$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS200866.roa File: AS200866.roa (raw, json) Hash identifier: 9bwGm9zEs9PL7NpvcN6mziW1wjuB9T+yc4o7PSvvwh8= Subject key identifier: 04:21:8F:82:13:4E:06:8C:16:68:EC:04:A6:AB:DC:59:92:65:19:B4 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 51B1B6B359B6B261633DDFC7A8E46C62FEEE241E Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS200866.roa Signing time: Fri 04 Jul 2025 07:51:25 +0000 ROA not before: Fri 04 Jul 2025 07:46:25 +0000 ROA not after: Fri 03 Jul 2026 07:51:25 +0000 asID: 200866 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:b1:b6:b3:59:b6:b2:61:63:3d:df:c7:a8:e4:6c:62:fe:ee:24:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:25 2025 GMT Not After : Jul 3 07:51:25 2026 GMT Subject: CN=04218F82134E068C1668EC04A6ABDC59926519B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f1:63:4c:26:5b:8b:a3:fb:22:77:41:1a:0d: 52:3f:bf:bb:8c:eb:97:c3:bb:1f:12:44:b1:32:c5: 4f:7d:aa:3e:02:2c:de:14:11:ab:fa:bf:97:ca:5a: 9c:2c:c7:ad:16:94:69:ba:6c:1c:fd:44:b5:2f:bd: e0:26:d1:d3:85:ee:0e:cb:7e:6b:d1:84:93:01:b0: d0:40:dc:46:4e:60:47:30:bd:69:4f:41:c3:cf:25: a8:0d:39:4b:ba:3c:01:55:de:86:bb:36:c3:0d:86: 7c:47:3b:89:ef:e0:b9:b1:72:5a:0e:11:f4:30:d5: c2:14:4a:bd:22:dd:e0:98:66:58:19:71:d4:69:30: de:61:cd:54:0d:09:b4:cf:62:fe:3a:57:19:50:e1: 03:a9:8d:6f:a7:df:c3:40:20:61:cc:ca:ac:e7:95: 07:3c:04:76:7f:9b:23:cd:e6:b5:51:42:40:ea:6c: 90:7f:7e:80:2e:ca:f0:6f:cf:95:2f:b4:34:85:fc: 43:70:60:3a:ee:08:c9:1c:3f:a8:45:c4:5c:25:08: 2c:cd:87:f6:b1:c5:81:d6:62:8f:e4:c7:42:a6:2d: 2a:b4:93:99:bb:f8:e9:ec:c2:f0:b5:66:f1:b0:7f: 48:55:ef:2c:70:40:69:a5:a0:16:29:52:02:d3:ce: 26:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:21:8F:82:13:4E:06:8C:16:68:EC:04:A6:AB:DC:59:92:65:19:B4 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS200866.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 08:35:54:19:c6:48:a7:1a:e0:e5:e1:9d:0d:c6:94:51:29:4a: 41:1a:50:7f:d1:8b:29:99:e8:b2:0b:5b:87:c1:dc:0e:c2:7a: e2:db:2a:ea:1c:7e:55:a8:8c:33:d6:06:e6:c5:68:ca:76:f1: c6:91:55:c6:ba:5c:89:4d:1b:8c:3e:fa:3b:82:e3:f3:2c:63: 18:e1:09:e3:96:f9:12:88:91:15:08:fb:64:9f:81:c8:c8:d9: 71:7a:a5:56:32:e2:82:d7:c7:02:de:94:00:fb:51:5a:3f:e1: 30:70:41:90:8a:87:0c:cb:55:73:ee:95:10:f2:e3:d2:3b:ba: 10:a2:75:02:4d:53:65:ae:80:75:ab:51:33:7c:43:29:d1:02: 60:fd:31:ff:54:78:62:a3:96:21:cb:ea:6a:ef:24:15:6b:be: 43:6d:8f:90:7e:4e:d3:63:ff:b2:e5:d9:93:eb:0c:24:6b:f7: 4a:00:fc:93:55:f6:3a:05:e8:75:b7:fa:fb:18:ee:ef:c6:63: 45:c4:47:88:1e:cd:69:22:78:e8:2f:a4:0b:dc:47:01:9f:da: 7e:3a:29:8f:39:b4:78:f1:39:13:e1:e2:a0:e0:11:ea:a6:06: 42:28:8a:44:a6:65:f5:30:5c:1b:3f:e4:ba:f4:2f:c5:98:ad: ad:1b:09:65 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUUbG2s1m2smFjPd/HqORsYv7uJB4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjVaFw0yNjA3MDMwNzUxMjVaMDMxMTAvBgNV BAMTKDA0MjE4RjgyMTM0RTA2OEMxNjY4RUMwNEE2QUJEQzU5OTI2NTE5QjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH8WNMJluLo/sid0EaDVI/v7uM 65fDux8SRLEyxU99qj4CLN4UEav6v5fKWpwsx60WlGm6bBz9RLUvveAm0dOF7g7L fmvRhJMBsNBA3EZOYEcwvWlPQcPPJagNOUu6PAFV3oa7NsMNhnxHO4nv4LmxcloO EfQw1cIUSr0i3eCYZlgZcdRpMN5hzVQNCbTPYv46VxlQ4QOpjW+n38NAIGHMyqzn lQc8BHZ/myPN5rVRQkDqbJB/foAuyvBvz5UvtDSF/ENwYDruCMkcP6hFxFwlCCzN h/axxYHWYo/kx0KmLSq0k5m7+OnswvC1ZvGwf0hV7yxwQGmloBYpUgLTziYLAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUBCGPghNOBowWaOwEpqvcWZJlGbQwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjAwODY2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAINVQZxkinGuDl4Z0NxpRRKUpBGlB/0Ysp meiyC1uHwdwOwnri2yrqHH5VqIwz1gbmxWjKdvHGkVXGulyJTRuMPvo7guPzLGMY 4QnjlvkSiJEVCPtkn4HIyNlxeqVWMuKC18cC3pQA+1FaP+EwcEGQiocMy1Vz7pUQ 8uPSO7oQonUCTVNlroB1q1EzfEMp0QJg/TH/VHhio5Yhy+pq7yQVa75DbY+Qfk7T Y/+y5dmT6wwka/dKAPyTVfY6Beh1t/r7GO7vxmNFxEeIHs1pInjoL6QL3EcBn9p+ OimPObR48TkT4eKg4BHqpgZCKIpEpmX1MFwbP+S69C/FmK2tGwll -----END CERTIFICATE-----Generated at Sat Jul 5 08:15:13 2025 by rpki-client