$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200227.roa File: AS200227.roa (raw, json) Hash identifier: Y8QA939LLOSGJ2EHIY6v7sI3MDHvIO9b8+U5wfFPBQA= Subject key identifier: 46:25:25:7D:B6:3A:AF:C0:5E:37:A6:EC:6D:D3:FC:59:9D:0F:8A:79 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 5EFC6B06240150D1A2AB74CD1FE25036FB0030F6 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200227.roa Signing time: Thu 28 Nov 2024 00:30:34 +0000 ROA not before: Thu 28 Nov 2024 00:25:34 +0000 ROA not after: Thu 27 Nov 2025 00:30:34 +0000 asID: 200227 IP address blocks: 2a07:54c1:4500::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 03:56:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:fc:6b:06:24:01:50:d1:a2:ab:74:cd:1f:e2:50:36:fb:00:30:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Nov 28 00:25:34 2024 GMT Not After : Nov 27 00:30:34 2025 GMT Subject: CN=4625257DB63AAFC05E37A6EC6DD3FC599D0F8A79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:75:87:22:05:11:45:ea:43:c5:15:52:44:58: a7:15:ad:3f:2e:1a:33:12:52:53:c1:58:da:4f:32: 98:49:db:e6:bb:2a:1f:eb:19:19:e9:6a:c8:f3:28: 06:dc:25:6d:80:8d:f8:0e:20:a1:c2:01:5d:43:d0: 85:23:48:7d:fb:a7:78:cb:ca:e9:72:54:e8:b4:85: b0:1e:22:55:d2:da:27:d4:ee:25:06:f2:8a:62:11: 0a:ef:e9:2d:5d:3b:40:f8:80:f4:94:8e:23:76:73: 83:83:8c:5d:98:a4:1d:54:9f:84:42:e7:9f:89:70: 8c:d5:e6:87:d6:3a:66:06:c2:e8:85:48:2e:ce:ca: 94:6f:1b:3f:e3:f1:bb:26:16:fa:13:c7:32:5e:e4: c0:54:d5:d4:29:f9:e2:fd:a6:1d:e7:bf:cf:a2:c3: ea:2b:f2:3e:dc:39:76:f2:26:89:68:57:c8:87:df: c1:3e:4d:a3:a3:77:db:b8:e7:98:9d:f0:db:15:5e: 83:4c:29:4b:98:f5:15:40:be:cd:6d:16:61:60:d2: a9:0a:2f:c5:4c:17:3e:aa:50:3f:75:8b:34:1f:b8: 35:d1:09:9d:f9:57:06:9a:43:89:5e:3d:25:0c:a8: 63:98:fb:2c:94:aa:3d:0d:0d:90:6f:ef:95:36:31: 28:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:25:25:7D:B6:3A:AF:C0:5E:37:A6:EC:6D:D3:FC:59:9D:0F:8A:79 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200227.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4500::/40 Signature Algorithm: sha256WithRSAEncryption a6:dd:35:07:95:34:48:06:9a:91:a5:53:06:1e:20:b3:da:df: 72:2f:56:81:20:64:94:d5:46:d2:34:da:c0:e7:d5:bb:9c:18: 08:b4:9e:f0:64:cb:75:59:d5:29:fc:f4:c9:b5:03:a7:d1:4d: ea:f1:34:0f:35:d7:6f:cf:55:5d:f1:28:f7:0f:40:a3:c9:a0: 13:1e:f9:81:05:fd:9a:52:58:94:cd:00:a5:37:7d:e5:ba:62: cb:4f:df:3f:4f:63:8b:13:f7:b9:50:50:27:b0:71:c1:3b:4c: 27:43:0a:c5:0d:0b:19:21:1d:d3:31:44:a3:bc:c0:7f:ef:84: f5:08:43:6c:02:e7:d4:4e:df:6a:ed:47:ca:1b:11:a4:57:85: cf:fd:91:63:c1:8e:cb:d2:69:95:25:42:bc:b2:f0:7a:e0:88: e9:7d:97:a8:d8:52:b5:0f:de:a1:01:e9:29:a6:c7:f6:ae:f4: d9:fa:a2:57:08:17:64:3a:98:08:d9:3c:ff:97:6c:48:fe:46: f0:3f:b0:29:af:af:6f:19:96:76:f9:04:a4:39:24:ba:3a:68: 3f:cc:a9:5c:9e:16:8c:ef:15:3d:79:9a:fb:84:80:dc:7f:a3: cd:99:b4:8d:93:4a:6c:09:ba:bf:71:6b:3f:50:ed:3e:f3:8b: f8:db:41:78 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXvxrBiQBUNGiq3TNH+JQNvsAMPYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDExMjgwMDI1MzRaFw0yNTExMjcwMDMwMzRaMDMxMTAvBgNV BAMTKDQ2MjUyNTdEQjYzQUFGQzA1RTM3QTZFQzZERDNGQzU5OUQwRjhBNzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDudYciBRFF6kPFFVJEWKcVrT8u GjMSUlPBWNpPMphJ2+a7Kh/rGRnpasjzKAbcJW2AjfgOIKHCAV1D0IUjSH37p3jL yulyVOi0hbAeIlXS2ifU7iUG8opiEQrv6S1dO0D4gPSUjiN2c4ODjF2YpB1Un4RC 55+JcIzV5ofWOmYGwuiFSC7OypRvGz/j8bsmFvoTxzJe5MBU1dQp+eL9ph3nv8+i w+or8j7cOXbyJoloV8iH38E+TaOjd9u455id8NsVXoNMKUuY9RVAvs1tFmFg0qkK L8VMFz6qUD91izQfuDXRCZ35VwaaQ4lePSUMqGOY+yyUqj0NDZBv75U2MSidAgMB AAGjggI8MIICODAdBgNVHQ4EFgQURiUlfbY6r8BeN6bsbdP8WZ0PinkwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAwMjI3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wUUwDQYJKoZIhvcNAQELBQADggEBAKbdNQeVNEgGmpGlUwYeILPa33IvVoEgZJTV RtI02sDn1bucGAi0nvBky3VZ1Sn89Mm1A6fRTerxNA8112/PVV3xKPcPQKPJoBMe +YEF/ZpSWJTNAKU3feW6YstP3z9PY4sT97lQUCewccE7TCdDCsUNCxkhHdMxRKO8 wH/vhPUIQ2wC59RO32rtR8obEaRXhc/9kWPBjsvSaZUlQryy8HrgiOl9l6jYUrUP 3qEB6Smmx/au9Nn6olcIF2Q6mAjZPP+XbEj+RvA/sCmvr28Zlnb5BKQ5JLo6aD/M qVyeFozvFT15mvuEgNx/o82ZtI2TSmwJur9xaz9Q7T7zi/jbQXg= -----END CERTIFICATE-----Generated at Fri Apr 4 17:05:57 2025 by rpki-client