$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215680.roa File: AS215680.roa (raw, json) Hash identifier: 3sb0qUk3uD2PxnPsVRrpV2W0g6lHigg/EjoZmE8f/WI= Subject key identifier: 3A:C7:CB:E0:9B:3C:B5:6A:A3:A1:B9:BF:D4:42:2A:73:93:02:0F:87 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 6CBBBF549A6EE446D47F5C2E5196C77B164D9348 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215680.roa Signing time: Sun 01 Jun 2025 00:20:52 +0000 ROA not before: Sun 01 Jun 2025 00:15:52 +0000 ROA not after: Sun 31 May 2026 00:20:52 +0000 asID: 215680 IP address blocks: 2a07:54c1:c600::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Jun 2025 01:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:bb:bf:54:9a:6e:e4:46:d4:7f:5c:2e:51:96:c7:7b:16:4d:93:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Jun 1 00:15:52 2025 GMT Not After : May 31 00:20:52 2026 GMT Subject: CN=3AC7CBE09B3CB56AA3A1B9BFD4422A7393020F87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:51:db:9c:47:71:e2:27:0e:24:d5:41:0e:7d: 6f:78:0f:ec:f5:33:c2:10:40:4d:fd:c8:61:20:10: c7:88:60:d0:86:fd:0d:e9:69:35:6e:f9:36:e8:af: d3:ba:24:89:5d:90:62:82:83:70:7d:f8:8f:9d:14: 06:9d:fa:ec:16:f1:47:80:4c:40:52:80:00:9e:d2: c5:56:eb:b3:d7:0c:7a:0e:cf:40:8a:f8:67:fe:6c: 12:32:e1:66:3b:ce:b0:07:56:08:d4:5d:ce:12:15: 88:90:96:bf:03:50:aa:23:c3:e4:6f:35:2d:e8:6b: 89:76:3d:ba:58:6c:b2:ae:f3:b7:f8:83:45:82:fe: 40:d8:17:cf:67:5e:00:1d:f6:36:07:6e:e2:2c:55: 2a:14:fc:8e:32:de:19:1d:dc:d7:57:53:b4:f5:b6: 03:fe:d5:f3:3c:96:a1:75:62:99:86:14:15:7e:e2: bc:9c:fe:02:5a:d9:9f:5a:5b:a8:f1:1a:56:99:bd: cb:39:95:99:4e:d8:10:30:df:84:c4:58:dc:39:79: 75:5d:c0:a1:99:50:26:b1:b6:e4:e1:62:ac:17:fc: d4:51:3d:72:89:e5:26:cb:b7:75:6b:98:7d:63:10: 42:36:34:11:ee:2f:61:48:54:09:ec:db:43:b8:1f: 61:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:C7:CB:E0:9B:3C:B5:6A:A3:A1:B9:BF:D4:42:2A:73:93:02:0F:87 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215680.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:c600::/40 Signature Algorithm: sha256WithRSAEncryption 34:97:db:42:fe:fb:80:f0:15:1a:74:49:fa:82:a5:79:eb:a5: 66:f2:b1:27:b7:57:48:fa:27:5b:7c:c6:b4:f2:15:29:3c:79: 9b:3a:35:a5:d2:b3:e1:49:a5:1b:20:45:e8:08:ca:3c:bd:e4: 83:87:8c:29:28:3a:4a:25:af:fc:f6:2e:f5:f3:3b:51:12:a0: 94:9c:71:bf:0f:48:6f:b3:d6:30:f8:a8:76:9a:5b:04:84:e9: 84:69:43:e4:a7:da:4a:7e:49:ad:9f:19:c4:aa:20:86:04:da: 1e:27:1c:36:33:9d:75:c5:e5:3b:b7:c0:18:4b:ca:9e:b2:18: 2a:02:2d:85:94:d7:7c:35:fb:62:2d:67:8b:bf:b0:e7:c2:65: 55:fb:2e:28:de:21:e2:8c:ab:e4:e8:39:9d:88:7d:4b:7a:b2: 99:b7:9f:f5:2d:31:51:f2:09:dc:3a:6d:e2:c0:71:33:16:b7: da:b4:f4:e1:3d:4d:c8:56:ac:97:51:4c:a9:0e:33:e9:6b:2d: bc:da:87:0c:35:57:90:23:29:ee:6d:eb:0e:37:77:00:65:91: 06:60:7e:c8:7c:4c:9c:e1:55:19:10:ba:67:72:7a:01:72:dc: 3a:1e:af:50:c1:aa:f7:61:3c:d5:38:ea:1e:ee:49:f4:8d:bb: f5:d5:ed:ce -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbLu/VJpu5EbUf1wuUZbHexZNk0gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA2MDEwMDE1NTJaFw0yNjA1MzEwMDIwNTJaMDMxMTAvBgNV BAMTKDNBQzdDQkUwOUIzQ0I1NkFBM0ExQjlCRkQ0NDIyQTczOTMwMjBGODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkUducR3HiJw4k1UEOfW94D+z1 M8IQQE39yGEgEMeIYNCG/Q3paTVu+Tbor9O6JIldkGKCg3B9+I+dFAad+uwW8UeA TEBSgACe0sVW67PXDHoOz0CK+Gf+bBIy4WY7zrAHVgjUXc4SFYiQlr8DUKojw+Rv NS3oa4l2PbpYbLKu87f4g0WC/kDYF89nXgAd9jYHbuIsVSoU/I4y3hkd3NdXU7T1 tgP+1fM8lqF1YpmGFBV+4ryc/gJa2Z9aW6jxGlaZvcs5lZlO2BAw34TEWNw5eXVd wKGZUCaxtuThYqwX/NRRPXKJ5SbLt3VrmH1jEEI2NBHuL2FIVAns20O4H2EjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOsfL4Js8tWqjobm/1EIqc5MCD4cwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1NjgwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wcYwDQYJKoZIhvcNAQELBQADggEBADSX20L++4DwFRp0SfqCpXnrpWbysSe3V0j6 J1t8xrTyFSk8eZs6NaXSs+FJpRsgRegIyjy95IOHjCkoOkolr/z2LvXzO1ESoJSc cb8PSG+z1jD4qHaaWwSE6YRpQ+Sn2kp+Sa2fGcSqIIYE2h4nHDYznXXF5Tu3wBhL yp6yGCoCLYWU13w1+2ItZ4u/sOfCZVX7LijeIeKMq+ToOZ2IfUt6spm3n/UtMVHy Cdw6beLAcTMWt9q09OE9TchWrJdRTKkOM+lrLbzahww1V5AjKe5t6w43dwBlkQZg fsh8TJzhVRkQumdyegFy3Doer1DBqvdhPNU46h7uSfSNu/XV7c4= -----END CERTIFICATE-----Generated at Sun Jun 1 10:32:56 2025 by rpki-client