$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637613a3a2f34382d3438203d3e20323033393135.roa File: 326131343a373538303a666637613a3a2f34382d3438203d3e20323033393135.roa (raw, json) Hash identifier: lVFPEuT+Vv7EHAhCsqJ2Rg8eFP3usNSJ0TffuGmsFKE= Subject key identifier: 11:48:17:60:6F:5E:FE:63:A4:8B:6F:1D:0B:4B:81:D2:5E:9A:92:C0 Certificate issuer: /CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Certificate serial: 717FFC11D915A65C53623FF7A38ACBAFA917B92B Authority key identifier: CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637613a3a2f34382d3438203d3e20323033393135.roa Signing time: Mon 01 Sep 2025 15:19:22 +0000 ROA not before: Mon 01 Sep 2025 15:14:22 +0000 ROA not after: Mon 31 Aug 2026 15:19:22 +0000 asID: 203915 IP address blocks: 2a14:7580:ff7a::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 24 Oct 2025 19:29:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:7f:fc:11:d9:15:a6:5c:53:62:3f:f7:a3:8a:cb:af:a9:17:b9:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F Validity Not Before: Sep 1 15:14:22 2025 GMT Not After : Aug 31 15:19:22 2026 GMT Subject: CN=114817606F5EFE63A48B6F1D0B4B81D25E9A92C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4a:52:82:65:2d:fa:8c:05:78:14:ee:51:db: 7f:9e:0c:3d:d8:4f:a9:c5:59:bb:43:15:d1:b9:e1: 55:24:0f:0b:91:b9:10:d3:36:6b:df:a6:be:07:41: b8:0d:be:67:e4:84:46:87:cb:d4:b3:1d:5c:46:b4: f8:a8:0a:fa:1c:0a:37:f6:f3:b6:ba:2a:8f:74:13: 1a:66:74:f3:05:ee:aa:52:0e:48:2e:fe:f5:00:62: 26:dd:6f:a6:4e:f3:0e:f8:72:14:93:b0:d6:a5:e2: d0:2b:e5:83:f5:2c:2b:ec:a0:93:78:75:29:d4:64: bf:26:e3:bd:dc:49:81:e3:0c:14:26:6c:28:9a:4d: 52:77:31:f3:a2:98:e8:c4:8f:ed:f0:09:b6:fd:7b: 31:c5:d0:2e:e3:00:4a:9b:47:a3:ba:2c:f6:9a:14: 30:7a:60:a5:52:d1:6b:24:9c:6b:48:bf:23:8e:7c: a1:4f:f0:20:50:a1:1a:7d:95:9c:45:d8:f6:e4:e1: a9:48:8a:a2:70:8e:f2:8a:85:8b:5f:e4:97:98:10: 46:00:3a:cf:28:b8:b5:a5:67:b0:6e:9f:4d:46:3e: d0:0b:91:9d:f0:21:46:ad:88:51:13:9f:73:64:ed: f3:02:24:d5:ca:b6:82:e6:7d:9e:90:9e:60:78:41: 1f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:48:17:60:6F:5E:FE:63:A4:8B:6F:1D:0B:4B:81:D2:5E:9A:92:C0 X509v3 Authority Key Identifier: keyid:CC:79:1A:1F:5C:B3:BB:2C:AF:7C:28:38:21:12:E2:69:BF:1D:0F:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/CC791A1F5CB3BB2CAF7C28382112E269BF1D0F2F.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7a0aa56-4a1d-4ba8-ab66-c59fed4c37fc/1/326131343a373538303a666637613a3a2f34382d3438203d3e20323033393135.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff7a::/48 Signature Algorithm: sha256WithRSAEncryption 3d:54:08:e6:a7:d3:eb:89:3c:d8:a5:60:c3:2b:73:2c:8a:89: 60:f2:36:74:ba:21:b2:de:01:55:71:37:5d:f5:20:7e:b8:79: b6:42:7e:32:e8:ab:4b:dc:53:f1:23:57:3b:54:c8:cd:87:b6: 39:91:f8:6e:8a:75:da:72:93:95:e7:83:76:2b:b6:7b:d1:a8: 00:eb:ad:e9:3c:4e:e7:83:70:6c:86:b3:96:7e:6c:96:29:40: ed:2f:b9:44:f0:0f:b8:6e:18:89:c3:37:67:d2:21:51:73:02: 5a:04:b1:f8:86:98:9f:5e:9f:df:21:d1:d2:b4:08:d0:f2:cb: 56:c7:3f:26:a6:45:4c:71:6c:57:34:af:32:5b:e8:02:38:60: eb:3c:71:2f:71:77:60:06:e2:b7:0d:2f:8e:7f:10:60:6e:d4: 84:5a:a1:e3:43:8a:44:eb:52:e9:66:8a:3c:f9:31:c6:dd:d1: 63:c0:63:b6:0f:e3:85:df:75:86:0f:b7:29:04:03:06:22:11: bb:ad:1e:c8:86:28:ad:68:42:17:f3:4b:b3:6a:0f:d7:f6:a4: dc:ca:22:ee:cd:81:4c:83:52:c3:ac:64:b1:51:c7:e5:d6:67: 4a:fc:7b:75:a2:79:fa:5a:65:b8:04:51:2e:a3:db:e2:4b:bd: 6a:c2:59:48 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUcX/8EdkVplxTYj/3o4rLr6kXuSswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlC RjFEMEYyRjAeFw0yNTA5MDExNTE0MjJaFw0yNjA4MzExNTE5MjJaMDMxMTAvBgNV BAMTKDExNDgxNzYwNkY1RUZFNjNBNDhCNkYxRDBCNEI4MUQyNUU5QTkyQzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKSlKCZS36jAV4FO5R23+eDD3Y T6nFWbtDFdG54VUkDwuRuRDTNmvfpr4HQbgNvmfkhEaHy9SzHVxGtPioCvocCjf2 87a6Ko90ExpmdPMF7qpSDkgu/vUAYibdb6ZO8w74chSTsNal4tAr5YP1LCvsoJN4 dSnUZL8m473cSYHjDBQmbCiaTVJ3MfOimOjEj+3wCbb9ezHF0C7jAEqbR6O6LPaa FDB6YKVS0WsknGtIvyOOfKFP8CBQoRp9lZxF2Pbk4alIiqJwjvKKhYtf5JeYEEYA Os8ouLWlZ7Bun01GPtALkZ3wIUatiFETn3Nk7fMCJNXKtoLmfZ6QnmB4QR9XAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUEUgXYG9e/mOki28dC0uB0l6aksAwHwYDVR0j BBgwFoAUzHkaH1yzuyyvfCg4IRLiab8dDy8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjdhMGFhNTYtNGExZC00YmE4LWFiNjYtYzU5ZmVkNGMz N2ZjLzEvQ0M3OTFBMUY1Q0IzQkIyQ0FGN0MyODM4MjExMkUyNjlCRjFEMEYyRi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9DQzc5MUExRjVDQjNCQjJDQUY3QzI4Mzgy MTEyRTI2OUJGMUQwRjJGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9iN2EwYWE1Ni00YTFkLTRiYTgtYWI2Ni1jNTlmZWQ0YzM3ZmMvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNzYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDMzMzkzMTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP96MA0GCSqGSIb3DQEBCwUAA4IBAQA9 VAjmp9PriTzYpWDDK3Msiolg8jZ0uiGy3gFVcTdd9SB+uHm2Qn4y6KtL3FPxI1c7 VMjNh7Y5kfhuinXacpOV54N2K7Z70agA663pPE7ng3BshrOWfmyWKUDtL7lE8A+4 bhiJwzdn0iFRcwJaBLH4hpifXp/fIdHStAjQ8stWxz8mpkVMcWxXNK8yW+gCOGDr PHEvcXdgBuK3DS+OfxBgbtSEWqHjQ4pE61LpZoo8+THG3dFjwGO2D+OF33WGD7cp BAMGIhG7rR7IhiitaEIX80uzag/X9qTcyiLuzYFMg1LDrGSxUcfl1mdK/Ht1onn6 WmW4BFEuo9viS71qwllI -----END CERTIFICATE-----Generated at Fri Oct 24 06:39:11 2025 by rpki-client