$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS210152.roa File: AS210152.roa (raw, json) Hash identifier: SQj8QAtvTD343tt+1NGhIeFpN1OkNracAHQU90AgUmI= Subject key identifier: 7B:A1:ED:6C:59:4D:F9:80:80:83:15:B0:01:3E:7F:F9:E9:1B:02:3E Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 3C922218C5062D5BE23A5271146024D4B7E4BC25 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS210152.roa Signing time: Mon 01 Sep 2025 14:15:19 +0000 ROA not before: Mon 01 Sep 2025 14:10:19 +0000 ROA not after: Mon 31 Aug 2026 14:15:19 +0000 asID: 210152 IP address blocks: 2a07:54c1:3700::/40 maxlen: 48 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 13:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:92:22:18:c5:06:2d:5b:e2:3a:52:71:14:60:24:d4:b7:e4:bc:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Sep 1 14:10:19 2025 GMT Not After : Aug 31 14:15:19 2026 GMT Subject: CN=7BA1ED6C594DF980808315B0013E7FF9E91B023E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:7c:b6:ff:85:c8:b6:2a:0a:d9:21:91:c9:12: f2:3f:5f:1b:fa:14:b2:05:ed:ba:32:ba:80:73:be: 63:c7:8c:a3:17:d4:7e:b6:da:eb:3e:62:c3:17:1e: 18:15:e6:d7:ca:2c:99:60:15:5a:5f:58:cc:d2:c4: b7:04:b4:47:72:e2:c9:9a:23:3c:5d:e0:12:77:5a: d1:5f:aa:86:d2:26:b6:db:18:5f:d1:ec:14:a7:d2: 80:91:82:76:b6:dd:0c:a7:e0:bc:e6:b2:73:2d:24: 08:59:92:e2:bd:47:59:2a:d5:40:c8:32:1b:85:87: a6:7d:fd:c1:e7:b5:22:56:9f:45:1b:68:6f:34:d3: 9f:23:30:e4:ef:b5:83:06:2d:6a:b5:b2:9c:0c:cb: 13:8b:c6:9d:ae:0b:90:ce:c4:79:c1:36:51:4e:b7: df:8c:51:55:ab:1f:b6:db:92:7b:1d:ac:1d:7c:c5: 3d:9a:b4:d8:3d:49:c3:1b:17:3b:9d:e1:91:48:3e: b9:70:3c:b0:a8:84:56:d1:0b:41:bc:92:83:f4:7b: 65:57:17:c1:40:a1:45:be:ff:02:0b:20:68:b9:c8: d8:9c:a5:68:48:97:3d:29:72:2b:df:67:21:9f:97: 52:99:65:69:a3:66:bc:98:a3:82:fd:ae:a4:df:3f: d6:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:A1:ED:6C:59:4D:F9:80:80:83:15:B0:01:3E:7F:F9:E9:1B:02:3E X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS210152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:3700::/40 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 98:1a:1d:6f:1d:a6:39:c7:c3:45:55:07:17:1d:16:88:b0:f1: 98:4e:6e:66:07:9c:34:f1:30:ae:e8:03:97:12:1a:b1:97:42: 02:c4:95:64:14:73:b5:35:ba:2d:be:1b:ae:b9:36:cc:a3:6c: ba:73:70:cc:95:34:31:9e:f6:5c:17:e4:a5:c1:88:c5:1c:7d: d2:dc:e3:c6:56:78:86:9d:fc:84:93:fc:09:c4:8c:f9:e3:54: 1f:60:39:58:dd:8a:37:58:dd:41:55:c0:0c:e5:e0:7e:c1:2c: c3:95:cf:a5:8c:7a:b2:d5:43:5f:37:06:a7:11:02:c3:10:f5: ca:8f:5d:b8:0a:99:ca:c0:d8:19:48:41:82:3e:f7:e1:84:c7: 03:13:7d:65:cd:7c:31:ac:61:be:ff:72:16:ef:9b:85:bb:d1: fd:58:83:72:3a:a4:c2:87:2e:21:bd:e1:c5:40:9c:2b:3f:27: 4c:c4:4c:54:8f:c5:61:df:87:7a:1c:77:8e:02:85:f8:f8:fd: d0:4e:a4:4d:8c:7c:d1:c9:25:10:8e:6b:0c:61:5e:02:1d:d0: 55:3b:e2:e6:05:f5:2b:cd:01:1c:6a:95:82:25:dd:2b:fa:74: 09:e2:76:d2:8c:c1:6a:d7:45:9d:31:61:a9:29:de:33:ae:32: 0e:56:05:12 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIUPJIiGMUGLVviOlJxFGAk1LfkvCUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA5MDExNDEwMTlaFw0yNjA4MzExNDE1MTlaMDMxMTAvBgNV BAMTKDdCQTFFRDZDNTk0REY5ODA4MDgzMTVCMDAxM0U3RkY5RTkxQjAyM0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnfLb/hci2KgrZIZHJEvI/Xxv6 FLIF7boyuoBzvmPHjKMX1H622us+YsMXHhgV5tfKLJlgFVpfWMzSxLcEtEdy4sma Izxd4BJ3WtFfqobSJrbbGF/R7BSn0oCRgna23Qyn4LzmsnMtJAhZkuK9R1kq1UDI MhuFh6Z9/cHntSJWn0UbaG80058jMOTvtYMGLWq1spwMyxOLxp2uC5DOxHnBNlFO t9+MUVWrH7bbknsdrB18xT2atNg9ScMbFzud4ZFIPrlwPLCohFbRC0G8koP0e2VX F8FAoUW+/wILIGi5yNicpWhIlz0pcivfZyGfl1KZZWmjZryYo4L9rqTfP9YpAgMB AAGjggJFMIICQTAdBgNVHQ4EFgQUe6HtbFlN+YCAgxWwAT5/+ekbAj4wHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjEwMTUyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKgdU wTcDBwAqB1TCsAswDQYJKoZIhvcNAQELBQADggEBAJgaHW8dpjnHw0VVBxcdFoiw 8ZhObmYHnDTxMK7oA5cSGrGXQgLElWQUc7U1ui2+G665NsyjbLpzcMyVNDGe9lwX 5KXBiMUcfdLc48ZWeIad/IST/AnEjPnjVB9gOVjdijdY3UFVwAzl4H7BLMOVz6WM erLVQ183BqcRAsMQ9cqPXbgKmcrA2BlIQYI+9+GExwMTfWXNfDGsYb7/chbvm4W7 0f1Yg3I6pMKHLiG94cVAnCs/J0zETFSPxWHfh3ocd44Chfj4/dBOpE2MfNHJJRCO awxhXgId0FU74uYF9SvNARxqlYIl3Sv6dAnidtKMwWrXRZ0xYakp3jOuMg5WBRI= -----END CERTIFICATE-----Generated at Wed Oct 8 19:34:45 2025 by rpki-client