$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3430203d3e203134343437.roa File: 326131343a373538313a393230303a3a2f34302d3430203d3e203134343437.roa (raw, json) Hash identifier: wCZcPZ1Lk7X2Qee1qTSfN0RGP0Z21kPGqT0D7sgtD64= Subject key identifier: EA:F0:13:ED:C6:EB:71:7D:88:31:4C:4C:40:4A:83:F1:A2:44:5B:E1 Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 35E0B1F81C25719338B11AD672356DD41554B953 Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3430203d3e203134343437.roa Signing time: Fri 29 Aug 2025 15:16:40 +0000 ROA not before: Fri 29 Aug 2025 15:11:40 +0000 ROA not after: Fri 28 Aug 2026 15:16:40 +0000 asID: 14447 IP address blocks: 2a14:7581:9200::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 07:26:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:e0:b1:f8:1c:25:71:93:38:b1:1a:d6:72:35:6d:d4:15:54:b9:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: Aug 29 15:11:40 2025 GMT Not After : Aug 28 15:16:40 2026 GMT Subject: CN=EAF013EDC6EB717D88314C4C404A83F1A2445BE1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f4:11:4f:55:2d:5d:62:b9:af:e5:5f:12:ef: 30:e4:bb:d6:37:1d:ac:ec:7f:c6:5e:9e:fb:89:a6: 99:e2:91:09:98:bc:bb:76:4c:e5:5b:2a:b7:4e:29: eb:3b:cb:1b:c3:f7:ea:61:84:d5:d7:e0:ae:40:04: 91:26:71:d6:0e:b7:62:4e:35:34:17:1f:69:8c:9c: 65:45:14:ad:10:4c:ca:4e:2a:9c:c6:7a:65:86:8a: f8:62:85:b6:10:54:76:42:46:1e:25:06:f8:db:78: 2c:78:1e:a0:7a:d3:68:50:e8:84:5e:de:c2:17:8f: ad:ae:78:32:2c:cb:02:cd:61:44:95:72:01:e6:76: 25:4e:14:0e:80:9c:a7:fb:ad:8d:43:b4:e6:6f:47: cf:a2:fc:1e:69:01:1a:c9:2f:65:da:ae:72:ad:6d: 96:2e:96:3f:20:97:95:92:5a:a5:95:64:dc:a7:64: ea:1a:c6:09:2d:a5:92:2b:1d:3b:bf:a9:d7:91:69: 96:0f:6d:ad:e0:15:72:95:7d:88:be:26:7c:ad:87: dc:a1:06:10:e7:9d:47:08:80:4f:02:92:ed:3a:4e: 59:6d:9a:00:ff:86:3c:ae:39:07:20:77:e3:46:7a: d2:24:30:8e:33:de:1a:91:13:09:a9:5f:71:3b:e9: b5:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:F0:13:ED:C6:EB:71:7D:88:31:4C:4C:40:4A:83:F1:A2:44:5B:E1 X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3430203d3e203134343437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9200::/40 Signature Algorithm: sha256WithRSAEncryption 75:88:71:1d:c3:ad:0b:f5:24:dd:44:30:9d:5d:62:88:80:6a: ae:34:c2:b7:ca:a1:e6:1a:58:db:57:b4:95:79:1c:67:92:c7: 29:5a:18:b4:7b:24:38:a7:53:86:d2:82:cd:47:bf:2e:66:a6: b8:ea:46:17:2a:89:ff:f8:8b:19:17:02:ec:70:5d:2a:97:41: d6:4b:58:6d:38:3a:31:36:d2:55:d1:ba:fd:4c:53:af:4d:b7: 85:9a:90:ed:64:fa:5c:96:37:df:ae:b3:7c:e7:ce:04:a5:39: bf:c3:7a:57:d6:61:9a:7c:bb:36:eb:5f:ea:25:34:ef:40:81: 77:7a:d7:72:bd:af:60:86:64:21:5a:2c:e7:a3:d8:49:1e:9d: 8e:b3:1b:8b:7f:3a:83:22:d9:08:b8:58:80:65:a9:7c:19:c8: b6:92:aa:fc:9c:5a:d3:7f:f1:6a:f7:57:8e:05:22:db:a6:14: 9d:41:4a:67:f6:8f:72:8d:2d:47:79:d5:bc:e9:3e:1a:72:b3: bb:ab:b7:dc:16:2a:10:8e:4f:a7:aa:39:b8:5a:40:44:eb:f2: 41:09:42:b3:a5:09:3f:6c:f8:f5:a2:4a:75:0f:7d:6c:b1:b2: fb:4b:9c:cd:c4:c5:63:a9:03:49:ad:13:06:ba:6d:48:9d:41: 96:0a:0a:4f -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUNeCx+BwlcZM4sRrWcjVt1BVUuVMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNTA4MjkxNTExNDBaFw0yNjA4MjgxNTE2NDBaMDMxMTAvBgNV BAMTKEVBRjAxM0VEQzZFQjcxN0Q4ODMxNEM0QzQwNEE4M0YxQTI0NDVCRTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF9BFPVS1dYrmv5V8S7zDku9Y3 Hazsf8ZenvuJppnikQmYvLt2TOVbKrdOKes7yxvD9+phhNXX4K5ABJEmcdYOt2JO NTQXH2mMnGVFFK0QTMpOKpzGemWGivhihbYQVHZCRh4lBvjbeCx4HqB602hQ6IRe 3sIXj62ueDIsywLNYUSVcgHmdiVOFA6AnKf7rY1DtOZvR8+i/B5pARrJL2XarnKt bZYulj8gl5WSWqWVZNynZOoaxgktpZIrHTu/qdeRaZYPba3gFXKVfYi+Jnyth9yh BhDnnUcIgE8Cku06TlltmgD/hjyuOQcgd+NGetIkMI4z3hqREwmpX3E76bWXAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQU6vAT7cbrcX2IMUxMQEqD8aJEW+EwHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzIzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzEz NDM0MzQzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYGSMA0GCSqGSIb3DQEBCwUAA4IBAQB1iHEd w60L9STdRDCdXWKIgGquNMK3yqHmGljbV7SVeRxnkscpWhi0eyQ4p1OG0oLNR78u Zqa46kYXKon/+IsZFwLscF0ql0HWS1htODoxNtJV0br9TFOvTbeFmpDtZPpcljff rrN8584EpTm/w3pX1mGafLs261/qJTTvQIF3etdyva9ghmQhWizno9hJHp2OsxuL fzqDItkIuFiAZal8Gci2kqr8nFrTf/Fq91eOBSLbphSdQUpn9o9yjS1HedW86T4a crO7q7fcFioQjk+nqjm4WkBE6/JBCUKzpQk/bPj1okp1D31ssbL7S5zNxMVjqQNJ rRMGum1InUGWCgpP -----END CERTIFICATE-----Generated at Fri Oct 24 16:44:13 2025 by rpki-client