$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS211954.roa File: AS211954.roa (raw, json) Hash identifier: VLZREBkAkF1IDw+SXMbAAfNP2XmG261/9FHMQhBbI2Q= Subject key identifier: 88:5C:53:7E:76:E2:46:42:08:17:2D:61:7E:3C:C5:A9:40:AC:4F:76 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 0888E0CDEABC3FC44F65BA2874BEEA37FE4E5786 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS211954.roa Signing time: Fri 04 Jul 2025 07:51:25 +0000 ROA not before: Fri 04 Jul 2025 07:46:25 +0000 ROA not after: Fri 03 Jul 2026 07:51:25 +0000 asID: 211954 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:88:e0:cd:ea:bc:3f:c4:4f:65:ba:28:74:be:ea:37:fe:4e:57:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:25 2025 GMT Not After : Jul 3 07:51:25 2026 GMT Subject: CN=885C537E76E2464208172D617E3CC5A940AC4F76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:bf:7f:6f:83:b8:b6:35:09:f1:32:2c:23:03: 76:4e:98:ba:a0:0f:ab:cc:80:30:d8:e4:be:bf:ee: 5e:72:7c:49:23:fb:a0:47:e4:c3:3d:0a:93:7b:e6: c0:b3:fb:77:3e:5a:9c:7a:36:5f:51:5c:f4:3b:2e: ae:a6:2c:ca:73:6d:55:13:bc:20:87:b3:61:53:21: b0:fc:b0:54:7b:1f:69:b0:dd:f0:98:e1:f0:78:1a: 00:22:0d:1a:44:44:6d:92:cf:eb:80:c9:d6:55:b9: 4a:b3:ed:a7:18:5a:11:55:d4:e0:44:0a:60:17:78: 1c:23:29:3d:83:c1:0c:a4:8f:c3:d0:81:ad:dc:d4: e3:6f:a8:14:5d:97:c4:76:7c:59:b1:b3:6c:21:e6: cd:2a:31:74:1e:c0:38:89:7f:96:9e:63:16:ea:c4: a0:c9:9f:59:a6:f7:0c:09:44:43:0b:78:41:1a:2d: 9c:49:11:b4:be:bb:c7:04:f8:30:72:23:10:7b:33: 18:6d:41:7a:72:9d:92:db:16:aa:88:e4:02:5d:fb: f7:0d:4f:7f:93:ff:cb:28:1d:ad:9e:fa:b6:9f:d5: 30:51:e3:70:4d:4d:63:0b:bc:dc:4b:cd:39:e1:aa: 9a:17:eb:15:a8:7e:be:a3:63:98:e5:fa:30:ae:e5: ca:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:5C:53:7E:76:E2:46:42:08:17:2D:61:7E:3C:C5:A9:40:AC:4F:76 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS211954.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption bf:4c:55:81:e3:3d:e5:ae:58:34:58:08:8b:6d:dd:80:7a:a3: 5f:b5:fd:23:f7:a5:8f:60:4a:9a:2a:17:da:8e:54:f4:a5:87: 75:4f:2f:35:ac:2b:13:ed:f1:fd:00:c5:12:3c:0f:63:02:fe: b1:7a:99:ff:a7:b7:c2:d0:64:01:68:63:41:ff:06:8a:42:6e: 36:8d:a7:7d:2d:61:f2:61:96:45:36:19:55:98:d5:46:33:16: 12:15:51:6c:7d:fe:53:b0:2d:b6:49:6a:7e:80:52:20:7a:d7: ae:aa:76:03:d7:02:85:1a:1f:d3:e1:55:6a:2f:25:01:7b:4b: b3:35:51:b9:26:1c:36:e6:45:8b:1b:b4:89:b7:3f:f7:13:74: 88:02:8a:10:7e:02:3c:47:c9:56:0f:63:5c:6d:22:58:4e:5d: 28:ea:b6:53:ff:60:25:10:44:8f:b3:d0:a9:a4:c3:39:aa:47: 13:aa:c5:61:b8:58:76:0e:05:f1:90:67:2c:b6:75:f3:b0:7e: 64:3e:77:ed:50:00:43:07:1e:77:a6:3c:59:ff:f4:02:dc:b1: 95:3d:01:48:c1:7e:5c:9b:29:63:94:58:0b:6f:22:85:5a:82: 77:5c:bb:fe:42:60:46:21:4a:b8:54:6d:66:d1:e4:6d:8d:6b: ce:bd:1d:b1 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUCIjgzeq8P8RPZboodL7qN/5OV4YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjVaFw0yNjA3MDMwNzUxMjVaMDMxMTAvBgNV BAMTKDg4NUM1MzdFNzZFMjQ2NDIwODE3MkQ2MTdFM0NDNUE5NDBBQzRGNzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7v39vg7i2NQnxMiwjA3ZOmLqg D6vMgDDY5L6/7l5yfEkj+6BH5MM9CpN75sCz+3c+Wpx6Nl9RXPQ7Lq6mLMpzbVUT vCCHs2FTIbD8sFR7H2mw3fCY4fB4GgAiDRpERG2Sz+uAydZVuUqz7acYWhFV1OBE CmAXeBwjKT2DwQykj8PQga3c1ONvqBRdl8R2fFmxs2wh5s0qMXQewDiJf5aeYxbq xKDJn1mm9wwJREMLeEEaLZxJEbS+u8cE+DByIxB7MxhtQXpynZLbFqqI5AJd+/cN T3+T/8soHa2e+raf1TBR43BNTWMLvNxLzTnhqpoX6xWofr6jY5jl+jCu5cpfAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUiFxTfnbiRkIIFy1hfjzFqUCsT3YwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjExOTU0LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQC/TFWB4z3lrlg0WAiLbd2AeqNftf0j96WP YEqaKhfajlT0pYd1Ty81rCsT7fH9AMUSPA9jAv6xepn/p7fC0GQBaGNB/waKQm42 jad9LWHyYZZFNhlVmNVGMxYSFVFsff5TsC22SWp+gFIgeteuqnYD1wKFGh/T4VVq LyUBe0uzNVG5Jhw25kWLG7SJtz/3E3SIAooQfgI8R8lWD2NcbSJYTl0o6rZT/2Al EESPs9CppMM5qkcTqsVhuFh2DgXxkGcstnXzsH5kPnftUABDBx53pjxZ//QC3LGV PQFIwX5cmyljlFgLbyKFWoJ3XLv+QmBGIUq4VG1m0eRtjWvOvR2x -----END CERTIFICATE-----Generated at Sat Jul 5 08:28:00 2025 by rpki-client