$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS47689.roa File: AS47689.roa (raw, json) Hash identifier: hBJ8vNqSDzyVIIiMEJg8QbKwI/vAJGvfcqs2TSE4dZg= Subject key identifier: DD:3D:FE:14:75:82:75:93:03:15:06:DA:3A:7D:2D:21:B6:C2:32:99 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 5049913CB7D228433CBA0F8DB82B4A39D2ADB419 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS47689.roa Signing time: Mon 30 Sep 2024 21:32:56 +0000 ROA not before: Mon 30 Sep 2024 21:27:56 +0000 ROA not after: Mon 29 Sep 2025 21:32:56 +0000 asID: 47689 IP address blocks: 2a07:54c1:4100::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 23 Nov 2024 17:02:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:49:91:3c:b7:d2:28:43:3c:ba:0f:8d:b8:2b:4a:39:d2:ad:b4:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Sep 30 21:27:56 2024 GMT Not After : Sep 29 21:32:56 2025 GMT Subject: CN=DD3DFE1475827593031506DA3A7D2D21B6C23299 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:8c:e4:e7:47:5f:3c:1f:12:d3:86:75:b5:fd: a9:ef:33:35:aa:e8:63:a3:8c:72:5c:35:84:b3:78: c5:a9:a8:fc:c1:4d:8f:a2:bb:3b:03:cf:b4:88:a9: 1e:e3:07:93:da:7e:09:47:0c:4c:c6:04:fc:96:ff: 8f:ee:99:44:c4:09:d4:94:5e:d4:04:eb:41:1d:1f: 60:b1:f5:4d:b2:ae:75:7c:02:a1:05:5a:8e:63:ea: 6a:82:f7:4e:da:14:f9:90:5d:76:bd:fa:81:e3:41: 59:70:c3:b1:87:41:b9:56:ea:61:bd:12:82:b3:82: f4:0e:73:81:ef:04:bc:c9:3d:41:aa:dd:7d:f9:e9: 84:3a:78:d7:a7:04:1b:c7:45:f6:d7:7e:d5:f9:8e: 7d:37:9b:57:73:e8:7a:8d:79:a5:a0:36:2a:73:4e: f3:f1:92:1f:4b:9b:1a:e9:eb:fe:33:ab:d7:db:d5: 47:23:98:f8:17:00:c9:76:3b:2c:b7:e8:6e:24:dc: 21:cc:a9:51:24:f3:ed:bb:b2:cd:bf:60:46:12:9c: 69:f7:19:24:b7:10:98:44:f8:ae:c2:d2:13:3d:30: fe:46:e2:f1:ce:53:2d:93:6b:e0:94:31:dd:cf:34: 5e:0e:25:20:e3:83:da:1d:4c:c2:35:17:77:2a:52: 6e:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:3D:FE:14:75:82:75:93:03:15:06:DA:3A:7D:2D:21:B6:C2:32:99 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS47689.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4100::/40 Signature Algorithm: sha256WithRSAEncryption 24:a0:fb:d3:a7:8f:0a:d1:e3:b8:b0:a6:e6:3b:f7:20:57:c5: eb:b4:15:db:7c:20:c9:1a:87:9c:af:e0:1f:45:a2:fd:2f:a2: da:d8:04:94:a6:8b:09:85:aa:2e:ee:f3:36:19:2e:9c:ce:fa: 13:cb:46:8c:88:54:33:68:3d:61:67:2c:57:8a:92:81:8b:05: 58:92:12:2a:5c:d1:b2:19:f1:b1:17:c5:4b:c7:65:29:74:c1: 05:e3:ed:85:c5:f5:46:a7:16:fa:c5:66:bb:31:98:3c:01:ee: 13:24:7b:6d:4e:6c:9d:f8:57:40:c0:b5:b9:4f:13:f7:27:c3: 6b:72:9e:00:6e:b6:be:9b:b4:f7:0b:2c:0a:e4:4d:e4:46:25: fc:b0:63:eb:09:0b:72:04:16:34:82:ae:57:ec:be:7f:5d:5c: 66:90:34:79:0c:fe:53:ca:38:3f:8c:ae:fc:f4:c9:8f:35:ec: 01:76:03:95:1d:69:c4:3a:39:67:02:49:42:e1:86:7c:25:ff: bc:96:2b:68:f3:9b:6b:fe:8b:99:0a:06:7c:da:fa:ac:78:9b: ad:30:e3:55:72:41:f3:d2:70:2f:60:3a:48:9b:51:c9:70:2c: 78:51:e0:c9:25:0b:bd:b4:04:2d:b1:be:d2:c6:b2:a3:14:34: 2c:64:29:1f -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUUEmRPLfSKEM8ug+NuCtKOdKttBkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNDA5MzAyMTI3NTZaFw0yNTA5MjkyMTMyNTZaMDMxMTAvBgNV BAMTKEREM0RGRTE0NzU4Mjc1OTMwMzE1MDZEQTNBN0QyRDIxQjZDMjMyOTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrjOTnR188HxLThnW1/anvMzWq 6GOjjHJcNYSzeMWpqPzBTY+iuzsDz7SIqR7jB5PafglHDEzGBPyW/4/umUTECdSU XtQE60EdH2Cx9U2yrnV8AqEFWo5j6mqC907aFPmQXXa9+oHjQVlww7GHQblW6mG9 EoKzgvQOc4HvBLzJPUGq3X356YQ6eNenBBvHRfbXftX5jn03m1dz6HqNeaWgNipz TvPxkh9Lmxrp6/4zq9fb1UcjmPgXAMl2Oyy36G4k3CHMqVEk8+27ss2/YEYSnGn3 GSS3EJhE+K7C0hM9MP5G4vHOUy2Ta+CUMd3PNF4OJSDjg9odTMI1F3cqUm6jAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQU3T3+FHWCdZMDFQbaOn0tIbbCMpkwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNDc2ODkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqB1TB QTANBgkqhkiG9w0BAQsFAAOCAQEAJKD706ePCtHjuLCm5jv3IFfF67QV23wgyRqH nK/gH0Wi/S+i2tgElKaLCYWqLu7zNhkunM76E8tGjIhUM2g9YWcsV4qSgYsFWJIS KlzRshnxsRfFS8dlKXTBBePthcX1RqcW+sVmuzGYPAHuEyR7bU5snfhXQMC1uU8T 9yfDa3KeAG62vpu09wssCuRN5EYl/LBj6wkLcgQWNIKuV+y+f11cZpA0eQz+U8o4 P4yu/PTJjzXsAXYDlR1pxDo5ZwJJQuGGfCX/vJYraPOba/6LmQoGfNr6rHibrTDj VXJB89JwL2A6SJtRyXAseFHgySULvbQELbG+0sayoxQ0LGQpHw== -----END CERTIFICATE-----