$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS198590.roa File: AS198590.roa (raw, json) Hash identifier: Q9raQ5SOm/t0i9jEpejQf783HKQFd1LKyhYMLPPLc9Y= Subject key identifier: B9:1B:F7:B9:DE:46:A6:E6:6C:34:C8:A3:1B:EE:55:30:27:8D:06:DB Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 636B8AEF920E296825BD9E4932B3BBECED943A60 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS198590.roa Signing time: Sat 25 Jan 2025 00:06:18 +0000 ROA not before: Sat 25 Jan 2025 00:01:18 +0000 ROA not after: Sat 24 Jan 2026 00:06:18 +0000 asID: 198590 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 2a07:54c4:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 03:56:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:6b:8a:ef:92:0e:29:68:25:bd:9e:49:32:b3:bb:ec:ed:94:3a:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Jan 25 00:01:18 2025 GMT Not After : Jan 24 00:06:18 2026 GMT Subject: CN=B91BF7B9DE46A6E66C34C8A31BEE5530278D06DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ef:02:72:ac:2c:e6:20:ee:c6:02:de:89:5a: b3:e2:0b:97:2e:b7:bc:51:4f:9f:31:45:fa:7e:8e: 5b:fe:7f:17:0b:1a:73:5e:4a:b5:8d:ec:25:c8:c7: c7:a4:a5:5e:1c:7d:78:94:e9:52:ef:59:de:53:87: 5f:44:6f:77:50:cc:4c:a4:2b:d3:c5:28:fc:9b:7f: 1a:38:a2:36:21:fe:9b:0c:af:31:ed:25:68:eb:98: 97:71:42:62:93:61:a9:35:63:7d:82:61:3f:3e:04: 50:09:eb:cf:c3:45:c3:d4:d2:4a:30:c2:ac:1a:d2: 85:29:16:74:40:74:a2:cf:6c:a8:9d:15:e8:b7:65: 4b:19:90:94:bb:a6:d8:09:3b:68:d1:4f:f3:e1:cb: b5:8a:99:6b:b4:2f:8b:db:f0:fe:67:be:49:66:2a: 66:80:00:31:d1:08:46:22:df:e7:8d:a9:52:2b:ae: fa:b7:6c:4c:12:97:a1:4e:1b:91:2e:67:be:45:d7: 2c:44:51:3f:78:43:03:f4:2d:fe:73:d6:79:49:59: c0:d1:bb:72:27:d1:28:be:81:2c:22:8e:53:4c:3d: 27:a7:85:1a:9b:62:15:80:8a:10:15:47:af:09:de: 0d:6e:bc:ec:16:ff:3a:73:40:7a:eb:ce:c7:4f:93: 2c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:1B:F7:B9:DE:46:A6:E6:6C:34:C8:A3:1B:EE:55:30:27:8D:06:DB X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS198590.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 2a07:54c4:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 19:95:e1:87:6c:98:fa:a5:31:a4:6c:73:c4:da:88:69:b8:84: f5:e2:15:cf:66:db:d7:23:90:ce:af:0e:fa:3a:18:f7:d8:be: 56:09:aa:f0:0b:1a:c3:85:52:5a:47:a5:ee:e5:e4:0d:6f:32: d3:01:e0:27:c3:e5:1b:66:dc:cc:b2:31:98:0f:04:fa:3c:86: 3c:c3:44:06:5c:2b:91:62:b3:3f:2a:a4:59:10:dc:ad:8c:18: 3a:eb:29:65:93:72:57:90:72:30:38:01:cb:35:d5:31:02:7f: 52:1c:77:87:34:ff:eb:b7:f5:35:c5:05:09:83:65:6d:24:ee: a3:67:4b:0c:b0:84:8a:55:f0:ad:46:e0:25:72:25:4d:73:da: 5e:1b:9f:14:db:30:78:86:fb:e6:8b:9d:9b:43:5c:08:d7:75: ea:54:5c:fa:c3:41:3f:90:49:f8:76:97:79:37:2e:b7:d4:88: b5:9f:39:c7:a9:ca:6e:48:88:b6:92:bd:4d:c3:e8:4f:ef:41: 45:2e:e9:25:3c:45:75:db:dc:aa:4a:13:61:a3:f2:70:d1:d3: 46:44:11:d5:5b:6a:39:dd:f3:a5:d7:dd:11:b6:e8:5e:fa:33: 48:e9:a8:ff:c3:bb:9a:90:0c:df:5f:a0:32:ce:07:73:59:fe: 78:74:86:81 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUY2uK75IOKWglvZ5JMrO77O2UOmAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTAxMjUwMDAxMThaFw0yNjAxMjQwMDA2MThaMDMxMTAvBgNV BAMTKEI5MUJGN0I5REU0NkE2RTY2QzM0QzhBMzFCRUU1NTMwMjc4RDA2REIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC87wJyrCzmIO7GAt6JWrPiC5cu t7xRT58xRfp+jlv+fxcLGnNeSrWN7CXIx8ekpV4cfXiU6VLvWd5Th19Eb3dQzEyk K9PFKPybfxo4ojYh/psMrzHtJWjrmJdxQmKTYak1Y32CYT8+BFAJ68/DRcPU0kow wqwa0oUpFnRAdKLPbKidFei3ZUsZkJS7ptgJO2jRT/Phy7WKmWu0L4vb8P5nvklm KmaAADHRCEYi3+eNqVIrrvq3bEwSl6FOG5EuZ75F1yxEUT94QwP0Lf5z1nlJWcDR u3In0Si+gSwijlNMPSenhRqbYhWAihAVR68J3g1uvOwW/zpzQHrrzsdPkyx9AgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUuRv3ud5GpuZsNMijG+5VMCeNBtswHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk4NTkwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgdU wrALAwcAKgdUxLALMA0GCSqGSIb3DQEBCwUAA4IBAQAZleGHbJj6pTGkbHPE2ohp uIT14hXPZtvXI5DOrw76Ohj32L5WCarwCxrDhVJaR6Xu5eQNbzLTAeAnw+UbZtzM sjGYDwT6PIY8w0QGXCuRYrM/KqRZENytjBg66yllk3JXkHIwOAHLNdUxAn9SHHeH NP/rt/U1xQUJg2VtJO6jZ0sMsISKVfCtRuAlciVNc9peG58U2zB4hvvmi52bQ1wI 13XqVFz6w0E/kEn4dpd5Ny631Ii1nznHqcpuSIi2kr1Nw+hP70FFLuklPEV129yq ShNho/Jw0dNGRBHVW2o53fOl190Rtuhe+jNI6aj/w7uakAzfX6AyzgdzWf54dIaB -----END CERTIFICATE-----Generated at Fri Apr 4 17:05:54 2025 by rpki-client