$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203232.roa File: AS203232.roa (raw, json) Hash identifier: 8aabeP9BFLNRdQrzqpSCTC+vgxSQN0ItxgxbpelQY3w= Subject key identifier: 8B:EB:8D:BB:29:28:8E:8E:24:7F:BA:AB:28:08:14:6C:1D:28:CE:95 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 50DF2F251E133119AE963C0F45F2DA8BE52BF1D1 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203232.roa Signing time: Wed 28 May 2025 18:20:52 +0000 ROA not before: Wed 28 May 2025 18:15:52 +0000 ROA not after: Wed 27 May 2026 18:20:52 +0000 asID: 203232 IP address blocks: 2a07:54c1:1000::/36 maxlen: 48 2a07:54c4:1754::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Jun 2025 01:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:df:2f:25:1e:13:31:19:ae:96:3c:0f:45:f2:da:8b:e5:2b:f1:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: May 28 18:15:52 2025 GMT Not After : May 27 18:20:52 2026 GMT Subject: CN=8BEB8DBB29288E8E247FBAAB2808146C1D28CE95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f2:b8:e6:51:95:11:b2:2f:ff:c3:d4:d8:33: 1b:d1:d1:5a:7a:64:b8:5e:3c:cb:03:43:3b:ef:a4: 13:ef:a3:9d:b6:bc:f0:d9:7a:06:43:fe:25:f6:ac: 0a:01:ab:e5:0c:1f:24:31:31:36:cd:df:3e:3e:ef: 1c:67:35:c8:cd:9b:5b:27:52:01:96:56:9f:c1:a9: 9b:47:6e:b8:3e:7e:ae:4a:fb:d4:60:48:5a:05:29: 15:8c:47:e0:f6:28:11:de:e9:1d:06:ad:35:4e:dd: ce:fa:9c:cb:46:10:28:10:53:94:bf:af:0c:f1:11: f3:e5:28:5e:7a:83:bd:12:09:43:7a:3c:54:6f:08: b5:93:6a:0c:0b:e1:ec:31:d4:ec:1f:60:e0:be:5f: cc:6c:8c:14:9b:8b:e7:e6:41:95:1f:53:4f:a5:c2: 2d:c2:cb:42:b7:12:f5:a7:1e:92:bb:9e:af:ae:8f: 11:47:a0:c9:3b:87:ce:bf:47:ae:fc:11:4d:4c:04: a8:fb:06:92:b1:3c:78:96:31:88:7d:86:05:23:c1: 87:c7:7c:f7:f7:99:91:93:be:c9:bc:d4:df:c3:7c: e2:38:40:a5:61:75:1f:c1:c6:22:4e:42:b3:01:96: e4:cd:ef:63:dd:94:ef:6a:a2:54:83:a3:a3:e7:34: 0b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:EB:8D:BB:29:28:8E:8E:24:7F:BA:AB:28:08:14:6C:1D:28:CE:95 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203232.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:1000::/36 2a07:54c4:1754::/48 Signature Algorithm: sha256WithRSAEncryption 44:3f:cf:a3:eb:0c:b3:b3:7a:b2:9f:cf:6c:17:c7:8d:fc:c8: ba:4a:7c:88:9f:d5:78:c7:26:f7:32:e8:71:3d:ff:2c:98:77: c9:8e:c4:79:17:53:b3:9c:be:2b:bf:b5:84:26:93:e3:64:98: 76:1f:94:51:df:b7:dd:fe:26:94:65:cc:33:97:0e:41:66:ff: 7a:25:00:df:1a:91:f6:3c:42:80:2c:32:be:14:c1:07:cd:ac: 20:35:b9:30:0b:0c:d7:c5:f9:7b:5d:35:14:9f:ca:86:e7:89: 22:5f:e7:39:79:8f:29:fc:7e:44:72:e4:8f:7a:20:bf:14:ff: 39:9f:05:4e:f4:4e:c3:90:b2:cd:df:45:f2:a4:10:e0:16:c3: f8:ba:d1:84:14:8e:78:65:54:c7:95:f0:26:ab:a7:fa:f8:c1: b4:d3:f2:70:a3:62:cd:e4:23:61:e2:92:af:fc:9c:c1:bb:e6: 47:4b:6e:d2:9e:5b:27:68:65:46:40:8e:f9:d9:24:23:50:5e: b2:7a:20:14:d8:db:05:c1:6e:45:33:d2:19:c8:5d:1b:4a:77: de:b4:a1:9b:fb:e4:bd:95:ea:78:7a:56:aa:b3:ce:09:0b:7b: ce:e5:ca:f5:02:f0:f7:db:d1:16:e2:ba:fc:f8:1c:8c:b0:37: 6c:19:fc:21 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIUUN8vJR4TMRmuljwPRfLai+Ur8dEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA1MjgxODE1NTJaFw0yNjA1MjcxODIwNTJaMDMxMTAvBgNV BAMTKDhCRUI4REJCMjkyODhFOEUyNDdGQkFBQjI4MDgxNDZDMUQyOENFOTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF8rjmUZURsi//w9TYMxvR0Vp6 ZLhePMsDQzvvpBPvo522vPDZegZD/iX2rAoBq+UMHyQxMTbN3z4+7xxnNcjNm1sn UgGWVp/BqZtHbrg+fq5K+9RgSFoFKRWMR+D2KBHe6R0GrTVO3c76nMtGECgQU5S/ rwzxEfPlKF56g70SCUN6PFRvCLWTagwL4ewx1OwfYOC+X8xsjBSbi+fmQZUfU0+l wi3Cy0K3EvWnHpK7nq+ujxFHoMk7h86/R678EU1MBKj7BpKxPHiWMYh9hgUjwYfH fPf3mZGTvsm81N/DfOI4QKVhdR/BxiJOQrMBluTN72PdlO9qolSDo6PnNAu9AgMB AAGjggJFMIICQTAdBgNVHQ4EFgQUi+uNuykojo4kf7qrKAgUbB0ozpUwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAzMjMyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYEKgdU wRADBwAqB1TEF1QwDQYJKoZIhvcNAQELBQADggEBAEQ/z6PrDLOzerKfz2wXx438 yLpKfIif1XjHJvcy6HE9/yyYd8mOxHkXU7Ocviu/tYQmk+NkmHYflFHft93+JpRl zDOXDkFm/3olAN8akfY8QoAsMr4UwQfNrCA1uTALDNfF+XtdNRSfyobniSJf5zl5 jyn8fkRy5I96IL8U/zmfBU70TsOQss3fRfKkEOAWw/i60YQUjnhlVMeV8Carp/r4 wbTT8nCjYs3kI2Hikq/8nMG75kdLbtKeWydoZUZAjvnZJCNQXrJ6IBTY2wXBbkUz 0hnIXRtKd960oZv75L2V6nh6VqqzzgkLe87lyvUC8Pfb0Rbiuvz4HIywN2wZ/CE= -----END CERTIFICATE-----Generated at Sun Jun 1 10:22:14 2025 by rpki-client