$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204005.roa File: AS204005.roa (raw, json) Hash identifier: 61uOtOsb4wgPNIxSxHf4k43Tiz37HrBW0ammPNi08JI= Subject key identifier: B3:37:9C:E1:8F:95:90:45:9F:C2:A0:01:B7:17:24:9D:F2:75:27:34 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 5A89EAF1DBF814CDBDBB3F3336912E130C7136D0 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204005.roa Signing time: Wed 28 May 2025 18:20:52 +0000 ROA not before: Wed 28 May 2025 18:15:52 +0000 ROA not after: Wed 27 May 2026 18:20:52 +0000 asID: 204005 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Jun 2025 01:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:89:ea:f1:db:f8:14:cd:bd:bb:3f:33:36:91:2e:13:0c:71:36:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: May 28 18:15:52 2025 GMT Not After : May 27 18:20:52 2026 GMT Subject: CN=B3379CE18F9590459FC2A001B717249DF2752734 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:67:a1:7d:d3:df:4f:9c:35:da:de:04:f0:4e: 9b:d9:92:e2:0f:7e:f0:6d:26:22:9d:9d:91:4d:d2: 48:5a:74:d3:44:92:ae:a7:79:b3:c1:b1:c4:a3:41: 7d:a0:7a:b3:c8:5d:ed:cc:a1:76:c6:c4:ed:4a:e8: a4:ed:ab:34:37:68:99:c7:15:88:dd:fa:a1:80:59: a9:61:ca:c9:32:91:14:d3:86:b8:e2:d4:4e:d2:0c: 24:77:df:0a:fe:0e:eb:fc:70:cc:43:5f:b0:69:e4: d5:61:e5:37:9e:bc:22:32:83:88:0a:b2:1d:cf:86: 02:de:16:37:16:26:c8:a9:a1:db:f2:13:b1:7d:c4: 4c:5f:ea:a0:24:02:ea:ce:01:9e:75:6e:77:a3:f0: 7d:83:eb:e3:a6:73:cb:4d:4d:b5:38:cc:1e:6c:34: 9f:03:6a:82:1c:e7:8b:d1:80:da:31:4f:b7:13:e0: 9a:0d:30:cc:f4:35:fe:79:56:2f:d2:62:91:a7:f1: 79:4f:55:32:30:22:91:d9:36:2b:14:b0:5c:9f:ed: 0e:06:b9:de:07:17:90:eb:46:e1:78:9a:85:78:67: 42:55:55:2e:e1:b4:4c:f3:0e:2c:75:01:55:09:5a: f1:91:55:42:e5:81:ee:4e:9e:23:21:db:9d:88:d7: cf:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:37:9C:E1:8F:95:90:45:9F:C2:A0:01:B7:17:24:9D:F2:75:27:34 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204005.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 6e:83:f1:c2:15:d6:d6:83:69:7a:77:f4:01:28:66:c7:9b:8a: 65:7d:6f:d1:dc:6b:3a:53:84:7b:41:d3:7f:69:4d:e7:9e:f5: 48:d9:5c:38:25:f4:06:b8:9e:b3:4f:ae:05:d3:b6:02:0f:2e: 69:1c:85:d3:4f:f0:7b:19:af:d1:6c:49:ac:a9:51:a3:ae:b5: 17:54:67:4f:e9:8e:a6:b8:85:01:d3:f4:18:a5:68:33:34:1a: cb:05:26:3d:22:47:f4:24:fc:9a:62:ff:62:2f:1d:30:3e:92: 8e:21:3a:58:e9:3f:9f:d8:70:c7:0e:45:c1:95:93:32:3a:74: 1c:aa:1d:4f:d2:2c:25:1f:2f:49:68:cd:dd:2e:1c:42:69:ec: b7:fe:f7:bf:d5:f9:ab:f3:eb:f0:7d:e7:0b:8f:62:9b:00:26: 48:46:3d:99:7d:39:86:06:f0:b7:64:a8:c2:6b:db:dc:ac:56: 5f:53:97:a5:f1:4d:d4:07:df:8e:35:ff:8a:51:57:44:9f:c9: bd:da:91:54:42:e2:22:cf:57:ca:58:d6:a9:dd:46:e8:23:e4: cd:b3:1d:cb:c3:d3:f5:cf:99:24:ae:7d:ae:aa:77:8d:21:ff: 6c:48:08:65:40:82:07:da:99:59:1c:93:2f:3a:27:29:ea:88: df:da:93:97 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUWonq8dv4FM29uz8zNpEuEwxxNtAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA1MjgxODE1NTJaFw0yNjA1MjcxODIwNTJaMDMxMTAvBgNV BAMTKEIzMzc5Q0UxOEY5NTkwNDU5RkMyQTAwMUI3MTcyNDlERjI3NTI3MzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaZ6F9099PnDXa3gTwTpvZkuIP fvBtJiKdnZFN0khadNNEkq6nebPBscSjQX2gerPIXe3MoXbGxO1K6KTtqzQ3aJnH FYjd+qGAWalhyskykRTThrji1E7SDCR33wr+Duv8cMxDX7Bp5NVh5TeevCIyg4gK sh3PhgLeFjcWJsipodvyE7F9xExf6qAkAurOAZ51bnej8H2D6+Omc8tNTbU4zB5s NJ8DaoIc54vRgNoxT7cT4JoNMMz0Nf55Vi/SYpGn8XlPVTIwIpHZNisUsFyf7Q4G ud4HF5DrRuF4moV4Z0JVVS7htEzzDix1AVUJWvGRVULlge5OniMh252I188hAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUszec4Y+VkEWfwqABtxcknfJ1JzQwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA0MDA1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBug/HCFdbWg2l6d/QBKGbHm4plfW/R3Gs6 U4R7QdN/aU3nnvVI2Vw4JfQGuJ6zT64F07YCDy5pHIXTT/B7Ga/RbEmsqVGjrrUX VGdP6Y6muIUB0/QYpWgzNBrLBSY9Ikf0JPyaYv9iLx0wPpKOITpY6T+f2HDHDkXB lZMyOnQcqh1P0iwlHy9JaM3dLhxCaey3/ve/1fmr8+vwfecLj2KbACZIRj2ZfTmG BvC3ZKjCa9vcrFZfU5el8U3UB9+ONf+KUVdEn8m92pFUQuIiz1fKWNap3UboI+TN sx3Lw9P1z5kkrn2uqneNIf9sSAhlQIIH2plZHJMvOicp6ojf2pOX -----END CERTIFICATE-----Generated at Sun Jun 1 10:26:57 2025 by rpki-client