$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa File: AS214999.roa (raw, json) Hash identifier: 3JbfeGK+WjUHbfNh5f4GkpDHv65YM8AqrPfYSmf+lOs= Subject key identifier: 70:6A:50:E7:23:64:9A:FB:5A:53:0D:00:A5:4F:5F:EB:B2:7F:A4:5C Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 5065F29E3AF88C4369A86DCD8867561CA51D95C3 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa Signing time: Sun 06 Apr 2025 19:16:42 +0000 ROA not before: Sun 06 Apr 2025 19:11:42 +0000 ROA not after: Sun 05 Apr 2026 19:16:42 +0000 asID: 214999 IP address blocks: 2a07:54c1:c300::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Jun 2025 01:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:65:f2:9e:3a:f8:8c:43:69:a8:6d:cd:88:67:56:1c:a5:1d:95:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Apr 6 19:11:42 2025 GMT Not After : Apr 5 19:16:42 2026 GMT Subject: CN=706A50E723649AFB5A530D00A54F5FEBB27FA45C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b2:6b:e8:7a:8c:38:5d:78:f8:c9:fd:80:25: 7d:06:1d:b3:37:b7:ee:3d:91:e4:da:65:ef:cc:1a: 9a:10:fe:c0:ae:f1:95:a8:1f:a5:10:95:be:0a:f1: 51:bb:a6:00:ec:df:fa:c3:8d:7d:72:4e:15:28:04: b3:97:07:79:52:6d:84:45:aa:a4:0c:ca:33:57:fd: 02:3f:ac:6e:2c:43:84:2d:cd:ba:69:e4:b1:2c:0b: 03:32:5b:04:f0:2f:99:8e:76:ee:2a:d8:79:a7:9d: b1:0e:b0:af:12:d2:00:fc:24:ad:7e:30:f3:7d:f5: 84:15:d6:9d:9a:e5:cc:f9:23:6d:fc:ca:c6:96:c1: 49:0c:ad:9b:8e:0b:86:8c:8a:c3:7e:18:9a:33:fe: fd:6a:e4:6d:8a:a4:6b:d7:a5:51:49:81:09:6d:9d: 52:d9:b4:c9:e9:60:8c:ee:62:a2:1a:d8:52:e3:2a: 89:67:a3:dd:4a:b7:7c:dd:d0:18:32:2c:ce:2f:b7: 42:96:8b:1b:74:cd:2d:79:82:b8:7e:51:ab:8e:31: d8:60:09:32:ce:b9:18:57:bc:a3:00:c0:a1:5d:cb: 51:d8:76:f0:3e:f0:95:a9:4f:bc:e1:35:c8:23:0e: 0f:78:6e:37:1b:71:60:89:a9:44:47:4d:7e:d0:5d: 03:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:6A:50:E7:23:64:9A:FB:5A:53:0D:00:A5:4F:5F:EB:B2:7F:A4:5C X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:c300::/40 Signature Algorithm: sha256WithRSAEncryption 32:db:ff:00:07:92:55:13:98:eb:53:57:f6:a3:57:dc:6a:cd: f0:3b:5b:29:fa:86:31:78:82:fc:d0:f9:e6:51:6f:59:4b:1d: c6:d0:61:e6:f6:5c:b7:e6:8f:3c:e0:aa:ae:a3:5e:27:f8:28: 01:b9:94:79:5f:ab:15:4f:51:3d:20:14:de:7f:a3:cc:17:0d: ae:12:ff:09:de:e8:4f:06:c8:a1:65:38:25:55:17:00:2c:05: 09:34:13:a9:1a:2e:62:65:3f:b4:e2:49:9b:fe:e0:a5:f5:88: a5:b5:5b:a2:85:8b:0e:7b:eb:b1:91:d9:9a:c0:db:d2:4e:d8: 6f:ba:75:af:c8:6f:65:ee:1c:80:3f:83:21:bb:8d:e6:d1:3e: 01:57:b8:98:bc:6b:52:e1:ad:ee:bd:b5:f9:ff:8a:f8:27:97: 77:c6:6d:e4:4c:23:9d:4d:46:46:26:ac:ae:e4:c0:23:9b:29: 0d:dc:6c:d9:df:1e:92:29:12:6a:ac:7a:a6:9a:38:fe:b4:02: ec:c2:c6:69:75:f6:f2:a6:e4:d5:15:81:e7:d9:39:e8:24:40: de:7b:2a:57:f0:62:24:04:7e:00:63:18:92:bb:de:ad:41:c0: b6:0d:1e:10:24:59:cb:b7:17:bc:84:9e:eb:82:5c:03:59:2c: 88:b2:28:47 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUGXynjr4jENpqG3NiGdWHKUdlcMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA0MDYxOTExNDJaFw0yNjA0MDUxOTE2NDJaMDMxMTAvBgNV BAMTKDcwNkE1MEU3MjM2NDlBRkI1QTUzMEQwMEE1NEY1RkVCQjI3RkE0NUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4smvoeow4XXj4yf2AJX0GHbM3 t+49keTaZe/MGpoQ/sCu8ZWoH6UQlb4K8VG7pgDs3/rDjX1yThUoBLOXB3lSbYRF qqQMyjNX/QI/rG4sQ4Qtzbpp5LEsCwMyWwTwL5mOdu4q2HmnnbEOsK8S0gD8JK1+ MPN99YQV1p2a5cz5I238ysaWwUkMrZuOC4aMisN+GJoz/v1q5G2KpGvXpVFJgQlt nVLZtMnpYIzuYqIa2FLjKolno91Kt3zd0BgyLM4vt0KWixt0zS15grh+UauOMdhg CTLOuRhXvKMAwKFdy1HYdvA+8JWpT7zhNcgjDg94bjcbcWCJqURHTX7QXQPzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcGpQ5yNkmvtaUw0ApU9f67J/pFwwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE0OTk5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wcMwDQYJKoZIhvcNAQELBQADggEBADLb/wAHklUTmOtTV/ajV9xqzfA7Wyn6hjF4 gvzQ+eZRb1lLHcbQYeb2XLfmjzzgqq6jXif4KAG5lHlfqxVPUT0gFN5/o8wXDa4S /wne6E8GyKFlOCVVFwAsBQk0E6kaLmJlP7TiSZv+4KX1iKW1W6KFiw5767GR2ZrA 29JO2G+6da/Ib2XuHIA/gyG7jebRPgFXuJi8a1Lhre69tfn/ivgnl3fGbeRMI51N RkYmrK7kwCObKQ3cbNnfHpIpEmqseqaaOP60AuzCxml19vKm5NUVgefZOegkQN57 KlfwYiQEfgBjGJK73q1BwLYNHhAkWcu3F7yEnuuCXANZLIiyKEc= -----END CERTIFICATE-----Generated at Sun Jun 1 10:18:37 2025 by rpki-client