$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061303a3a2f34332d3438203d3e20323135333634.roa File: 326131343a373538313a393061303a3a2f34332d3438203d3e20323135333634.roa (raw, json) Hash identifier: RAw4xHnz744j8Drchm7/2YRwAZJQJ11XhSimRLX8qA4= Subject key identifier: BA:8A:05:A5:D6:C1:ED:B4:52:7A:30:1F:41:59:D7:80:81:8F:08:D9 Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 04F6417EC2198A89A967456FCCDA738610001A33 Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061303a3a2f34332d3438203d3e20323135333634.roa Signing time: Sun 29 Dec 2024 19:29:01 +0000 ROA not before: Sun 29 Dec 2024 19:24:01 +0000 ROA not after: Sun 28 Dec 2025 19:29:01 +0000 asID: 215364 IP address blocks: 2a14:7581:90a0::/43 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 14:04:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:f6:41:7e:c2:19:8a:89:a9:67:45:6f:cc:da:73:86:10:00:1a:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: Dec 29 19:24:01 2024 GMT Not After : Dec 28 19:29:01 2025 GMT Subject: CN=BA8A05A5D6C1EDB4527A301F4159D780818F08D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ad:01:ff:b6:d0:c4:b1:15:52:70:a1:64:b5: 36:58:43:64:2a:fa:ca:5a:6f:43:49:88:a0:8e:99: b5:99:30:e8:dd:a2:dd:4d:f9:d6:b6:9b:f0:22:75: 59:42:83:00:26:37:95:54:a0:bb:6c:64:75:51:ae: af:35:8c:6d:25:7c:a1:e7:90:a8:bb:86:12:68:28: 18:f3:ab:0b:57:4e:60:24:e4:81:47:32:fb:a6:e1: 9e:a9:44:5a:a4:98:e4:f1:9a:8a:a5:19:5c:b1:ae: 4c:96:0f:17:b1:b1:eb:ec:9c:3d:68:c5:e2:fe:2c: 0d:c5:bd:01:c1:94:98:ba:b0:4a:13:d5:15:b4:e0: 6e:7c:f3:15:33:75:67:68:31:ce:18:0d:30:a0:3a: 71:2b:b2:85:2e:42:78:c0:dd:4b:f0:74:fe:ef:af: 35:2f:2b:4f:5c:f9:bc:a9:ba:1d:a7:b9:43:e1:0f: 47:28:d8:28:05:33:3f:c1:11:8b:cf:3e:79:7d:03: 34:ac:08:c7:cb:10:f3:12:7d:1b:3a:c4:b3:58:0c: 7c:96:8c:af:9a:08:52:92:8b:47:89:05:2c:77:ae: 72:70:9e:92:ba:2f:50:81:c2:0f:2c:fd:4a:f5:e4: 63:a3:e6:a1:6a:f7:4e:c6:f7:56:68:49:aa:99:f9: 30:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:8A:05:A5:D6:C1:ED:B4:52:7A:30:1F:41:59:D7:80:81:8F:08:D9 X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061303a3a2f34332d3438203d3e20323135333634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:90a0::/43 Signature Algorithm: sha256WithRSAEncryption 1a:ec:ac:35:09:f1:19:e6:14:9b:62:1c:72:44:e7:0c:1d:d9: 5a:90:2e:a9:1f:88:dd:0d:e0:58:63:48:4a:18:6d:e6:8d:f3: 3d:b6:19:76:33:04:8a:05:bb:46:da:c7:7e:82:f1:27:91:ff: 97:ee:dd:99:74:48:1f:e3:3b:55:24:f4:09:90:e2:1c:b9:cb: 25:fd:ec:29:d5:43:c6:3b:c5:56:94:16:bc:56:98:33:c1:55: 22:b8:38:b0:c9:bb:f1:6a:d2:2d:8f:87:da:05:93:05:d0:b4: 11:94:2e:3b:bd:cb:18:3f:43:7f:32:38:06:81:51:50:94:d0: 75:cb:50:c4:f2:75:e3:85:1e:de:04:39:f6:08:3e:88:b0:92: fb:88:5a:7d:07:2a:d5:50:70:5e:c5:4f:0f:c8:bb:7e:a1:a4: 19:1d:f1:54:6f:2e:d7:20:5b:ad:1a:86:2d:7b:f7:43:66:3d: 91:10:31:1c:86:91:fc:2c:d1:bb:d0:f2:9e:aa:4b:04:72:2d: af:e5:56:00:cc:bf:ac:4e:7c:67:3d:0c:dd:dd:26:20:8e:1b: 5e:03:fd:0f:01:40:a5:79:45:55:ef:43:34:73:a7:3e:2a:97: f9:4f:aa:b2:b5:18:00:34:db:c8:4e:7d:b1:e5:b1:21:80:71: a2:9d:8e:1c -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUBPZBfsIZiompZ0VvzNpzhhAAGjMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNDEyMjkxOTI0MDFaFw0yNTEyMjgxOTI5MDFaMDMxMTAvBgNV BAMTKEJBOEEwNUE1RDZDMUVEQjQ1MjdBMzAxRjQxNTlENzgwODE4RjA4RDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8rQH/ttDEsRVScKFktTZYQ2Qq +spab0NJiKCOmbWZMOjdot1N+da2m/AidVlCgwAmN5VUoLtsZHVRrq81jG0lfKHn kKi7hhJoKBjzqwtXTmAk5IFHMvum4Z6pRFqkmOTxmoqlGVyxrkyWDxexsevsnD1o xeL+LA3FvQHBlJi6sEoT1RW04G588xUzdWdoMc4YDTCgOnErsoUuQnjA3UvwdP7v rzUvK09c+bypuh2nuUPhD0co2CgFMz/BEYvPPnl9AzSsCMfLEPMSfRs6xLNYDHyW jK+aCFKSi0eJBSx3rnJwnpK6L1CBwg8s/Ur15GOj5qFq907G91ZoSaqZ+TCNAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUuooFpdbB7bRSejAfQVnXgIGPCNkwHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzA2MTMwM2EzYTJmMzQzMzJkMzQzODIwM2QzZTIwMzIz MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcFKhR1gZCgMA0GCSqGSIb3DQEBCwUAA4IBAQAa 7Kw1CfEZ5hSbYhxyROcMHdlakC6pH4jdDeBYY0hKGG3mjfM9thl2MwSKBbtG2sd+ gvEnkf+X7t2ZdEgf4ztVJPQJkOIcucsl/ewp1UPGO8VWlBa8VpgzwVUiuDiwybvx atItj4faBZMF0LQRlC47vcsYP0N/MjgGgVFQlNB1y1DE8nXjhR7eBDn2CD6IsJL7 iFp9ByrVUHBexU8PyLt+oaQZHfFUby7XIFutGoYte/dDZj2REDEchpH8LNG70PKe qksEci2v5VYAzL+sTnxnPQzd3SYgjhteA/0PAUCleUVV70M0c6c+Kpf5T6qytRgA NNvITn2x5bEhgHGinY4c -----END CERTIFICATE-----Generated at Sat Apr 5 04:43:33 2025 by rpki-client