$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS398057.roa File: AS398057.roa (raw, json) Hash identifier: sbj5qRoW5ENKpPIAa3FB92NYoHO25ylqdiUuqdZFw3M= Subject key identifier: 8B:16:D5:FC:49:1C:A0:9E:A8:6A:D9:35:B2:63:B3:2E:E9:49:B9:78 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 4BC4D7324415AD52CF6B36FA77D5F102C0B121C1 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS398057.roa Signing time: Fri 04 Jul 2025 07:51:27 +0000 ROA not before: Fri 04 Jul 2025 07:46:27 +0000 ROA not after: Fri 03 Jul 2026 07:51:27 +0000 asID: 398057 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:c4:d7:32:44:15:ad:52:cf:6b:36:fa:77:d5:f1:02:c0:b1:21:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:27 2025 GMT Not After : Jul 3 07:51:27 2026 GMT Subject: CN=8B16D5FC491CA09EA86AD935B263B32EE949B978 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:83:3c:be:89:55:66:d0:47:46:a6:5e:10:69: 25:5b:3a:63:0b:5e:33:21:cd:81:91:a1:e0:92:f2: 48:a4:3c:6c:c9:da:8a:12:9b:4d:0e:b9:5d:4e:f5: 0e:a2:89:32:52:56:fa:32:69:14:b5:af:0e:80:91: 96:ea:86:93:71:9e:58:2f:4d:81:48:97:a0:82:c6: b1:9f:84:63:d2:2e:b0:80:28:86:50:b2:fe:80:db: c2:56:96:2b:51:32:e4:c8:2d:d2:a9:c4:92:77:38: 31:8b:b4:c0:ce:6d:60:35:83:2e:a3:35:29:de:91: 9c:d6:70:cb:da:02:eb:56:fa:a9:df:0d:22:26:da: 7f:ad:a7:bb:28:5f:26:44:d0:4c:6c:29:2c:fd:dc: fc:fe:28:40:08:bd:43:7b:92:82:4c:11:27:ef:82: 94:47:11:40:4b:2c:f0:0b:d4:9a:79:06:b4:77:8d: 45:7b:65:6d:94:17:40:88:22:7f:d8:66:36:b6:9b: c7:60:ae:61:6b:83:a6:42:8a:f2:40:b6:0f:38:ab: b7:88:ff:95:be:3e:9c:2b:31:e9:89:09:50:e3:04: a2:f8:a6:09:26:05:b9:2b:74:02:8c:f2:c4:03:9a: e6:cd:4a:b6:36:a9:4e:88:bc:cb:0a:a0:86:01:fc: 79:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:16:D5:FC:49:1C:A0:9E:A8:6A:D9:35:B2:63:B3:2E:E9:49:B9:78 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS398057.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 76:2e:7e:16:25:9c:ad:f1:63:5e:4c:8e:e9:c6:9a:c0:d0:e7: cd:b3:bd:ad:03:5c:2e:5c:7d:95:ff:70:78:51:ad:11:94:14: bd:04:a5:9a:50:49:0c:6f:3c:6a:88:a5:e4:a8:e0:d5:ce:e3: b3:2d:dd:b2:a1:cb:9e:7d:e4:19:45:5f:3f:a4:d4:e6:3b:2a: e8:51:25:aa:ae:ee:51:47:4e:67:1d:b5:e8:8e:1d:92:07:26: 47:b7:ed:fe:63:bd:11:61:9a:d1:e4:18:83:b6:29:84:a0:0c: 37:a2:0c:de:54:84:22:38:3b:3b:d7:1c:15:f2:6c:f5:09:8a: ca:1f:6e:a9:b0:2d:41:5f:92:6a:a8:03:1a:41:77:cf:e1:b5: 6a:6b:c3:83:48:07:f0:d4:13:46:b4:c2:b5:ff:6c:76:3f:44: 77:78:89:ae:81:c4:98:a9:07:70:42:1b:d6:80:87:db:87:d4: 8d:d9:b5:7b:cf:ea:2b:d5:04:2d:bf:e4:c8:f3:4b:af:71:a9: 2a:54:d7:dd:fb:0b:c7:43:fc:fa:24:15:da:a7:ec:81:78:3c: 39:d7:53:8d:6f:9c:77:43:3f:fd:17:d2:72:cc:05:ea:49:d8: 6e:3d:56:17:22:a5:16:c3:9e:19:08:09:ac:ab:ed:c8:cd:19: a9:58:4f:88 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUS8TXMkQVrVLPazb6d9XxAsCxIcEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjdaFw0yNjA3MDMwNzUxMjdaMDMxMTAvBgNV BAMTKDhCMTZENUZDNDkxQ0EwOUVBODZBRDkzNUIyNjNCMzJFRTk0OUI5NzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4gzy+iVVm0EdGpl4QaSVbOmML XjMhzYGRoeCS8kikPGzJ2ooSm00OuV1O9Q6iiTJSVvoyaRS1rw6AkZbqhpNxnlgv TYFIl6CCxrGfhGPSLrCAKIZQsv6A28JWlitRMuTILdKpxJJ3ODGLtMDObWA1gy6j NSnekZzWcMvaAutW+qnfDSIm2n+tp7soXyZE0ExsKSz93Pz+KEAIvUN7koJMESfv gpRHEUBLLPAL1Jp5BrR3jUV7ZW2UF0CIIn/YZja2m8dgrmFrg6ZCivJAtg84q7eI /5W+PpwrMemJCVDjBKL4pgkmBbkrdAKM8sQDmubNSrY2qU6IvMsKoIYB/HkvAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUixbV/EkcoJ6oatk1smOzLulJuXgwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMzk4MDU3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQB2Ln4WJZyt8WNeTI7pxprA0OfNs72tA1wu XH2V/3B4Ua0RlBS9BKWaUEkMbzxqiKXkqODVzuOzLd2yocuefeQZRV8/pNTmOyro USWqru5RR05nHbXojh2SByZHt+3+Y70RYZrR5BiDtimEoAw3ogzeVIQiODs71xwV 8mz1CYrKH26psC1BX5JqqAMaQXfP4bVqa8ODSAfw1BNGtMK1/2x2P0R3eImugcSY qQdwQhvWgIfbh9SN2bV7z+or1QQtv+TI80uvcakqVNfd+wvHQ/z6JBXap+yBeDw5 11ONb5x3Qz/9F9JyzAXqSdhuPVYXIqUWw54ZCAmsq+3IzRmpWE+I -----END CERTIFICATE-----Generated at Sat Jul 5 08:28:00 2025 by rpki-client