$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206125.roa File: AS206125.roa (raw, json) Hash identifier: 7vm4mj4Aar6MOuOpzkYb0JwuAmLDsgYSPPzvKRigocM= Subject key identifier: 2C:DC:24:B2:5F:34:20:C3:31:EA:91:2A:4D:E3:DD:5F:04:52:CC:1C Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 5DE5EDE6934703DD5521B0072F89580E72C217A1 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206125.roa Signing time: Fri 10 Nov 2023 18:38:11 +0000 ROA not before: Fri 10 Nov 2023 18:33:11 +0000 ROA not after: Fri 08 Nov 2024 18:38:11 +0000 asID: 206125 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 2a07:54c4:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 May 2024 23:00:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:e5:ed:e6:93:47:03:dd:55:21:b0:07:2f:89:58:0e:72:c2:17:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Nov 10 18:33:11 2023 GMT Not After : Nov 8 18:38:11 2024 GMT Subject: CN=2CDC24B25F3420C331EA912A4DE3DD5F0452CC1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:36:ff:55:cb:dd:76:f0:39:73:78:8b:9e:ea: da:07:9b:4d:00:6b:98:fd:2e:26:94:c5:1f:c6:ab: 22:1b:b3:71:a4:ef:02:ed:f1:e8:e5:b9:c8:e5:56: 11:4c:97:dc:dc:51:7a:f5:ea:6d:e3:99:96:2c:12: 10:91:1d:74:f7:c5:bd:44:b2:6d:de:c1:99:12:26: 4a:90:f6:a1:39:fa:26:ba:21:d9:b4:9a:3b:92:31: 61:da:0e:ec:e2:78:d8:78:57:fe:b7:9b:74:30:5c: 59:a1:fb:5d:c2:d5:53:34:ed:86:02:68:64:3e:cd: 7f:9e:dd:ef:f8:73:50:d4:c3:b2:00:46:82:9b:b9: 9c:72:83:82:f6:c5:b1:66:9c:b5:cb:84:a6:a8:00: e5:6e:8d:60:2b:78:fb:7e:97:14:f7:48:fc:23:ab: dd:88:89:bf:f4:5f:c9:b4:6f:1c:d9:29:92:f0:da: eb:6a:3d:4c:70:89:d3:79:a6:07:ad:c0:16:a0:30: 1a:9a:3c:e9:69:7b:27:3b:d5:77:1d:5a:37:ba:d3: cc:37:ff:1f:f5:5b:bc:c6:8c:7f:4b:a2:69:31:00: 0d:04:f0:0e:1d:f7:aa:d1:86:99:47:e9:5f:ea:22: 11:dd:33:90:03:91:e8:df:28:1b:59:c3:ff:77:5f: 7a:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:DC:24:B2:5F:34:20:C3:31:EA:91:2A:4D:E3:DD:5F:04:52:CC:1C X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206125.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 2a07:54c4:2::/48 Signature Algorithm: sha256WithRSAEncryption 26:9b:ca:b7:c0:4b:b8:c1:74:67:79:6d:87:fa:9a:2e:8b:2e: aa:19:07:05:66:bb:18:c3:ee:04:c5:8d:2b:51:8a:f8:e7:94: 06:c5:f5:17:90:50:b8:e5:55:44:ce:20:da:1d:fa:96:8e:cc: ad:ca:38:17:10:25:4f:45:78:a0:c6:64:c6:39:57:74:21:29: f1:99:f6:60:98:7d:de:27:25:c1:76:c1:11:83:ac:ff:70:6e: 5c:5d:d1:c5:a2:50:34:93:ec:90:e2:06:fc:1a:d5:b2:92:32: 1a:85:90:4a:be:a3:a8:34:23:24:77:28:e1:10:2c:7c:53:aa: 1d:02:43:0a:02:8f:f1:4f:84:c4:83:e7:ec:c1:f8:2f:48:e6: d5:56:9b:75:02:86:9c:b6:af:c9:ca:8d:5c:01:2a:67:6f:2f: b1:83:61:6b:61:93:4d:6c:3b:01:bd:c8:60:be:51:f0:96:52: fd:68:62:c6:c2:5f:66:17:63:df:dc:48:a5:cd:02:75:db:7e: 82:ca:99:29:af:13:f5:d9:fd:ab:47:f2:11:e5:d3:9d:a2:2d: 08:a1:e9:0c:b2:70:1d:ce:d0:42:1a:bb:6d:3e:ff:e7:1b:78: bb:02:db:a4:fa:cf:f0:3f:fa:4c:98:9c:e1:f4:03:75:be:46: 9e:fb:03:6a -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUXeXt5pNHA91VIbAHL4lYDnLCF6EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yMzExMTAxODMzMTFaFw0yNDExMDgxODM4MTFaMDMxMTAvBgNV BAMTKDJDREMyNEIyNUYzNDIwQzMzMUVBOTEyQTRERTNERDVGMDQ1MkNDMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJNv9Vy9128DlzeIue6toHm00A a5j9LiaUxR/GqyIbs3Gk7wLt8ejlucjlVhFMl9zcUXr16m3jmZYsEhCRHXT3xb1E sm3ewZkSJkqQ9qE5+ia6Idm0mjuSMWHaDuzieNh4V/63m3QwXFmh+13C1VM07YYC aGQ+zX+e3e/4c1DUw7IARoKbuZxyg4L2xbFmnLXLhKaoAOVujWArePt+lxT3SPwj q92Iib/0X8m0bxzZKZLw2utqPUxwidN5pgetwBagMBqaPOlpeyc71XcdWje608w3 /x/1W7zGjH9LomkxAA0E8A4d96rRhplH6V/qIhHdM5ADkejfKBtZw/93X3r3AgMB AAGjggJGMIICQjAdBgNVHQ4EFgQULNwksl80IMMx6pEqTePdXwRSzBwwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA2MTI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgdU wrALAwcAKgdUxAACMA0GCSqGSIb3DQEBCwUAA4IBAQAmm8q3wEu4wXRneW2H+pou iy6qGQcFZrsYw+4ExY0rUYr455QGxfUXkFC45VVEziDaHfqWjsytyjgXECVPRXig xmTGOVd0ISnxmfZgmH3eJyXBdsERg6z/cG5cXdHFolA0k+yQ4gb8GtWykjIahZBK vqOoNCMkdyjhECx8U6odAkMKAo/xT4TEg+fswfgvSObVVpt1Aoactq/Jyo1cASpn by+xg2FrYZNNbDsBvchgvlHwllL9aGLGwl9mF2Pf3EilzQJ1236CypkprxP12f2r R/IR5dOdoi0IoekMsnAdztBCGrttPv/nG3i7Atuk+s/wP/pMmJzh9AN1vkae+wNq -----END CERTIFICATE-----Generated at Mon May 20 06:55:15 2024 by rpki-client on console-ams.rpki-client.org