$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199428.roa File: AS199428.roa (raw, json) Hash identifier: Pm9JpVDyW3ieS73il7Rp/NnX4XRY/+uzcPkdMQa7pd8= Subject key identifier: B7:9D:C8:24:9C:99:9D:DA:3C:00:F2:4E:66:F5:A1:BA:8A:83:0A:B9 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 49709CAC6399076822282C27C996BAC6E749B5A4 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199428.roa Signing time: Sun 03 Dec 2023 21:44:19 +0000 ROA not before: Sun 03 Dec 2023 21:39:19 +0000 ROA not after: Sun 01 Dec 2024 21:44:19 +0000 asID: 199428 IP address blocks: 2a07:54c1:4300::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 01 Jun 2024 13:33:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:70:9c:ac:63:99:07:68:22:28:2c:27:c9:96:ba:c6:e7:49:b5:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Dec 3 21:39:19 2023 GMT Not After : Dec 1 21:44:19 2024 GMT Subject: CN=B79DC8249C999DDA3C00F24E66F5A1BA8A830AB9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b2:0d:d0:d3:5e:66:c2:59:79:30:0e:76:9d: 18:72:f6:40:6a:58:e4:a5:4c:55:44:20:5c:9b:a0: 6b:97:42:33:23:ab:51:da:8a:14:86:e3:41:4f:9b: ae:33:4c:73:eb:8d:cd:af:c4:0e:8c:07:c0:15:3b: 47:07:00:3b:2c:4a:59:da:b2:c9:e8:93:16:95:0e: ee:0f:71:b7:29:99:4c:63:1b:f0:de:5b:f3:89:34: 07:ae:1d:5d:eb:44:bc:70:d1:92:11:e9:29:3b:f1: 23:fb:fc:b7:78:d1:1b:6c:d8:c9:aa:e2:33:c4:76: 89:86:0c:8d:b8:22:4f:da:6f:43:be:64:f2:c9:0c: f0:8e:fc:ba:fc:12:61:de:4d:30:f3:48:87:c3:ec: 24:87:e0:9f:8d:dc:e9:93:7b:df:21:16:43:86:87: 6c:4f:59:0b:b9:0e:91:be:2a:aa:28:05:e4:a9:5c: e1:85:c2:f3:6e:63:6a:08:5f:36:1f:e8:a9:ce:99: 6e:23:dc:78:87:fd:29:45:33:69:fd:d5:46:40:36: 66:8c:cc:2f:4f:51:20:41:8b:dc:cc:e9:82:5d:f2: fc:46:de:a3:5a:9f:92:03:c2:cf:59:a2:db:f7:e3: 94:b1:45:c5:b6:d1:b6:72:15:0b:06:ac:58:65:1b: e0:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:9D:C8:24:9C:99:9D:DA:3C:00:F2:4E:66:F5:A1:BA:8A:83:0A:B9 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199428.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4300::/40 Signature Algorithm: sha256WithRSAEncryption 12:97:2d:a8:a8:99:0c:9f:4f:f9:59:99:cb:26:33:a5:ef:30: fa:60:9c:9d:05:d8:2c:bc:78:43:9d:28:d8:50:4d:2b:ce:97: 49:40:fe:d0:c0:7c:13:97:35:a5:47:f9:c3:35:5d:9e:89:9b: 11:03:25:1c:05:92:ad:18:d0:b3:79:e8:09:13:86:73:ea:f1: ea:66:57:0f:c0:81:f5:f8:ca:b1:cc:bf:32:a5:a9:f6:79:7e: 59:d2:06:04:52:1d:f0:1d:0c:0e:52:9b:08:f2:cb:e9:9f:52: 34:7b:2f:a1:10:89:db:e0:41:54:e9:85:8b:10:07:8e:83:5a: 01:d1:eb:0d:e5:a4:c9:1a:48:40:56:fc:2a:82:55:6a:97:42: 5f:7d:60:37:b3:25:ad:6c:d6:a4:89:c5:31:2a:94:86:da:e7: 45:06:14:c3:5c:ee:e3:17:fe:1f:75:de:af:5b:e1:08:80:53: c7:0f:3b:ab:d7:e3:f5:97:7f:1a:fc:76:e8:02:d3:6f:c8:65: 1c:fb:cf:fa:b0:b6:7b:90:39:22:93:71:7e:91:66:77:af:9e: 54:d5:46:ab:46:62:2d:37:e8:30:d1:52:b0:32:6a:20:db:8e: 86:0f:fe:8b:2c:b6:83:be:0c:9d:1e:f2:8c:43:a6:9d:ba:59: e2:77:25:b9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSXCcrGOZB2giKCwnyZa6xudJtaQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yMzEyMDMyMTM5MTlaFw0yNDEyMDEyMTQ0MTlaMDMxMTAvBgNV BAMTKEI3OURDODI0OUM5OTlEREEzQzAwRjI0RTY2RjVBMUJBOEE4MzBBQjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0sg3Q015mwll5MA52nRhy9kBq WOSlTFVEIFyboGuXQjMjq1HaihSG40FPm64zTHPrjc2vxA6MB8AVO0cHADssSlna ssnokxaVDu4PcbcpmUxjG/DeW/OJNAeuHV3rRLxw0ZIR6Sk78SP7/Ld40Rts2Mmq 4jPEdomGDI24Ik/ab0O+ZPLJDPCO/Lr8EmHeTTDzSIfD7CSH4J+N3OmTe98hFkOG h2xPWQu5DpG+KqooBeSpXOGFwvNuY2oIXzYf6KnOmW4j3HiH/SlFM2n91UZANmaM zC9PUSBBi9zM6YJd8vxG3qNan5IDws9Zotv345SxRcW20bZyFQsGrFhlG+CBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUt53IJJyZndo8APJOZvWhuoqDCrkwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk5NDI4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wUMwDQYJKoZIhvcNAQELBQADggEBABKXLaiomQyfT/lZmcsmM6XvMPpgnJ0F2Cy8 eEOdKNhQTSvOl0lA/tDAfBOXNaVH+cM1XZ6JmxEDJRwFkq0Y0LN56AkThnPq8epm Vw/AgfX4yrHMvzKlqfZ5flnSBgRSHfAdDA5Smwjyy+mfUjR7L6EQidvgQVTphYsQ B46DWgHR6w3lpMkaSEBW/CqCVWqXQl99YDezJa1s1qSJxTEqlIba50UGFMNc7uMX /h913q9b4QiAU8cPO6vX4/WXfxr8dugC02/IZRz7z/qwtnuQOSKTcX6RZnevnlTV RqtGYi036DDRUrAyaiDbjoYP/osstoO+DJ0e8oxDpp26WeJ3Jbk= -----END CERTIFICATE-----Generated at Sat Jun 1 06:15:08 2024 by rpki-client on console-ams.rpki-client.org