$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS142598.roa File: AS142598.roa (raw, json) Hash identifier: d4/5QMAXBI9MosbSys/1gFvbnSxJo/H/BpEQS+r5B3Y= Subject key identifier: 4E:7D:53:B9:2E:BD:51:D6:90:08:E6:B1:D8:60:FB:18:63:8E:95:82 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 1949E18E9F48E4EDD24274E061703ABBCC425E2F Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS142598.roa Signing time: Fri 04 Jul 2025 07:51:27 +0000 ROA not before: Fri 04 Jul 2025 07:46:27 +0000 ROA not after: Fri 03 Jul 2026 07:51:27 +0000 asID: 142598 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:49:e1:8e:9f:48:e4:ed:d2:42:74:e0:61:70:3a:bb:cc:42:5e:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:27 2025 GMT Not After : Jul 3 07:51:27 2026 GMT Subject: CN=4E7D53B92EBD51D69008E6B1D860FB18638E9582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:e4:03:d9:39:34:4b:27:aa:00:da:d1:fc:ae: 8c:f4:e1:86:e0:aa:f9:55:80:2e:4b:bf:e8:66:ac: 23:33:60:c1:ce:f0:14:98:a1:cf:bf:b7:ef:b0:19: 7b:d5:ba:5f:0a:0a:91:1c:d8:9d:a2:fe:46:5b:10: d9:be:57:24:f2:3a:e2:33:d8:30:c0:ad:79:e9:d8: 1f:0c:af:9d:82:76:a4:df:b1:f6:d4:14:54:96:25: 25:71:ec:da:5e:f8:f4:5c:2a:55:d0:5d:01:c7:23: 33:06:e8:a5:1e:d8:31:70:2d:bc:be:ab:d8:fb:21: 48:f7:fc:9e:e0:bc:60:19:a3:99:ca:60:34:54:02: 9c:a7:21:d9:e0:6d:4d:da:2e:56:ca:6c:46:a2:57: 49:87:6e:99:d2:f8:62:d7:20:34:ab:74:00:79:6c: ff:39:c9:75:8b:89:dd:e4:00:fb:ee:eb:9e:9f:d4: b4:6c:92:5c:70:52:e7:b5:3c:e8:a6:5f:66:8c:be: b1:8a:fd:1a:9b:cc:18:ba:be:f9:5b:da:9c:f6:70: 85:a3:eb:b8:94:e5:09:2f:95:1b:c7:52:a1:de:2f: 79:53:87:20:e7:6d:24:6c:39:f3:90:cd:94:2e:ea: ea:ba:45:57:32:f7:9a:0b:45:17:4d:f6:1e:f2:7c: 79:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:7D:53:B9:2E:BD:51:D6:90:08:E6:B1:D8:60:FB:18:63:8E:95:82 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS142598.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 96:e3:a2:ea:3a:fe:8c:ee:59:73:4e:2d:7b:97:7b:07:24:88: 3a:ef:5d:24:f6:b2:87:03:03:f0:5d:db:14:cb:7d:3b:ec:ab: df:ab:b7:58:a9:6b:49:f9:b4:d4:d4:2f:e7:b1:a0:16:5c:08: 5a:e7:72:2c:4b:1e:95:94:5b:ec:4c:b9:65:2e:24:cb:92:20: 10:62:42:e2:79:6a:4d:62:ec:05:c7:fa:94:91:82:9c:59:1c: 2d:2d:f5:4b:64:4b:ac:01:1d:b6:81:0b:e9:91:d9:19:74:fb: e2:d6:0f:73:1d:dd:59:45:fc:8b:49:0d:cb:20:98:11:fa:79: d9:9f:09:c5:61:35:e4:e6:aa:56:53:6d:ff:7a:4c:a7:0b:da: 61:e4:59:39:a8:10:cb:dc:22:1b:29:6f:83:70:4b:02:2d:13: c9:51:84:e8:d6:f8:f3:5d:d8:fb:57:a2:a9:63:6d:5b:fb:4e: 61:55:7a:b7:a1:a2:e3:5d:fa:55:19:d1:3a:1d:2b:94:4f:f4: fd:53:ad:51:31:f9:b2:f7:fd:3f:18:9a:db:7d:97:16:0f:19: c2:4d:1a:92:c6:47:4e:c9:a0:6f:7c:84:37:d6:cd:5d:f2:cd: 00:f7:db:61:ef:7a:65:7a:5d:70:ac:52:3f:28:3c:d0:58:c7: 6a:91:09:80 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUGUnhjp9I5O3SQnTgYXA6u8xCXi8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjdaFw0yNjA3MDMwNzUxMjdaMDMxMTAvBgNV BAMTKDRFN0Q1M0I5MkVCRDUxRDY5MDA4RTZCMUQ4NjBGQjE4NjM4RTk1ODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY5APZOTRLJ6oA2tH8roz04Ybg qvlVgC5Lv+hmrCMzYMHO8BSYoc+/t++wGXvVul8KCpEc2J2i/kZbENm+VyTyOuIz 2DDArXnp2B8Mr52CdqTfsfbUFFSWJSVx7Npe+PRcKlXQXQHHIzMG6KUe2DFwLby+ q9j7IUj3/J7gvGAZo5nKYDRUApynIdngbU3aLlbKbEaiV0mHbpnS+GLXIDSrdAB5 bP85yXWLid3kAPvu656f1LRsklxwUue1POimX2aMvrGK/RqbzBi6vvlb2pz2cIWj 67iU5QkvlRvHUqHeL3lThyDnbSRsOfOQzZQu6uq6RVcy95oLRRdN9h7yfHmLAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUTn1TuS69UdaQCOax2GD7GGOOlYIwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMTQyNTk4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQCW46LqOv6M7llzTi17l3sHJIg6710k9rKH AwPwXdsUy3077Kvfq7dYqWtJ+bTU1C/nsaAWXAha53IsSx6VlFvsTLllLiTLkiAQ YkLieWpNYuwFx/qUkYKcWRwtLfVLZEusAR22gQvpkdkZdPvi1g9zHd1ZRfyLSQ3L IJgR+nnZnwnFYTXk5qpWU23/ekynC9ph5Fk5qBDL3CIbKW+DcEsCLRPJUYTo1vjz Xdj7V6KpY21b+05hVXq3oaLjXfpVGdE6HSuUT/T9U61RMfmy9/0/GJrbfZcWDxnC TRqSxkdOyaBvfIQ31s1d8s0A99th73plel1wrFI/KDzQWMdqkQmA -----END CERTIFICATE-----Generated at Sat Jul 5 08:28:52 2025 by rpki-client