$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: nhp8dLyn50K0P7c1NII9dSWT8wIDYvEO2Kikhr/Y1NA= Subject key identifier: 00:6B:04:D2:B0:8B:86:91:69:77:47:EC:F6:7B:0A:8A:9D:A5:AA:78 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 6AD8D28EC82CC23808B3A96079DE0239A4A088E5 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa Signing time: Thu 11 Apr 2024 02:27:53 +0000 ROA not before: Thu 11 Apr 2024 02:22:53 +0000 ROA not after: Thu 10 Apr 2025 02:27:53 +0000 asID: 0 IP address blocks: 2a07:54c5::/32 maxlen: 32 2a07:54c5:a007::/48 maxlen: 48 2a07:54c5:a008::/48 maxlen: 48 2a07:54c5:b00b::/48 maxlen: 48 2a07:54c5:beee::/48 maxlen: 48 2a07:54c5:cafe::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Apr 2024 14:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:d8:d2:8e:c8:2c:c2:38:08:b3:a9:60:79:de:02:39:a4:a0:88:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Apr 11 02:22:53 2024 GMT Not After : Apr 10 02:27:53 2025 GMT Subject: CN=006B04D2B08B8691697747ECF67B0A8A9DA5AA78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2b:9a:2a:d6:d1:38:cc:10:79:9c:a8:f9:f6: 2e:58:e0:e5:a1:15:cd:e7:43:7b:45:1d:88:98:62: 81:02:d0:ac:4c:f7:0a:39:13:26:76:3b:2a:71:ba: 5d:6c:35:38:13:dc:2b:f6:7a:d5:d5:01:0c:a6:bd: 72:da:8d:42:41:bf:cc:8f:f6:d2:92:9c:8e:9f:45: 8f:66:88:f4:8c:12:4f:55:4b:ba:19:eb:0c:d0:01: c4:e1:f7:da:01:f2:21:14:f9:10:d8:02:fc:02:da: 73:57:a6:93:20:ac:df:7a:1f:cd:ee:1b:6f:2f:31: 5d:8e:12:79:19:81:38:26:1f:d1:c2:a7:04:f9:de: 32:f3:d5:b2:65:2a:73:a5:eb:6e:2e:74:5c:e3:50: ff:b8:7a:d7:3c:fa:4e:e3:f5:2f:32:08:c6:76:ad: 9f:c3:50:37:78:77:94:04:96:21:a9:96:4f:c3:76: 58:09:74:64:6d:57:1f:21:37:47:4b:a5:3c:71:40: e6:12:bc:33:b8:18:b8:99:4b:79:43:5a:37:cb:f7: 08:8f:3d:be:02:88:7a:d7:de:e4:56:dc:3a:6f:86: 1d:9c:c5:8a:a3:af:6a:19:ac:ff:20:8b:b0:e0:e6: c7:30:2e:7a:d0:de:92:5c:08:72:8d:3a:76:14:eb: f7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:6B:04:D2:B0:8B:86:91:69:77:47:EC:F6:7B:0A:8A:9D:A5:AA:78 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c5::/32 Signature Algorithm: sha256WithRSAEncryption 02:a9:f0:91:be:54:45:09:87:8a:b0:e6:7a:d5:cd:df:45:13: 43:69:f0:2d:cd:3d:41:a3:24:9b:69:30:66:d9:9a:46:f6:6c: b5:21:02:ef:a5:ae:87:7c:2e:8b:a0:ac:67:58:a9:96:0b:af: 71:58:90:9d:fc:3c:51:ab:88:81:48:a7:aa:b2:90:5d:c4:dd: 14:99:fd:59:6e:aa:16:bb:b5:d7:87:18:21:40:d8:e1:31:dc: 75:d0:c6:6c:ca:f2:06:de:92:5c:27:8e:35:a6:01:d1:1c:76: 93:1e:eb:8c:69:c3:ca:f5:10:42:74:9d:eb:fc:95:c9:45:96: a7:8c:57:00:bd:56:8a:4c:52:7a:25:78:83:59:1d:29:6b:8a: 13:4c:8c:9f:06:c6:b1:dd:81:cc:39:62:b2:05:2d:51:78:78: b5:50:04:81:12:d4:b7:35:34:1d:a0:6b:e5:f9:35:93:78:22: 5b:48:04:81:68:ed:c7:e9:33:30:1b:14:8d:72:65:2c:e5:23: 95:82:fe:87:01:de:cc:7d:de:2b:ec:c7:e7:f2:ba:92:19:e7: 46:e4:63:2f:93:8e:e6:67:f4:2e:63:0a:59:d9:5f:e6:34:56: 8f:43:ba:71:f2:43:b7:e5:5a:38:f1:eb:73:5b:61:ef:ac:c8: df:1b:29:97 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUatjSjsgswjgIs6lged4COaSgiOUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDA0MTEwMjIyNTNaFw0yNTA0MTAwMjI3NTNaMDMxMTAvBgNV BAMTKDAwNkIwNEQyQjA4Qjg2OTE2OTc3NDdFQ0Y2N0IwQThBOURBNUFBNzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxK5oq1tE4zBB5nKj59i5Y4OWh Fc3nQ3tFHYiYYoEC0KxM9wo5EyZ2Oypxul1sNTgT3Cv2etXVAQymvXLajUJBv8yP 9tKSnI6fRY9miPSMEk9VS7oZ6wzQAcTh99oB8iEU+RDYAvwC2nNXppMgrN96H83u G28vMV2OEnkZgTgmH9HCpwT53jLz1bJlKnOl624udFzjUP+4etc8+k7j9S8yCMZ2 rZ/DUDd4d5QEliGplk/DdlgJdGRtVx8hN0dLpTxxQOYSvDO4GLiZS3lDWjfL9wiP Pb4CiHrX3uRW3Dpvhh2cxYqjr2oZrP8gi7Dg5scwLnrQ3pJcCHKNOnYU6/fnAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUAGsE0rCLhpFpd0fs9nsKip2lqngwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoHVMUwDQYJ KoZIhvcNAQELBQADggEBAAKp8JG+VEUJh4qw5nrVzd9FE0Np8C3NPUGjJJtpMGbZ mkb2bLUhAu+lrod8LougrGdYqZYLr3FYkJ38PFGriIFIp6qykF3E3RSZ/Vluqha7 tdeHGCFA2OEx3HXQxmzK8gbeklwnjjWmAdEcdpMe64xpw8r1EEJ0nev8lclFlqeM VwC9VopMUnoleINZHSlrihNMjJ8GxrHdgcw5YrIFLVF4eLVQBIES1Lc1NB2ga+X5 NZN4IltIBIFo7cfpMzAbFI1yZSzlI5WC/ocB3sx93ivsx+fyupIZ50bkYy+TjuZn 9C5jClnZX+Y0Vo9DunHyQ7flWjjx63NbYe+syN8bKZc= -----END CERTIFICATE-----Generated at Fri Apr 26 00:05:13 2024 by rpki-client on console-fra.rpki-client.org