$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS215823.roa File: AS215823.roa (raw, json) Hash identifier: /ktnomxFU3rSAyu/W5mTYaZTmwFkexA/QKBnzYpjXCg= Subject key identifier: B7:7E:F8:41:91:2D:03:43:12:B2:26:DA:90:7E:8D:5B:E3:78:66:68 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 1E3D99C958F9E694309C099BC7C98230F246CC4E Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS215823.roa Signing time: Wed 08 Oct 2025 16:19:25 +0000 ROA not before: Wed 08 Oct 2025 16:14:25 +0000 ROA not after: Wed 07 Oct 2026 16:19:25 +0000 asID: 215823 IP address blocks: 2a07:54c4::/44 maxlen: 48 2a07:54c5::/32 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 13:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:3d:99:c9:58:f9:e6:94:30:9c:09:9b:c7:c9:82:30:f2:46:cc:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Oct 8 16:14:25 2025 GMT Not After : Oct 7 16:19:25 2026 GMT Subject: CN=B77EF841912D034312B226DA907E8D5BE3786668 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:95:2e:9d:0e:92:b5:82:40:bb:23:81:20:6c: c1:a2:33:bb:d3:98:d0:cd:05:e6:a0:a1:3b:78:68: 04:f6:f5:3b:f4:3a:d0:8f:c5:c6:23:50:d1:e2:95: 6a:3b:71:8f:9f:ac:e0:84:ae:67:d2:3a:7c:cc:51: bc:2e:6e:00:ed:f6:b9:7e:92:86:1a:75:25:5c:73: 94:10:64:50:9c:c5:1c:06:9b:97:a4:4d:47:8d:ef: 20:f6:10:09:17:bd:13:67:24:b2:6a:cd:cb:15:b2: 35:f2:85:d8:1c:98:f6:cc:5f:fe:77:2e:ae:2a:ac: 0c:49:02:fd:1e:18:eb:75:d1:c4:02:61:3c:4f:36: 1a:c1:b6:13:2d:c7:00:13:da:2f:6a:fb:2e:ab:d3: b9:de:9b:24:00:bd:1a:4a:1a:2d:e5:8e:13:a3:d3: 17:d5:22:97:76:f5:a7:59:ee:df:19:5c:e6:fb:ec: 74:76:76:66:13:07:6b:45:ff:9c:ca:a3:67:cf:3b: 77:e2:79:72:18:34:45:0b:7d:2a:62:22:2c:d9:6e: a9:9e:de:dc:57:7f:90:52:7c:f0:9b:17:35:50:32: f6:0c:fc:b5:68:45:74:4d:d3:54:a1:04:00:22:58: 7e:af:40:75:ca:22:01:63:e0:5a:63:d2:ef:48:01: b3:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:7E:F8:41:91:2D:03:43:12:B2:26:DA:90:7E:8D:5B:E3:78:66:68 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS215823.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c4::/44 2a07:54c5::/32 Signature Algorithm: sha256WithRSAEncryption 24:1a:27:5f:c8:13:1b:26:c2:b5:30:a5:31:c0:d5:c6:56:3b: 66:bd:17:6f:a0:31:27:fe:78:b3:27:3c:e1:16:01:cf:b0:ec: ad:85:2d:86:f0:4d:c2:72:be:c0:bb:e5:e7:3b:de:e2:26:84: e1:14:eb:5c:04:e4:d1:0a:0c:d4:3d:2c:c5:7c:aa:9b:a2:f1: 45:f4:ff:24:0f:c3:1e:ab:f9:cd:cc:33:b1:87:97:7b:3a:b7: 02:2c:e0:c5:11:9a:52:9f:96:46:2d:99:31:07:96:68:4b:83: a4:6a:8f:63:3f:e1:db:8f:ec:c7:1e:8b:91:87:71:15:d2:62: 4b:a3:0c:5e:30:e8:99:41:fa:7d:10:98:c0:e7:22:78:a2:ba: 6d:46:ae:f3:e4:a4:28:4c:34:1b:18:1f:cf:22:98:19:27:a2: 77:86:68:e4:05:b3:50:8b:73:26:66:14:ed:b1:38:53:6a:f9: 97:fa:a1:be:86:ef:c8:66:dd:4c:5f:0a:91:0c:c3:53:33:58: b3:51:b6:7d:6a:a6:58:34:3f:f9:51:c9:b4:8e:70:ac:88:bf: 18:a2:36:ab:bd:5e:7e:79:56:08:a8:c5:6a:4a:2e:ba:f4:08: a0:59:10:51:be:7b:37:78:40:37:e3:9d:0b:60:cd:8b:c4:a3: 13:24:7d:22 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgIUHj2ZyVj55pQwnAmbx8mCMPJGzE4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTEwMDgxNjE0MjVaFw0yNjEwMDcxNjE5MjVaMDMxMTAvBgNV BAMTKEI3N0VGODQxOTEyRDAzNDMxMkIyMjZEQTkwN0U4RDVCRTM3ODY2NjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNlS6dDpK1gkC7I4EgbMGiM7vT mNDNBeagoTt4aAT29Tv0OtCPxcYjUNHilWo7cY+frOCErmfSOnzMUbwubgDt9rl+ koYadSVcc5QQZFCcxRwGm5ekTUeN7yD2EAkXvRNnJLJqzcsVsjXyhdgcmPbMX/53 Lq4qrAxJAv0eGOt10cQCYTxPNhrBthMtxwAT2i9q+y6r07nemyQAvRpKGi3ljhOj 0xfVIpd29adZ7t8ZXOb77HR2dmYTB2tF/5zKo2fPO3fieXIYNEULfSpiIizZbqme 3txXf5BSfPCbFzVQMvYM/LVoRXRN01ShBAAiWH6vQHXKIgFj4Fpj0u9IAbOBAgMB AAGjggJEMIICQDAdBgNVHQ4EFgQUt374QZEtA0MSsibakH6NW+N4ZmgwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjE1ODIzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcEKgdU xAAAAwUAKgdUxTANBgkqhkiG9w0BAQsFAAOCAQEAJBonX8gTGybCtTClMcDVxlY7 Zr0Xb6AxJ/54syc84RYBz7DsrYUthvBNwnK+wLvl5zve4iaE4RTrXATk0QoM1D0s xXyqm6LxRfT/JA/DHqv5zcwzsYeXezq3AizgxRGaUp+WRi2ZMQeWaEuDpGqPYz/h 24/sxx6LkYdxFdJiS6MMXjDomUH6fRCYwOcieKK6bUau8+SkKEw0GxgfzyKYGSei d4Zo5AWzUItzJmYU7bE4U2r5l/qhvobvyGbdTF8KkQzDUzNYs1G2fWqmWDQ/+VHJ tI5wrIi/GKI2q71efnlWCKjFakouuvQIoFkQUb57N3hAN+OdC2DNi8SjEyR9Ig== -----END CERTIFICATE-----Generated at Wed Oct 8 19:34:51 2025 by rpki-client