$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa File: AS214999.roa (raw, json) Hash identifier: 6D/IYZRe1+8fk/vErlGmwKW144N0MyjrpFRlJF5AuZo= Subject key identifier: 8F:59:72:6A:95:12:54:F0:72:8B:B2:27:75:6E:90:A0:02:E1:01:15 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 437A8A5E2C90698D5AFA5E8432E8944EF2C6A309 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa Signing time: Sun 05 May 2024 18:23:21 +0000 ROA not before: Sun 05 May 2024 18:18:21 +0000 ROA not after: Sun 04 May 2025 18:23:21 +0000 asID: 214999 IP address blocks: 2a07:54c1:c300::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:7a:8a:5e:2c:90:69:8d:5a:fa:5e:84:32:e8:94:4e:f2:c6:a3:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: May 5 18:18:21 2024 GMT Not After : May 4 18:23:21 2025 GMT Subject: CN=8F59726A951254F0728BB227756E90A002E10115 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ce:d3:28:ba:7d:60:6f:3a:08:2a:34:7c:ab: 21:2f:35:fd:3a:8c:4c:b7:74:43:c1:a4:be:de:1a: cd:41:f3:43:3a:50:ba:52:ef:19:22:b7:4e:89:8f: 78:b2:44:3e:05:dc:ad:60:a2:48:6b:04:39:d5:8a: 53:02:7f:c7:6c:de:bf:7e:ac:17:85:69:2b:37:6e: 62:fd:f1:61:01:18:53:ec:80:73:23:4e:ab:74:c7: 47:b0:12:5b:6d:96:22:8c:d2:8c:10:89:0d:e0:b4: e2:a7:2f:03:b0:8d:0b:27:aa:37:1b:98:75:c9:2a: d2:7a:90:49:f2:55:68:34:9e:a6:5a:41:88:52:a8: 79:29:87:ba:0f:a7:0e:0c:ef:55:fe:61:a7:5a:5a: 39:e5:3f:d3:b7:df:e0:78:bb:11:4b:23:e6:9c:f8: b3:32:21:59:40:87:d9:14:9a:57:8e:c6:9c:3e:f5: 20:f3:44:2d:b9:87:7b:33:64:b6:2f:47:13:65:27: b9:36:47:ac:e3:3c:6b:53:2c:1b:38:a2:39:fb:bf: 73:a4:e9:02:8a:d4:69:eb:83:95:ef:d7:f3:5f:63: 14:82:bb:83:e9:49:09:2b:87:3a:e2:2a:0d:0f:66: 92:7f:20:53:4d:16:05:1a:29:b7:6c:6e:12:b8:75: 0c:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:59:72:6A:95:12:54:F0:72:8B:B2:27:75:6E:90:A0:02:E1:01:15 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:c300::/40 Signature Algorithm: sha256WithRSAEncryption 6f:ed:ee:ad:68:24:93:a9:f1:67:f0:dd:8b:0f:ca:4c:9a:cb: 49:ab:a9:d3:b8:1b:d7:29:65:91:c1:9f:d6:34:fd:26:6d:4b: 43:42:5d:42:77:dd:35:61:10:e0:c0:96:a5:85:bd:21:50:7f: 62:0a:77:46:11:fd:3a:49:7f:de:19:25:0c:9c:b0:0b:9d:16: 0f:c8:4c:d8:2f:1a:b3:e3:f1:62:c5:e7:95:17:ae:2a:51:16: 8a:1a:22:d8:dd:98:b5:f5:47:ec:57:9f:1b:65:3f:02:d1:6c: d1:88:2d:9b:76:a2:69:e0:7a:65:b3:e0:06:34:1d:72:7f:f9: 91:c7:02:94:d4:b6:2b:04:43:d0:f1:4d:25:ee:35:33:93:36: eb:3d:d5:36:2b:56:6d:84:7c:96:56:5f:9f:62:15:28:cd:82: 2e:68:5e:a0:0a:b6:ff:20:14:8e:10:3c:26:50:cc:a0:9c:ec: 37:ab:72:3b:47:9a:3a:c1:04:29:c8:40:92:0b:29:c8:69:5a: 05:fa:e8:25:ea:63:35:3d:31:a2:b4:09:62:6f:78:7e:a6:3a: 27:9e:34:a4:b0:26:9c:82:10:5f:d1:ac:5a:81:be:d4:71:dd: d3:9e:f6:79:be:31:b5:38:6c:e8:cd:18:c6:bb:f1:34:d2:91: 03:18:ae:c7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQ3qKXiyQaY1a+l6EMuiUTvLGowkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDA1MDUxODE4MjFaFw0yNTA1MDQxODIzMjFaMDMxMTAvBgNV BAMTKDhGNTk3MjZBOTUxMjU0RjA3MjhCQjIyNzc1NkU5MEEwMDJFMTAxMTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIztMoun1gbzoIKjR8qyEvNf06 jEy3dEPBpL7eGs1B80M6ULpS7xkit06Jj3iyRD4F3K1gokhrBDnVilMCf8ds3r9+ rBeFaSs3bmL98WEBGFPsgHMjTqt0x0ewElttliKM0owQiQ3gtOKnLwOwjQsnqjcb mHXJKtJ6kEnyVWg0nqZaQYhSqHkph7oPpw4M71X+YadaWjnlP9O33+B4uxFLI+ac +LMyIVlAh9kUmleOxpw+9SDzRC25h3szZLYvRxNlJ7k2R6zjPGtTLBs4ojn7v3Ok 6QKK1Gnrg5Xv1/NfYxSCu4PpSQkrhzriKg0PZpJ/IFNNFgUaKbdsbhK4dQw3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUj1lyapUSVPByi7IndW6QoALhARUwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE0OTk5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wcMwDQYJKoZIhvcNAQELBQADggEBAG/t7q1oJJOp8Wfw3YsPykyay0mrqdO4G9cp ZZHBn9Y0/SZtS0NCXUJ33TVhEODAlqWFvSFQf2IKd0YR/TpJf94ZJQycsAudFg/I TNgvGrPj8WLF55UXripRFooaItjdmLX1R+xXnxtlPwLRbNGILZt2omngemWz4AY0 HXJ/+ZHHApTUtisEQ9DxTSXuNTOTNus91TYrVm2EfJZWX59iFSjNgi5oXqAKtv8g FI4QPCZQzKCc7DercjtHmjrBBCnIQJILKchpWgX66CXqYzU9MaK0CWJveH6mOiee NKSwJpyCEF/RrFqBvtRx3dOe9nm+MbU4bOjNGMa78TTSkQMYrsc= -----END CERTIFICATE-----Generated at Thu Nov 21 12:08:37 2024 by rpki-client on console-fra.rpki-client.org