$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216401.roa File: AS216401.roa (raw, json) Hash identifier: 9m1L3Ef6wCwwhnIL+7ZGS3l1z3nlq6xNLJFSl53HtXc= Subject key identifier: CD:B9:77:A6:09:67:2C:0E:CE:34:12:94:13:03:4F:82:55:AE:99:09 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 1126218392F2250606D5AE7F4D2C7A6C806F700D Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216401.roa Signing time: Thu 28 Sep 2023 19:26:52 +0000 ROA not before: Thu 28 Sep 2023 19:21:52 +0000 ROA not after: Thu 26 Sep 2024 19:26:52 +0000 asID: 216401 IP address blocks: 2a07:54c7:1000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 01 Jun 2024 13:33:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:26:21:83:92:f2:25:06:06:d5:ae:7f:4d:2c:7a:6c:80:6f:70:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Sep 28 19:21:52 2023 GMT Not After : Sep 26 19:26:52 2024 GMT Subject: CN=CDB977A609672C0ECE34129413034F8255AE9909 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2a:86:70:6d:a5:ab:0c:bf:98:06:c4:83:43: c4:1f:5e:b2:0a:31:e8:cb:77:b9:2e:19:da:99:54: db:58:da:9d:18:96:e4:ef:14:50:26:2d:94:69:a8: 0e:a6:4a:74:c4:3d:10:a9:06:b6:84:e6:15:1f:84: fe:3c:88:21:17:5e:5d:16:ec:08:81:58:c8:f9:02: 4a:8f:be:18:a5:da:b4:0f:ff:43:bb:ca:0a:f8:8a: 97:82:02:af:a8:0e:80:6b:da:fe:92:1c:b6:57:71: cf:fc:fb:15:c5:33:e3:92:95:ca:19:67:4d:fb:e3: 21:dd:51:c7:ca:29:63:26:ed:55:0a:37:c1:e6:f2: f0:20:25:97:c2:0f:a5:c6:5b:89:2a:47:05:63:81: 08:08:21:87:29:b0:e3:29:0a:ae:66:74:17:7e:3d: ca:54:33:a1:59:e0:51:97:b8:ec:88:67:4d:e1:c7: 79:2a:2a:15:27:b0:98:e5:83:0a:c7:64:ad:52:e9: d6:c3:fa:cc:dd:4d:3c:8c:a9:c3:de:59:98:7f:55: 62:3d:15:2a:10:45:ca:5c:92:d1:fc:c3:02:56:18: 0d:88:94:dd:23:59:92:ae:5f:bd:e6:78:62:05:e1: e7:32:14:d5:40:02:a5:6c:c3:72:f0:77:a1:0b:63: 05:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:B9:77:A6:09:67:2C:0E:CE:34:12:94:13:03:4F:82:55:AE:99:09 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216401.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c7:1000::/36 Signature Algorithm: sha256WithRSAEncryption 10:e3:f6:f4:03:9a:84:56:8c:d9:f1:69:9e:5e:71:ff:3a:77: 40:ef:de:26:07:47:76:ae:b5:d4:14:2e:ab:58:2d:1d:7e:b5: 6a:3f:f6:f7:76:37:aa:07:d0:41:79:00:47:44:58:ae:cd:36: 58:4a:ef:8b:e3:95:e4:ae:6b:5a:da:7d:f1:33:18:ee:e2:cd: f3:27:29:21:d0:97:cb:d2:a8:51:c8:1e:10:f4:3e:04:50:96: af:7d:be:2a:86:ac:a6:ca:e3:ba:38:ea:6a:29:c7:55:06:d0: fb:6b:8f:67:0d:cb:78:5f:27:30:83:12:73:2f:cf:75:70:0a: 55:34:c3:a4:f0:86:80:1c:cd:a1:80:e3:e5:5b:2b:aa:96:db: 8c:c6:3e:d1:4a:07:7f:79:ff:fa:03:01:4c:3d:8d:a3:89:a8: 3d:b7:ae:f3:0f:b9:c7:a5:f3:5d:d5:cc:8c:8f:d3:78:47:c4: ff:79:7a:ac:61:e9:c4:1c:fd:6e:d3:b5:a0:d5:50:76:ee:e1: 54:d5:b2:b2:a3:d0:fc:17:d1:e3:ae:81:c3:31:3b:51:9d:19: 94:49:17:12:ee:e9:5c:c0:60:f3:90:2b:82:fe:08:f2:5f:48: 02:e6:34:63:36:af:e8:2b:e9:a0:20:0c:c5:a8:a2:c9:7a:47: 04:6a:d1:37 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUESYhg5LyJQYG1a5/TSx6bIBvcA0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yMzA5MjgxOTIxNTJaFw0yNDA5MjYxOTI2NTJaMDMxMTAvBgNV BAMTKENEQjk3N0E2MDk2NzJDMEVDRTM0MTI5NDEzMDM0RjgyNTVBRTk5MDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxKoZwbaWrDL+YBsSDQ8QfXrIK MejLd7kuGdqZVNtY2p0YluTvFFAmLZRpqA6mSnTEPRCpBraE5hUfhP48iCEXXl0W 7AiBWMj5AkqPvhil2rQP/0O7ygr4ipeCAq+oDoBr2v6SHLZXcc/8+xXFM+OSlcoZ Z0374yHdUcfKKWMm7VUKN8Hm8vAgJZfCD6XGW4kqRwVjgQgIIYcpsOMpCq5mdBd+ PcpUM6FZ4FGXuOyIZ03hx3kqKhUnsJjlgwrHZK1S6dbD+szdTTyMqcPeWZh/VWI9 FSoQRcpcktH8wwJWGA2IlN0jWZKuX73meGIF4ecyFNVAAqVsw3Lwd6ELYwWpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzbl3pglnLA7ONBKUEwNPglWumQkwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE2NDAxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgdU xxAwDQYJKoZIhvcNAQELBQADggEBABDj9vQDmoRWjNnxaZ5ecf86d0Dv3iYHR3au tdQULqtYLR1+tWo/9vd2N6oH0EF5AEdEWK7NNlhK74vjleSua1raffEzGO7izfMn KSHQl8vSqFHIHhD0PgRQlq99viqGrKbK47o46mopx1UG0Ptrj2cNy3hfJzCDEnMv z3VwClU0w6TwhoAczaGA4+VbK6qW24zGPtFKB395//oDAUw9jaOJqD23rvMPucel 813VzIyP03hHxP95eqxh6cQc/W7TtaDVUHbu4VTVsrKj0PwX0eOugcMxO1GdGZRJ FxLu6VzAYPOQK4L+CPJfSALmNGM2r+gr6aAgDMWoosl6RwRq0Tc= -----END CERTIFICATE-----Generated at Sat Jun 1 04:19:26 2024 by rpki-client on console-fra.rpki-client.org