$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3438203d3e203134343437.roa File: 326131343a373538313a393230303a3a2f34302d3438203d3e203134343437.roa (raw, json) Hash identifier: kZ5VHXe1kAhX5tvSZsX77jhReBFDdvoZNrdYu896udw= Subject key identifier: F6:66:01:07:00:BA:1E:41:F6:C4:B3:30:25:71:43:63:10:5A:85:BC Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 70018ACA3660D6902B6300690519D07989AFFA1C Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3438203d3e203134343437.roa Signing time: Fri 29 Aug 2025 15:16:12 +0000 ROA not before: Fri 29 Aug 2025 15:11:12 +0000 ROA not after: Fri 28 Aug 2026 15:16:12 +0000 asID: 14447 IP address blocks: 2a14:7581:9200::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Sep 2025 13:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:01:8a:ca:36:60:d6:90:2b:63:00:69:05:19:d0:79:89:af:fa:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: Aug 29 15:11:12 2025 GMT Not After : Aug 28 15:16:12 2026 GMT Subject: CN=F666010700BA1E41F6C4B33025714363105A85BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:09:55:aa:f2:15:12:a3:9b:b3:34:36:ba:03: f9:46:46:d2:1f:fd:5a:9f:ab:88:60:b1:3a:75:42: 5b:41:1e:ba:70:48:64:79:b9:90:c4:0d:65:c2:77: f4:ce:f9:06:3b:2a:d1:77:07:a4:0d:d9:3f:c3:84: 03:b3:e2:0a:c0:34:2d:6f:c7:81:b1:2c:13:55:c5: 50:39:ed:37:72:b9:a5:c6:00:d6:d9:a8:11:28:79: 0f:be:78:10:4d:2c:4e:87:5a:bb:da:5c:01:07:3c: d2:8b:fa:9c:dd:45:27:d5:ee:91:d4:fa:40:f1:33: c4:82:c1:a6:48:c0:4f:b1:0a:75:ca:a8:37:05:c1: 5c:6b:e1:cd:3c:a3:6c:99:b6:bc:63:11:c8:4f:3d: 04:5c:40:50:3a:9a:1b:3a:74:aa:8d:18:3c:a9:4b: 74:48:1e:06:a0:b2:b1:0a:7a:12:54:5a:08:95:f9: 4c:06:57:e2:c7:d7:47:39:ee:1c:4d:6e:98:53:d9: 45:d7:94:36:2f:ce:43:38:07:07:db:05:0e:9e:80: 17:cd:16:42:98:f3:8d:25:a3:15:20:1b:50:c8:e8: 37:7b:76:74:cd:21:c7:a6:d0:a7:2f:c4:70:02:d6: cc:8f:0a:00:f5:bb:a2:ab:e8:86:9c:e8:39:84:7e: af:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:66:01:07:00:BA:1E:41:F6:C4:B3:30:25:71:43:63:10:5A:85:BC X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3438203d3e203134343437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9200::/40 Signature Algorithm: sha256WithRSAEncryption 38:e1:83:b1:ce:fb:e3:02:a2:b2:fe:f6:0b:fc:80:8f:b5:de: 58:33:6a:5f:1b:81:4c:13:9e:17:31:6d:61:3f:7e:01:fd:e2: bd:fb:71:d9:0f:17:22:68:ba:be:cf:81:6d:7c:33:9c:e4:e0: f7:4d:8e:ad:3f:d6:65:c2:5e:d6:c5:3f:49:57:b5:7c:89:7a: 24:04:d9:e0:11:4a:e9:10:04:a8:4c:6b:e9:09:e7:77:ff:af: 6e:58:04:fe:8c:ca:45:e7:b2:16:52:04:2d:42:e4:86:6f:42: 0a:2c:10:94:83:c9:95:79:2c:e1:b7:d7:79:7f:0c:9b:8f:1d: 30:92:ed:a1:a3:15:92:eb:af:97:5b:45:8e:2d:62:3c:08:3e: 62:4d:e5:f5:d3:94:85:89:bc:76:1e:a9:12:b9:d5:e2:f3:9d: ec:89:b3:cf:f4:5e:8a:35:e7:37:60:78:ed:0b:a2:4e:cf:fa: 5a:8d:f4:51:b2:2c:14:bb:75:b0:6f:4f:4d:c9:60:9c:70:41: c6:36:45:44:8d:cc:8b:1b:98:ae:5c:86:7c:3e:97:4a:c7:01: 81:e5:d7:c2:cd:ca:25:c2:5a:bb:a3:a4:59:82:15:8c:44:78: 7f:fe:6e:09:cf:6e:7d:ad:56:fe:96:c7:5a:89:d9:04:0d:29: eb:63:13:b7 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUcAGKyjZg1pArYwBpBRnQeYmv+hwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNTA4MjkxNTExMTJaFw0yNjA4MjgxNTE2MTJaMDMxMTAvBgNV BAMTKEY2NjYwMTA3MDBCQTFFNDFGNkM0QjMzMDI1NzE0MzYzMTA1QTg1QkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLCVWq8hUSo5uzNDa6A/lGRtIf /Vqfq4hgsTp1QltBHrpwSGR5uZDEDWXCd/TO+QY7KtF3B6QN2T/DhAOz4grANC1v x4GxLBNVxVA57TdyuaXGANbZqBEoeQ++eBBNLE6HWrvaXAEHPNKL+pzdRSfV7pHU +kDxM8SCwaZIwE+xCnXKqDcFwVxr4c08o2yZtrxjEchPPQRcQFA6mhs6dKqNGDyp S3RIHgagsrEKehJUWgiV+UwGV+LH10c57hxNbphT2UXXlDYvzkM4BwfbBQ6egBfN FkKY840loxUgG1DI6Dd7dnTNIcem0KcvxHAC1syPCgD1u6Kr6Iac6DmEfq/hAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQU9mYBBwC6HkH2xLMwJXFDYxBahbwwHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzIzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzEz NDM0MzQzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYGSMA0GCSqGSIb3DQEBCwUAA4IBAQA44YOx zvvjAqKy/vYL/ICPtd5YM2pfG4FME54XMW1hP34B/eK9+3HZDxciaLq+z4FtfDOc 5OD3TY6tP9Zlwl7WxT9JV7V8iXokBNngEUrpEASoTGvpCed3/69uWAT+jMpF57IW UgQtQuSGb0IKLBCUg8mVeSzht9d5fwybjx0wku2hoxWS66+XW0WOLWI8CD5iTeX1 05SFibx2HqkSudXi853sibPP9F6KNec3YHjtC6JOz/pajfRRsiwUu3Wwb09NyWCc cEHGNkVEjcyLG5iuXIZ8PpdKxwGB5dfCzcolwlq7o6RZghWMRHh//m4Jz259rVb+ lsdaidkEDSnrYxO3 -----END CERTIFICATE-----Generated at Mon Sep 8 15:47:29 2025 by rpki-client