$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215828.roa File: AS215828.roa (raw, json) Hash identifier: Rj+b8+qUWjYvC0mgRnHhUjYiNcTS74IE+BoUQ5vRVC4= Subject key identifier: 39:03:EB:CA:F8:A0:89:89:76:3F:48:A4:3B:9C:F8:69:84:80:54:56 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 0682D67770339D6A649BD1D3E868490EB3B42678 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215828.roa Signing time: Sat 30 Nov 2024 22:30:34 +0000 ROA not before: Sat 30 Nov 2024 22:25:34 +0000 ROA not after: Sat 29 Nov 2025 22:30:34 +0000 asID: 215828 IP address blocks: 2a07:54c1:4400::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 03:56:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:82:d6:77:70:33:9d:6a:64:9b:d1:d3:e8:68:49:0e:b3:b4:26:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Nov 30 22:25:34 2024 GMT Not After : Nov 29 22:30:34 2025 GMT Subject: CN=3903EBCAF8A08989763F48A43B9CF86984805456 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:3c:b9:3f:39:13:e5:11:a5:69:2c:b5:fc:60: 82:a5:3a:f2:48:44:0e:4a:45:c5:dd:a5:4a:5e:6a: 91:56:28:67:ec:71:2d:a6:47:48:49:26:ed:ad:d7: 39:6d:28:3d:b3:ed:4e:4e:c0:f6:55:bf:b6:d3:bf: 3d:2d:81:c0:75:19:ea:44:68:c4:12:67:ce:4b:5a: bd:e0:58:e6:6f:11:66:00:83:b4:aa:22:98:3f:ea: f6:00:0e:22:99:44:22:31:77:0d:57:29:c0:53:67: 13:16:97:08:2b:10:81:23:60:02:f2:28:32:3a:5d: 9c:82:05:08:0a:96:68:00:0f:0e:9d:87:68:ea:d8: 65:de:c5:88:c2:ac:53:b0:7b:a7:9d:7a:0b:6a:29: 3c:ec:a8:1c:48:e9:8a:76:2f:a3:1c:c8:a1:2b:fd: 30:c7:cf:78:14:5a:a1:42:0f:28:6f:a0:f3:43:ac: 0a:30:77:a5:ee:76:e8:85:36:ab:fd:81:24:4f:7a: a2:5d:f6:3c:08:33:99:4d:77:09:f9:44:00:9d:95: be:4f:7d:a1:da:af:cc:e9:42:cf:1a:b2:08:72:d7: a1:96:c4:bc:31:fb:a6:17:00:e4:e1:6a:43:96:e7: c3:a6:17:e0:8b:bc:61:46:5e:2a:15:4c:6d:56:28: 87:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:03:EB:CA:F8:A0:89:89:76:3F:48:A4:3B:9C:F8:69:84:80:54:56 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215828.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4400::/40 Signature Algorithm: sha256WithRSAEncryption 7e:a4:dc:bd:bd:d6:a1:69:b8:88:6c:54:f0:23:56:64:f7:3d: e4:57:38:24:2e:f8:25:31:ec:1d:a0:de:d8:6d:cc:7d:c9:8d: 1e:29:36:45:61:7f:e3:22:fd:95:6e:70:56:2c:d1:ba:13:93: 0c:bf:4c:77:2d:6e:1e:f9:a0:7e:ac:8f:f5:b0:ba:b8:29:b9: 88:0e:64:d1:dc:e6:cd:04:7a:8e:c5:6b:52:a4:03:02:c4:a9: b0:07:d2:3a:95:a6:26:a9:98:79:7c:90:b0:b5:4a:5d:69:e0: ea:c6:58:82:11:e3:ba:8a:62:0a:78:35:b4:70:a1:75:29:e7: 60:b5:36:ad:d5:af:d3:9a:a3:f9:5a:0e:dd:0e:12:3e:c5:b1: 7a:df:a0:b1:2d:27:84:f5:16:e3:7b:b9:26:5e:07:1d:df:09: 31:f5:93:f9:8f:b2:9d:dd:d9:26:ce:d8:0f:45:1b:60:61:14: cb:19:70:29:85:a7:45:9d:80:bf:e3:4b:70:29:92:92:d4:af: f5:61:ed:21:31:9f:a3:02:73:cd:f8:b6:b0:4e:91:ba:c2:51: 7b:39:15:dd:ca:1f:e6:17:fb:e9:c4:29:a9:27:b9:8b:61:b7: 67:bf:90:23:57:85:5b:c1:db:5a:60:52:64:ef:af:cc:95:b3: a1:c2:c1:73 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBoLWd3AznWpkm9HT6GhJDrO0JngwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDExMzAyMjI1MzRaFw0yNTExMjkyMjMwMzRaMDMxMTAvBgNV BAMTKDM5MDNFQkNBRjhBMDg5ODk3NjNGNDhBNDNCOUNGODY5ODQ4MDU0NTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZPLk/ORPlEaVpLLX8YIKlOvJI RA5KRcXdpUpeapFWKGfscS2mR0hJJu2t1zltKD2z7U5OwPZVv7bTvz0tgcB1GepE aMQSZ85LWr3gWOZvEWYAg7SqIpg/6vYADiKZRCIxdw1XKcBTZxMWlwgrEIEjYALy KDI6XZyCBQgKlmgADw6dh2jq2GXexYjCrFOwe6edegtqKTzsqBxI6Yp2L6McyKEr /TDHz3gUWqFCDyhvoPNDrAowd6XuduiFNqv9gSRPeqJd9jwIM5lNdwn5RACdlb5P faHar8zpQs8asghy16GWxLwx+6YXAOThakOW58OmF+CLvGFGXioVTG1WKIfbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOQPryvigiYl2P0ikO5z4aYSAVFYwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1ODI4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wUQwDQYJKoZIhvcNAQELBQADggEBAH6k3L291qFpuIhsVPAjVmT3PeRXOCQu+CUx 7B2g3thtzH3JjR4pNkVhf+Mi/ZVucFYs0boTkwy/THctbh75oH6sj/WwurgpuYgO ZNHc5s0Eeo7Fa1KkAwLEqbAH0jqVpiapmHl8kLC1Sl1p4OrGWIIR47qKYgp4NbRw oXUp52C1Nq3Vr9Oao/laDt0OEj7FsXrfoLEtJ4T1FuN7uSZeBx3fCTH1k/mPsp3d 2SbO2A9FG2BhFMsZcCmFp0WdgL/jS3ApkpLUr/Vh7SExn6MCc834trBOkbrCUXs5 Fd3KH+YX++nEKaknuYtht2e/kCNXhVvB21pgUmTvr8yVs6HCwXM= -----END CERTIFICATE-----Generated at Fri Apr 4 17:05:58 2025 by rpki-client