$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209735.roa File: AS209735.roa (raw, json) Hash identifier: eBPIhenV3fmcgo5IMQ0aCBQs4AeO1mSNUBHFxYSkChI= Subject key identifier: A2:FE:92:C7:B7:EA:1F:FA:BB:3B:2E:BC:69:A4:8A:E7:3C:E8:1A:28 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 5E0DDCDDBD605E42DFA4808AE4754617937D9A72 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209735.roa Signing time: Fri 05 Jun 2026 08:45:54 +0000 ROA not before: Fri 05 Jun 2026 08:40:54 +0000 ROA not after: Fri 04 Jun 2027 08:45:54 +0000 asID: 209735 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 07:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:0d:dc:dd:bd:60:5e:42:df:a4:80:8a:e4:75:46:17:93:7d:9a:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jun 5 08:40:54 2026 GMT Not After : Jun 4 08:45:54 2027 GMT Subject: CN=A2FE92C7B7EA1FFABB3B2EBC69A48AE73CE81A28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:cc:ad:44:13:db:e9:89:c5:74:bc:bb:22:9b: 0c:09:3e:de:26:55:91:53:72:9e:b0:0e:4b:51:0d: 4d:49:87:20:c2:4a:19:43:4d:12:21:aa:56:c1:f5: 19:b5:ad:05:83:da:a2:e8:04:fa:96:0a:9a:c1:10: 1c:31:0d:53:17:c5:62:bb:e9:44:13:76:cc:98:17: 70:99:81:28:b2:96:c1:63:c1:e7:c8:e5:f0:61:12: 2b:83:5f:6a:17:77:8e:a4:56:94:a2:17:d5:75:7b: 72:39:8a:3a:b4:02:8b:1d:b1:ac:6b:e4:ec:00:fa: 1a:f5:a7:ac:9f:fc:36:08:ab:af:7b:0e:ee:4f:cf: 0e:98:1a:fb:56:58:ee:18:dd:f2:90:5a:8d:75:b3: 19:3b:82:bb:6f:2d:74:f8:55:33:45:65:54:39:ff: 49:b4:53:9d:e5:15:72:74:e5:2f:6b:dc:01:1f:03: 25:c5:d6:93:d7:86:ab:da:ca:07:d9:48:00:21:8f: 51:a7:90:fb:d6:b2:95:6c:99:d5:77:ea:87:57:7d: 70:0e:a1:08:e2:f4:b2:26:bd:ec:48:68:78:7d:83: a1:20:df:19:d5:c7:16:1a:4b:f1:bf:12:f4:8d:6a: b5:f3:72:72:56:b6:ca:2b:66:01:c2:e6:1b:dc:97: 4d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:FE:92:C7:B7:EA:1F:FA:BB:3B:2E:BC:69:A4:8A:E7:3C:E8:1A:28 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption b3:ef:89:dc:c9:f2:89:60:7f:45:ae:79:48:d8:57:12:53:44: ff:cd:24:e0:1d:56:5b:db:71:c7:ef:85:64:1a:1c:d4:db:61: 7f:8a:03:a4:ba:91:5e:9b:87:58:22:ab:06:58:59:87:c2:80: 37:24:ce:0c:d1:2a:6f:ba:5c:d1:7d:fc:3f:da:45:3e:4b:0d: 4a:63:39:90:ed:e0:5b:77:91:3b:66:b3:e8:56:7d:76:98:5c: 78:2a:e7:8a:6e:3a:73:2d:28:b6:3f:50:1d:2a:ed:af:ca:65: 6b:f1:8b:81:21:b6:2c:16:a0:0b:a5:97:ff:46:7f:2c:8a:6d: 0c:fc:ef:8d:7e:cc:37:86:3d:20:ee:93:b7:fb:d0:b8:10:e0: ba:56:bc:f4:a9:d5:8f:17:85:aa:01:f9:3d:58:af:5e:69:9f: 9f:39:28:f5:c0:64:5e:6b:78:18:57:0e:5e:7d:a5:b3:e1:25: 53:05:f1:ca:a9:ff:56:40:08:f9:b6:dd:e5:4d:4c:0d:b9:9b: 6f:71:fa:23:e8:98:0a:c9:09:8c:49:a9:79:91:70:44:23:46: a9:4f:12:74:6d:e8:34:86:e9:37:42:df:a0:33:03:98:15:10: 8c:ce:78:9d:10:c4:51:1a:7e:3f:22:cd:12:15:44:44:05:60: 4d:01:01:fc -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUXg3c3b1gXkLfpICK5HVGF5N9mnIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNjA2MDUwODQwNTRaFw0yNzA2MDQwODQ1NTRaMDMxMTAvBgNV BAMTKEEyRkU5MkM3QjdFQTFGRkFCQjNCMkVCQzY5QTQ4QUU3M0NFODFBMjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrzK1EE9vpicV0vLsimwwJPt4m VZFTcp6wDktRDU1JhyDCShlDTRIhqlbB9Rm1rQWD2qLoBPqWCprBEBwxDVMXxWK7 6UQTdsyYF3CZgSiylsFjwefI5fBhEiuDX2oXd46kVpSiF9V1e3I5ijq0Aosdsaxr 5OwA+hr1p6yf/DYIq697Du5Pzw6YGvtWWO4Y3fKQWo11sxk7grtvLXT4VTNFZVQ5 /0m0U53lFXJ05S9r3AEfAyXF1pPXhqvaygfZSAAhj1GnkPvWspVsmdV36odXfXAO oQji9LImvexIaHh9g6Eg3xnVxxYaS/G/EvSNarXzcnJWtsorZgHC5hvcl015AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUov6Sx7fqH/q7Oy68aaSK5zzoGigwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjA5NzM1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQCz74ncyfKJYH9FrnlI2FcSU0T/zSTgHVZb 23HH74VkGhzU22F/igOkupFem4dYIqsGWFmHwoA3JM4M0SpvulzRffw/2kU+Sw1K YzmQ7eBbd5E7ZrPoVn12mFx4KueKbjpzLSi2P1AdKu2vymVr8YuBIbYsFqALpZf/ Rn8sim0M/O+Nfsw3hj0g7pO3+9C4EOC6Vrz0qdWPF4WqAfk9WK9eaZ+fOSj1wGRe a3gYVw5efaWz4SVTBfHKqf9WQAj5tt3lTUwNuZtvcfoj6JgKyQmMSal5kXBEI0ap TxJ0beg0huk3Qt+gMwOYFRCMznidEMRRGn4/Is0SFUREBWBNAQH8 -----END CERTIFICATE-----Generated at Sat Jun 13 11:49:48 2026 by rpki-client