pw34kT/pjat8QyRPZW zHY6hDY02vUJf4w+w1ozSFZ1HTqa25QARFe78xSxovrMgi7lqWcpGcYKDCCSEQgn /VTMVq/bmpRQMkd434TrgMOufFpXn+Nr1/trvcY3Sn5y2O7T5i894JmezjJuscvc CPL4tWAVZg/6TyBv/K8aEUCr6N/YoQtzQeaD0HF7+Q8BW8Xgt3PhRgSVt0TCmTvS O8XTEH4hwoUKal5eXStwCCxmDDecczRsheSkb34BQqQYCqd8j/zjcLbGaJ2DAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUuahA0owemd6j8K5WJmcRpFRbZp0wHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzAzMDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gZAAMA0GCSqGSIb3DQEBCwUAA4IBAQBD iJW/ec+XimLvoxshC+qW/c7+K7dMzPeqteMXkL363ACncGYlJ0rhr59TjXxG5oI6 EvYXrUtLyVGvC8V0fijdYG8NH8eY7fks1Tj1wgCTpYnimVPsBEpGbCL7KI9bOFDj jBPcBon/HMycBTBFMncTwrHMyv8a1c2hRuGVJzN7yTQR3bn+u9ssvuiFuMTb4XZ8 8EoKo/DLY4EDrEtfTIMel/61oZL72A6e7EOmCDpleKOncigLXTdMiC9169vcnaPA 9GTZI4xY42c+jGv6reLVYe/dZK4grSAL3XPUrXmGM8gMVgyOo7owsixChyZ+JGZJ WIu+VEJvYxAbMuR67jxz -----END CERTIFICATE-----Generated at Sun Apr 6 09:46:44 2025 by rpki-client