$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/326130663a316363363a626162303a3a2f34342d3438203d3e20323034353335.roa File: 326130663a316363363a626162303a3a2f34342d3438203d3e20323034353335.roa (raw, json) Hash identifier: 1+IhrNjfDlSrKMldoQWSJhujOmN03JwrltC4p7zGNeE= Subject key identifier: DB:9A:BF:43:B4:9B:F0:8F:AE:84:9B:74:1E:26:D7:E8:D1:0E:B8:D2 Certificate issuer: /CN=AFF4C2C7543A73C42DFA94F9950C37BDC859D280 Certificate serial: 19D9942856CACECDFF463ACAED4E1C2A0E37FCB8 Authority key identifier: AF:F4:C2:C7:54:3A:73:C4:2D:FA:94:F9:95:0C:37:BD:C8:59:D2:80 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/326130663a316363363a626162303a3a2f34342d3438203d3e20323034353335.roa Signing time: Sat 25 Oct 2025 03:20:47 +0000 ROA not before: Sat 25 Oct 2025 03:15:47 +0000 ROA not after: Sat 24 Oct 2026 03:20:47 +0000 asID: 204535 IP address blocks: 2a0f:1cc6:bab0::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.crl rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.mft rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.cer rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 29 Oct 2025 23:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:d9:94:28:56:ca:ce:cd:ff:46:3a:ca:ed:4e:1c:2a:0e:37:fc:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFF4C2C7543A73C42DFA94F9950C37BDC859D280 Validity Not Before: Oct 25 03:15:47 2025 GMT Not After : Oct 24 03:20:47 2026 GMT Subject: CN=DB9ABF43B49BF08FAE849B741E26D7E8D10EB8D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:13:5f:22:fa:d4:9f:60:fa:4f:a9:4f:37:f1: 9c:2e:46:03:f2:0a:3e:e3:2b:f8:b9:9c:83:3e:82: ea:c2:03:d7:e3:7d:8f:4c:b3:ac:d6:39:f6:af:e4: 54:7e:30:82:35:70:6d:5c:fc:f0:af:a1:5f:73:cd: 9c:48:20:ae:1d:4f:a8:8a:1a:12:9c:bd:fa:2a:f7: 1f:82:74:66:8b:54:13:32:12:c5:db:f3:81:80:08: 6f:c6:b4:2e:a9:ea:2c:6e:06:5d:cc:6a:c6:4a:19: 14:35:92:ae:6e:0a:12:09:92:5f:5f:7f:01:fd:7d: 65:c0:b6:b3:c4:f9:ec:5a:47:47:8c:68:ed:50:22: 8b:b6:c1:af:40:46:26:3e:74:14:d3:4c:66:a6:3a: ef:a2:6f:98:0f:cb:91:a4:6b:74:ee:8e:46:af:4a: 1e:76:96:31:b8:b6:ed:2a:a2:b3:82:23:a3:1e:c5: 69:31:e1:ab:db:b3:60:52:8a:a6:98:c7:0b:fa:62: a2:05:77:b8:a8:b9:52:8a:89:5a:35:08:0a:f0:a3: ed:80:bf:dd:7e:52:95:b7:a6:09:05:d1:be:9a:1c: 21:85:71:55:cb:7c:c2:2c:91:c5:96:c8:7f:09:db: 74:c5:71:fe:fc:14:37:4d:2d:a9:07:a3:7c:cf:47: ef:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:9A:BF:43:B4:9B:F0:8F:AE:84:9B:74:1E:26:D7:E8:D1:0E:B8:D2 X509v3 Authority Key Identifier: keyid:AF:F4:C2:C7:54:3A:73:C4:2D:FA:94:F9:95:0C:37:BD:C8:59:D2:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/AFF4C2C7543A73C42DFA94F9950C37BDC859D280.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/2/326130663a316363363a626162303a3a2f34342d3438203d3e20323034353335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc6:bab0::/44 Signature Algorithm: sha256WithRSAEncryption 08:1c:69:01:4c:aa:56:66:d5:28:34:2b:14:8c:6a:1f:5d:31: 99:16:98:a3:a8:09:dc:75:2e:37:ed:11:46:43:16:7d:ff:49: 0c:14:9e:ba:3d:4d:17:39:20:03:70:a4:44:5b:7e:12:a4:79: 35:b2:0b:4d:95:1e:55:8e:e6:50:3a:96:5e:38:5d:4e:c6:fd: 2e:5e:69:5f:08:4a:8d:6d:cd:a4:41:7d:66:a6:ea:5e:67:7c: 32:79:85:36:5e:8c:d4:e3:1f:cb:71:28:84:9b:42:ed:c3:56: a4:06:b9:48:ca:e3:d6:9e:b8:3b:ed:e9:ce:08:f2:06:b2:26: 9b:69:63:05:8b:55:7d:e0:1c:4d:3b:b9:77:40:ba:2b:cb:e2: 5d:0c:1d:08:75:04:e7:a5:a3:80:c3:bc:88:3d:4e:22:e5:c7: 17:c7:01:f9:98:fd:f7:a7:36:df:45:b1:40:6d:0d:74:c2:cc: 56:96:9f:29:fd:fc:b5:05:15:74:37:ab:da:82:82:48:26:53: ed:2e:1f:62:88:74:63:80:ae:35:9c:8a:2e:74:65:1f:8e:a1: 0e:6b:35:8e:e9:17:5e:31:08:9c:db:ba:62:b8:f5:c2:62:ce: e2:6e:d6:55:98:72:f2:ea:22:ef:b7:24:7a:34:a4:60:29:65: f7:1c:7b:30 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUGdmUKFbKzs3/RjrK7U4cKg43/LgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZGNEMyQzc1NDNBNzNDNDJERkE5NEY5OTUwQzM3QkRD ODU5RDI4MDAeFw0yNTEwMjUwMzE1NDdaFw0yNjEwMjQwMzIwNDdaMDMxMTAvBgNV BAMTKERCOUFCRjQzQjQ5QkYwOEZBRTg0OUI3NDFFMjZEN0U4RDEwRUI4RDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTE18i+tSfYPpPqU838ZwuRgPy Cj7jK/i5nIM+gurCA9fjfY9Ms6zWOfav5FR+MII1cG1c/PCvoV9zzZxIIK4dT6iK GhKcvfoq9x+CdGaLVBMyEsXb84GACG/GtC6p6ixuBl3MasZKGRQ1kq5uChIJkl9f fwH9fWXAtrPE+exaR0eMaO1QIou2wa9ARiY+dBTTTGamOu+ib5gPy5Gka3Tujkav Sh52ljG4tu0qorOCI6MexWkx4avbs2BSiqaYxwv6YqIFd7iouVKKiVo1CArwo+2A v91+UpW3pgkF0b6aHCGFcVXLfMIskcWWyH8J23TFcf78FDdNLakHo3zPR+8RAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU25q/Q7Sb8I+uhJt0HibX6NEOuNIwHwYDVR0j BBgwFoAUr/TCx1Q6c8Qt+pT5lQw3vchZ0oAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODdkOGRiNzEtYTViZS00NjRjLWE4YjktOGI3YjM3NGFl M2ZhLzIvQUZGNEMyQzc1NDNBNzNDNDJERkE5NEY5OTUwQzM3QkRDODU5RDI4MC5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMjZlYjEzNi00ZmU1LTRl NjEtYTRkOC1mMzQ1ZjUyYmMyNWQvMC9BRkY0QzJDNzU0M0E3M0M0MkRGQTk0Rjk5 NTBDMzdCREM4NTlEMjgwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84N2Q4ZGI3MS1hNWJlLTQ2NGMtYThiOS04YjdiMzc0YWUzZmEvMi8zMjYxMzA2 NjNhMzE2MzYzMzYzYTYyNjE2MjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MDM0MzUzMzM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKg8cxrqwMA0GCSqGSIb3DQEBCwUAA4IBAQAI HGkBTKpWZtUoNCsUjGofXTGZFpijqAncdS437RFGQxZ9/0kMFJ66PU0XOSADcKRE W34SpHk1sgtNlR5VjuZQOpZeOF1Oxv0uXmlfCEqNbc2kQX1mpupeZ3wyeYU2XozU 4x/LcSiEm0Ltw1akBrlIyuPWnrg77enOCPIGsiabaWMFi1V94BxNO7l3QLory+Jd DB0IdQTnpaOAw7yIPU4i5ccXxwH5mP33pzbfRbFAbQ10wsxWlp8p/fy1BRV0N6va goJIJlPtLh9iiHRjgK41nIoudGUfjqEOazWO6RdeMQic27piuPXCYs7ibtZVmHLy 6iLvtyR6NKRgKWX3HHsw -----END CERTIFICATE-----Generated at Wed Oct 29 07:12:08 2025 by rpki-client