$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209735.roa File: AS209735.roa (raw, json) Hash identifier: IJNcExR3J5gWWNc+fs30DSsY28yipO/HLU/u8nXO+i0= Subject key identifier: 21:16:E0:C4:55:9D:BC:30:C9:D2:07:22:A5:DE:77:D9:89:5C:17:6C Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 35BFE006DB882A07324422AD801878522612F944 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209735.roa Signing time: Wed 09 Oct 2024 04:04:28 +0000 ROA not before: Wed 09 Oct 2024 03:59:28 +0000 ROA not after: Wed 08 Oct 2025 04:04:28 +0000 asID: 209735 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:bf:e0:06:db:88:2a:07:32:44:22:ad:80:18:78:52:26:12:f9:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Oct 9 03:59:28 2024 GMT Not After : Oct 8 04:04:28 2025 GMT Subject: CN=2116E0C4559DBC30C9D20722A5DE77D9895C176C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:1d:05:b3:62:e2:34:d9:9f:e5:4c:60:15:35: b1:5b:df:bd:ef:63:f7:30:a4:64:a8:e2:aa:f5:ee: 5c:99:d1:1b:3f:f3:2f:c1:44:6a:2c:7e:5f:b9:9a: 29:b9:99:a8:aa:0e:d2:8f:a4:38:d2:ae:3d:de:55: 80:5e:bb:c3:2e:29:8c:5e:bb:f0:4c:31:38:da:6f: 9f:db:5f:51:e2:b0:0a:c7:61:20:80:2d:88:04:45: 5b:10:5e:e4:b7:f5:2b:74:3a:cf:0a:bf:6f:40:54: 54:f7:11:82:42:14:ef:e4:5f:64:88:13:f4:3d:fa: f1:35:0c:ba:17:b6:39:0c:a4:81:c3:2c:60:ae:10: 88:12:a3:1f:4d:e4:a2:1b:2b:37:84:26:02:38:2b: bb:50:8a:b7:b7:af:62:ad:24:c5:7e:f1:e1:05:0e: f9:39:89:e8:79:f8:60:11:d5:4a:dd:f9:6c:d4:58: 57:e3:52:5c:5b:f2:95:36:41:21:d8:24:06:04:92: 55:58:88:25:30:66:85:d8:62:0c:52:98:33:e2:1b: 84:e4:22:fe:43:8f:ef:41:7e:d5:ef:70:1b:bd:1b: 4e:95:70:e1:67:d0:51:b1:ee:e4:31:bb:ba:0c:7c: be:3c:8f:dc:64:fc:19:03:91:03:3e:5c:39:1b:ba: 6f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:16:E0:C4:55:9D:BC:30:C9:D2:07:22:A5:DE:77:D9:89:5C:17:6C X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 2d:7e:00:52:cc:a9:52:5d:ef:2f:c6:aa:a3:59:6e:a5:57:0f: f2:89:f6:61:f4:67:81:12:96:71:94:49:7b:0e:9a:09:32:5e: ce:2d:5e:48:82:2a:68:a7:65:02:09:02:49:ca:8f:f2:1f:fa: c9:e4:e1:75:1c:46:fb:38:cf:59:df:f4:52:bf:b9:52:f2:6b: 6d:3e:0d:54:99:90:ae:ba:e0:39:ff:63:fb:d7:e5:14:c5:2e: ed:0b:d7:6b:97:0a:e8:21:fe:5e:9e:e4:f6:93:ac:a1:0c:f8: eb:22:10:5a:07:76:32:42:7a:eb:ad:83:fd:e7:89:d3:29:d4: 4c:4b:00:71:12:89:fd:04:e8:f3:7c:bc:5a:5c:d0:1a:f8:7a: 0e:d9:99:ad:41:c4:76:f3:93:fd:4a:f2:09:92:c5:47:63:75: f8:53:0a:1a:70:cf:4f:7d:c5:46:e7:fb:72:4e:cf:65:4b:50: 74:4f:fb:59:98:a2:62:43:f8:a2:10:ab:5f:7f:11:80:c1:bd: 1c:0f:fa:df:3f:81:f9:16:a5:23:65:0e:58:5a:20:b1:af:9d: 32:f7:26:3b:04:cf:eb:6f:5e:b6:9c:42:1a:27:e6:22:69:91: a4:60:aa:7b:8c:c9:98:92:85:e8:51:a5:9b:64:5f:76:0d:94: 5e:4b:dc:8c -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUNb/gBtuIKgcyRCKtgBh4UiYS+UQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDEwMDkwMzU5MjhaFw0yNTEwMDgwNDA0MjhaMDMxMTAvBgNV BAMTKDIxMTZFMEM0NTU5REJDMzBDOUQyMDcyMkE1REU3N0Q5ODk1QzE3NkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4HQWzYuI02Z/lTGAVNbFb373v Y/cwpGSo4qr17lyZ0Rs/8y/BRGosfl+5mim5maiqDtKPpDjSrj3eVYBeu8MuKYxe u/BMMTjab5/bX1HisArHYSCALYgERVsQXuS39St0Os8Kv29AVFT3EYJCFO/kX2SI E/Q9+vE1DLoXtjkMpIHDLGCuEIgSox9N5KIbKzeEJgI4K7tQire3r2KtJMV+8eEF Dvk5ieh5+GAR1Urd+WzUWFfjUlxb8pU2QSHYJAYEklVYiCUwZoXYYgxSmDPiG4Tk Iv5Dj+9BftXvcBu9G06VcOFn0FGx7uQxu7oMfL48j9xk/BkDkQM+XDkbum/PAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUIRbgxFWdvDDJ0gcipd532YlcF2wwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA5NzM1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAtfgBSzKlSXe8vxqqjWW6lVw/yifZh9GeB EpZxlEl7DpoJMl7OLV5Igipop2UCCQJJyo/yH/rJ5OF1HEb7OM9Z3/RSv7lS8mtt Pg1UmZCuuuA5/2P71+UUxS7tC9drlwroIf5enuT2k6yhDPjrIhBaB3YyQnrrrYP9 54nTKdRMSwBxEon9BOjzfLxaXNAa+HoO2ZmtQcR285P9SvIJksVHY3X4UwoacM9P fcVG5/tyTs9lS1B0T/tZmKJiQ/iiEKtffxGAwb0cD/rfP4H5FqUjZQ5YWiCxr50y 9yY7BM/rb162nEIaJ+YiaZGkYKp7jMmYkoXoUaWbZF92DZReS9yM -----END CERTIFICATE-----Generated at Thu Nov 21 12:08:37 2024 by rpki-client on console-fra.rpki-client.org