$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215600.roa File: AS215600.roa (raw, json) Hash identifier: xDth3VLT1qw3KNFku1NPQ5s3ymGKDQLsCSMM6zyJtsM= Subject key identifier: 03:22:F4:D9:65:44:1B:68:D9:41:3A:59:14:74:62:DC:CF:2F:75:45 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 20AF1A05E2B64DC80F204CDF63DCFB6DC2B0FD36 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215600.roa Signing time: Thu 02 Jan 2025 01:30:34 +0000 ROA not before: Thu 02 Jan 2025 01:25:34 +0000 ROA not after: Thu 01 Jan 2026 01:30:34 +0000 asID: 215600 IP address blocks: 2a07:54c3::/32 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 03:56:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:af:1a:05:e2:b6:4d:c8:0f:20:4c:df:63:dc:fb:6d:c2:b0:fd:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Jan 2 01:25:34 2025 GMT Not After : Jan 1 01:30:34 2026 GMT Subject: CN=0322F4D965441B68D9413A59147462DCCF2F7545 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:8b:44:d8:c1:64:70:96:42:dc:23:44:24:cf: d0:55:17:e8:a2:99:77:1b:19:1b:90:d8:b3:60:9d: 76:24:31:1c:73:c3:10:f4:04:0a:78:20:3d:55:a8: c5:11:b5:b7:2f:0c:31:02:e3:fd:7f:76:e8:b6:f2: e5:1a:b3:1c:03:8c:10:5c:10:42:e7:15:13:0c:5d: 61:85:af:82:f3:35:ef:0d:c9:09:37:ed:52:17:dd: 2d:1b:a6:e6:06:28:0a:c0:d0:69:56:26:ca:99:11: b1:b9:f3:5a:55:0d:f8:aa:ad:b4:92:9e:b8:00:9c: 88:d8:72:ef:0e:85:f7:ef:f9:fe:49:91:8f:c2:39: 96:54:a4:22:bc:0e:f3:9f:06:71:ae:d4:15:9a:4f: a9:8f:07:1c:78:23:37:5b:28:c8:d7:b3:13:3a:eb: 84:1f:6f:7d:16:f6:77:3a:57:21:22:db:ac:5a:d8: 48:ef:f6:f0:5d:af:0c:62:c6:5c:4b:94:a1:56:4c: 5c:e0:f8:97:e6:d1:11:25:0d:8c:f5:8b:08:ff:c0: a1:eb:96:c6:5c:fd:4c:8f:3a:c9:91:b7:99:9d:54: e1:0c:d3:f2:2c:76:27:b0:ce:ee:f4:ca:fa:2b:7f: 86:87:e0:36:ad:2a:a6:fd:b3:c0:57:67:01:a7:bd: 5f:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:22:F4:D9:65:44:1B:68:D9:41:3A:59:14:74:62:DC:CF:2F:75:45 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215600.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c3::/32 Signature Algorithm: sha256WithRSAEncryption b4:ae:d2:28:aa:18:a5:5c:71:da:87:2c:18:9d:19:34:1b:6d: 56:2a:36:ea:54:33:5e:eb:40:be:51:0b:7a:1c:a4:df:08:d6: 80:78:11:c0:fd:52:a7:e2:df:16:53:9b:3b:84:ac:2c:6b:49: c5:93:ed:af:77:6f:8b:aa:66:65:d2:03:33:b0:d1:d6:75:08: 04:b1:34:f7:3c:ab:d0:65:ac:7e:9e:3b:04:60:c7:dc:fa:da: c6:b3:b5:2a:d5:6f:76:13:60:f8:9c:9f:77:73:74:ee:c4:af: a9:79:bb:c9:66:83:30:de:2f:43:be:2c:76:dd:11:79:1e:01: f5:ab:c3:96:24:af:b4:0c:3c:09:c9:bf:50:83:21:ac:2f:d6: 52:a5:dd:b6:62:65:75:02:38:53:24:ed:c1:2c:73:d2:b0:ac: 3c:fb:03:25:3e:f4:9a:91:40:1a:9c:ca:73:43:7e:a7:45:bd: 93:c1:82:4a:eb:6d:5f:07:80:11:00:db:89:1f:c1:31:9c:63: 6c:d8:c0:32:3c:27:a1:52:bd:22:08:b9:07:0d:04:78:d5:7d: 67:70:35:57:89:c8:b2:2a:91:61:6f:88:19:c0:98:7e:a8:01: 14:83:30:74:b8:f4:99:ba:a0:c3:fb:26:72:55:05:7f:24:45: 22:78:50:92 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUIK8aBeK2TcgPIEzfY9z7bcKw/TYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTAxMDIwMTI1MzRaFw0yNjAxMDEwMTMwMzRaMDMxMTAvBgNV BAMTKDAzMjJGNEQ5NjU0NDFCNjhEOTQxM0E1OTE0NzQ2MkRDQ0YyRjc1NDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCni0TYwWRwlkLcI0Qkz9BVF+ii mXcbGRuQ2LNgnXYkMRxzwxD0BAp4ID1VqMURtbcvDDEC4/1/dui28uUasxwDjBBc EELnFRMMXWGFr4LzNe8NyQk37VIX3S0bpuYGKArA0GlWJsqZEbG581pVDfiqrbSS nrgAnIjYcu8Ohffv+f5JkY/COZZUpCK8DvOfBnGu1BWaT6mPBxx4IzdbKMjXsxM6 64Qfb30W9nc6VyEi26xa2Ejv9vBdrwxixlxLlKFWTFzg+Jfm0RElDYz1iwj/wKHr lsZc/UyPOsmRt5mdVOEM0/Isdiewzu70yvorf4aH4DatKqb9s8BXZwGnvV81AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUAyL02WVEG2jZQTpZFHRi3M8vdUUwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1NjAwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgdU wzANBgkqhkiG9w0BAQsFAAOCAQEAtK7SKKoYpVxx2ocsGJ0ZNBttVio26lQzXutA vlELehyk3wjWgHgRwP1Sp+LfFlObO4SsLGtJxZPtr3dvi6pmZdIDM7DR1nUIBLE0 9zyr0GWsfp47BGDH3PraxrO1KtVvdhNg+Jyfd3N07sSvqXm7yWaDMN4vQ74sdt0R eR4B9avDliSvtAw8Ccm/UIMhrC/WUqXdtmJldQI4UyTtwSxz0rCsPPsDJT70mpFA GpzKc0N+p0W9k8GCSuttXweAEQDbiR/BMZxjbNjAMjwnoVK9Igi5Bw0EeNV9Z3A1 V4nIsiqRYW+IGcCYfqgBFIMwdLj0mbqgw/smclUFfyRFInhQkg== -----END CERTIFICATE-----Generated at Fri Apr 4 17:04:47 2025 by rpki-client