$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663530303a3a2f34382d3438203d3e20323133363035.roa File: 326131343a373538333a663530303a3a2f34382d3438203d3e20323133363035.roa (raw, json) Hash identifier: 9/oPKwR86cNPm2ExAL4kDJvYHegTDwwsjfTcMTofdOY= Subject key identifier: 24:CD:8C:21:64:A2:F3:AB:20:C1:5D:24:D6:D6:10:2B:7E:F8:5E:97 Certificate issuer: /CN=8BD4F7EBFF9763C061D537B8A1D0872D70697632 Certificate serial: 7D5AB6C0951EA8D062DA9469534B28EC733ECDEA Authority key identifier: 8B:D4:F7:EB:FF:97:63:C0:61:D5:37:B8:A1:D0:87:2D:70:69:76:32 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663530303a3a2f34382d3438203d3e20323133363035.roa Signing time: Tue 02 Sep 2025 00:57:45 +0000 ROA not before: Tue 02 Sep 2025 00:52:45 +0000 ROA not after: Tue 01 Sep 2026 00:57:45 +0000 asID: 213605 IP address blocks: 2a14:7583:f500::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.crl rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Sep 2025 05:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:5a:b6:c0:95:1e:a8:d0:62:da:94:69:53:4b:28:ec:73:3e:cd:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BD4F7EBFF9763C061D537B8A1D0872D70697632 Validity Not Before: Sep 2 00:52:45 2025 GMT Not After : Sep 1 00:57:45 2026 GMT Subject: CN=24CD8C2164A2F3AB20C15D24D6D6102B7EF85E97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:34:d3:3a:cf:dc:08:a9:40:cc:2e:25:38:d1: 57:c2:10:6e:05:09:0e:1f:77:89:a0:e2:84:ac:49: 0b:9a:27:cf:ba:04:ea:19:f2:7e:31:05:8d:56:e2: ca:6d:50:ed:ee:94:14:60:2e:1c:f3:83:1e:5f:9c: 3a:54:73:b9:32:33:fe:b5:ff:94:16:02:74:0f:a3: 7d:22:a6:6d:34:31:d8:b1:f1:6a:1f:f1:24:77:5b: ca:47:41:9f:34:4d:5f:b2:f1:d9:0e:f7:da:4b:cd: 99:81:e8:9b:52:25:9e:cf:23:02:1d:32:ee:fd:d4: 7e:23:a0:31:eb:01:aa:9c:f3:5b:20:7a:8f:bd:18: 42:5f:01:08:e2:70:fc:a1:1c:69:84:1d:cb:3d:39: 09:87:4e:e3:11:fa:1d:a2:7f:18:a6:55:1c:0f:be: c5:fa:5e:ec:8d:04:09:8d:62:67:47:17:67:c4:ee: 17:c4:7a:60:19:2a:35:1c:80:2b:2f:0a:06:be:77: 2c:d2:04:72:bd:fe:60:12:47:1c:48:bb:d3:95:b2: 71:8d:c7:3d:ce:a5:a1:f9:c4:b2:f7:7e:be:6f:d6: 2e:70:77:2f:a1:41:ee:c4:b0:dc:01:07:0f:dd:3b: 11:98:14:ff:71:1b:05:77:e9:28:5d:f8:c7:b2:da: e4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:CD:8C:21:64:A2:F3:AB:20:C1:5D:24:D6:D6:10:2B:7E:F8:5E:97 X509v3 Authority Key Identifier: keyid:8B:D4:F7:EB:FF:97:63:C0:61:D5:37:B8:A1:D0:87:2D:70:69:76:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663530303a3a2f34382d3438203d3e20323133363035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:f500::/48 Signature Algorithm: sha256WithRSAEncryption 28:df:7d:6e:88:33:06:62:80:53:2f:7c:0e:b1:b6:1b:ca:40: 70:ea:ff:ee:b2:87:94:9c:05:ff:a7:63:20:7b:78:51:8a:1e: 49:ca:9b:73:3b:84:96:00:c3:bc:fa:3b:6c:f6:ce:70:f5:3a: 54:6d:46:2d:4c:2a:0c:f1:97:d3:70:1a:b8:ea:66:5a:17:06: 64:7a:95:69:a3:ab:de:8f:90:d3:5f:07:9b:e4:aa:1d:79:a7: 94:92:99:ad:ff:f8:42:f9:50:fe:6b:ea:c4:cb:fe:05:22:1f: 3d:7f:2a:e7:42:d0:e7:ee:ab:e4:03:b7:c8:5e:86:c8:e2:71: 80:ea:a2:67:8a:31:0f:fb:ee:47:23:0b:fe:ee:3b:c6:00:2a: 3b:05:b8:3a:f1:c6:23:18:26:ca:49:e8:b5:1c:f6:67:49:d6: d8:89:39:b3:3f:d5:14:0b:be:40:1a:8b:da:29:72:ad:ac:13: aa:27:14:f4:cd:f5:56:8a:5d:db:dc:36:6b:f7:d7:09:63:eb: 8b:e1:b2:bf:48:ad:7f:eb:74:80:fe:db:39:5c:fc:9d:dd:9b: 55:58:a2:3c:d1:78:d9:59:db:e0:bd:ee:cf:82:bf:a2:31:42: 3b:b1:12:c6:5d:64:fb:69:6b:2d:2b:33:c1:21:ef:c4:06:76: 19:8f:10:60 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUfVq2wJUeqNBi2pRpU0so7HM+zeowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJENEY3RUJGRjk3NjNDMDYxRDUzN0I4QTFEMDg3MkQ3 MDY5NzYzMjAeFw0yNTA5MDIwMDUyNDVaFw0yNjA5MDEwMDU3NDVaMDMxMTAvBgNV BAMTKDI0Q0Q4QzIxNjRBMkYzQUIyMEMxNUQyNEQ2RDYxMDJCN0VGODVFOTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqNNM6z9wIqUDMLiU40VfCEG4F CQ4fd4mg4oSsSQuaJ8+6BOoZ8n4xBY1W4sptUO3ulBRgLhzzgx5fnDpUc7kyM/61 /5QWAnQPo30ipm00Mdix8Wof8SR3W8pHQZ80TV+y8dkO99pLzZmB6JtSJZ7PIwId Mu791H4joDHrAaqc81sgeo+9GEJfAQjicPyhHGmEHcs9OQmHTuMR+h2ifximVRwP vsX6XuyNBAmNYmdHF2fE7hfEemAZKjUcgCsvCga+dyzSBHK9/mASRxxIu9OVsnGN xz3OpaH5xLL3fr5v1i5wdy+hQe7EsNwBBw/dOxGYFP9xGwV36Shd+Mey2uRXAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUJM2MIWSi86sgwV0k1tYQK374XpcwHwYDVR0j BBgwFoAUi9T36/+XY8Bh1Te4odCHLXBpdjIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODdkOGRiNzEtYTViZS00NjRjLWE4YjktOGI3YjM3NGFl M2ZhLzEvOEJENEY3RUJGRjk3NjNDMDYxRDUzN0I4QTFEMDg3MkQ3MDY5NzYzMi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84QkQ0RjdFQkZGOTc2M0MwNjFENTM3QjhB MUQwODcyRDcwNjk3NjMyLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84N2Q4ZGI3MS1hNWJlLTQ2NGMtYThiOS04YjdiMzc0YWUzZmEvMS8zMjYxMzEz NDNhMzczNTM4MzMzYTY2MzUzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTMzMzYzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1g/UAMA0GCSqGSIb3DQEBCwUAA4IBAQAo 331uiDMGYoBTL3wOsbYbykBw6v/usoeUnAX/p2Mge3hRih5JyptzO4SWAMO8+jts 9s5w9TpUbUYtTCoM8ZfTcBq46mZaFwZkepVpo6vej5DTXweb5KodeaeUkpmt//hC +VD+a+rEy/4FIh89fyrnQtDn7qvkA7fIXobI4nGA6qJnijEP++5HIwv+7jvGACo7 Bbg68cYjGCbKSei1HPZnSdbYiTmzP9UUC75AGovaKXKtrBOqJxT0zfVWil3b3DZr 99cJY+uL4bK/SK1/63SA/ts5XPyd3ZtVWKI80XjZWdvgve7Pgr+iMUI7sRLGXWT7 aWstKzPBIe/EBnYZjxBg -----END CERTIFICATE-----Generated at Sun Sep 7 09:27:27 2025 by rpki-client