$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215473.roa File: AS215473.roa (raw, json) Hash identifier: R0/wieFIyzKw82VlJBPxzkyWo7jAMv4WT7uqCqJwoUs= Subject key identifier: 68:C6:7A:BC:54:3C:E5:5F:24:97:FC:BD:AE:5B:EE:D9:37:92:54:76 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 351B016FA619C396DB4CAE5D943F12C9E8D1B8E9 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215473.roa Signing time: Fri 07 Feb 2025 12:06:18 +0000 ROA not before: Fri 07 Feb 2025 12:01:18 +0000 ROA not after: Fri 06 Feb 2026 12:06:18 +0000 asID: 215473 IP address blocks: 2a07:54c1:4900::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 03:56:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:1b:01:6f:a6:19:c3:96:db:4c:ae:5d:94:3f:12:c9:e8:d1:b8:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Feb 7 12:01:18 2025 GMT Not After : Feb 6 12:06:18 2026 GMT Subject: CN=68C67ABC543CE55F2497FCBDAE5BEED937925476 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:10:f3:de:03:ed:33:67:0d:d3:f4:14:ad:31: 65:94:ab:9b:8c:d0:2a:81:cd:fb:c3:c1:0c:3e:43: 84:24:60:e1:57:f2:b8:ef:49:85:32:71:bb:69:9e: 1c:3c:62:dd:d1:29:ab:39:07:97:80:cd:28:b0:70: 6d:32:f5:86:1e:4d:06:40:a8:9e:91:f5:54:e2:95: 7c:45:40:08:6a:fe:03:c7:e6:6a:ca:b5:01:a9:44: b8:d6:d7:68:1f:fa:c4:99:36:13:30:6b:4c:db:57: 1b:ed:13:fb:33:6c:16:04:91:2d:61:dd:72:ed:96: 14:57:5d:87:09:e3:3b:fc:2d:86:de:f7:58:41:ec: ae:eb:b1:86:86:21:3b:22:1f:7a:da:bd:b4:51:3f: de:86:45:e7:c5:74:fd:4d:b6:f0:b6:33:f8:4a:c6: ff:6d:6f:b0:b5:eb:8d:72:aa:8f:86:d6:53:73:d5: 92:57:52:5e:b1:8b:09:6c:3f:1d:40:5b:ac:ff:b0: d2:43:e4:8d:4a:72:54:a1:d8:2c:3f:3d:85:66:b2: 1b:dd:56:fd:7a:ae:92:97:df:b4:6b:d8:10:b6:d2: 46:56:a2:30:dd:9f:e8:0e:b7:8d:f9:43:56:07:56: 6e:3a:8a:b2:f6:36:57:3a:a1:27:fb:67:14:53:2c: f9:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C6:7A:BC:54:3C:E5:5F:24:97:FC:BD:AE:5B:EE:D9:37:92:54:76 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4900::/40 Signature Algorithm: sha256WithRSAEncryption b0:fc:f9:65:3d:33:a1:d2:dc:4b:41:f3:17:3a:5f:a3:91:2a: 72:cd:1f:47:d9:92:14:41:2c:dc:70:da:ae:a8:b3:bf:ce:28: d7:8e:b1:76:08:ac:e4:b3:42:16:e5:1b:13:bc:a4:72:ff:df: bb:92:ee:de:22:8d:2c:6c:d5:57:e7:84:34:9c:9a:5e:78:97: 6f:d7:67:43:66:df:60:2c:6d:f5:94:8f:ac:67:e1:c8:24:db: 4f:35:17:55:c5:ec:20:10:6b:71:d4:79:a5:78:08:dc:74:c7: cb:ae:6b:88:f4:13:6b:00:63:77:09:60:0c:3b:43:40:37:d1: 64:c6:99:e7:b1:8e:65:96:fa:23:c6:1d:21:2f:bb:0e:a0:81: 9f:07:44:a1:f5:94:7b:25:bb:ca:10:ba:7e:41:1a:51:d5:50: e5:36:d1:06:5e:00:9c:6e:3c:0d:1b:91:bf:b8:c2:2d:43:f9: 90:68:12:cb:da:1a:fb:05:d0:a0:86:14:79:b5:58:c7:36:fb: e7:55:88:7f:ed:73:56:2e:91:4b:24:40:96:c4:b9:1b:b1:14: 73:20:01:f0:eb:e7:3b:b6:ff:90:b3:fe:fc:00:e4:32:d8:83: 07:bb:df:9b:f8:8c:dc:20:41:c7:1e:e3:d1:ad:de:a3:7d:a2: 10:ea:03:8a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNRsBb6YZw5bbTK5dlD8SyejRuOkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTAyMDcxMjAxMThaFw0yNjAyMDYxMjA2MThaMDMxMTAvBgNV BAMTKDY4QzY3QUJDNTQzQ0U1NUYyNDk3RkNCREFFNUJFRUQ5Mzc5MjU0NzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTEPPeA+0zZw3T9BStMWWUq5uM 0CqBzfvDwQw+Q4QkYOFX8rjvSYUycbtpnhw8Yt3RKas5B5eAzSiwcG0y9YYeTQZA qJ6R9VTilXxFQAhq/gPH5mrKtQGpRLjW12gf+sSZNhMwa0zbVxvtE/szbBYEkS1h 3XLtlhRXXYcJ4zv8LYbe91hB7K7rsYaGITsiH3ravbRRP96GRefFdP1NtvC2M/hK xv9tb7C1641yqo+G1lNz1ZJXUl6xiwlsPx1AW6z/sNJD5I1KclSh2Cw/PYVmshvd Vv16rpKX37Rr2BC20kZWojDdn+gOt435Q1YHVm46irL2Nlc6oSf7ZxRTLPlXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaMZ6vFQ85V8kl/y9rlvu2TeSVHYwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1NDczLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wUkwDQYJKoZIhvcNAQELBQADggEBALD8+WU9M6HS3EtB8xc6X6ORKnLNH0fZkhRB LNxw2q6os7/OKNeOsXYIrOSzQhblGxO8pHL/37uS7t4ijSxs1VfnhDScml54l2/X Z0Nm32AsbfWUj6xn4cgk2081F1XF7CAQa3HUeaV4CNx0x8uua4j0E2sAY3cJYAw7 Q0A30WTGmeexjmWW+iPGHSEvuw6ggZ8HRKH1lHslu8oQun5BGlHVUOU20QZeAJxu PA0bkb+4wi1D+ZBoEsvaGvsF0KCGFHm1WMc2++dViH/tc1YukUskQJbEuRuxFHMg AfDr5zu2/5Cz/vwA5DLYgwe735v4jNwgQcce49Gt3qN9ohDqA4o= -----END CERTIFICATE-----Generated at Fri Apr 4 17:05:55 2025 by rpki-client