$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa File: 326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa (raw, json) Hash identifier: Tk4tJu5bvTD5dR9NoM2pYvWxSXCc2/x84lQAlZZqzIs= Subject key identifier: C9:20:FC:D3:5A:6D:55:27:92:65:58:3D:3C:2B:AC:E6:93:04:2D:26 Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Certificate serial: 7F20EBF8251638C5369531717C9A72940C2DAA99 Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa Signing time: Mon 24 Feb 2025 04:56:43 +0000 ROA not before: Mon 24 Feb 2025 04:51:43 +0000 ROA not after: Mon 23 Feb 2026 04:56:43 +0000 asID: 203511 IP address blocks: 2a0f:85c1:701::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 10:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:20:eb:f8:25:16:38:c5:36:95:31:71:7c:9a:72:94:0c:2d:aa:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Validity Not Before: Feb 24 04:51:43 2025 GMT Not After : Feb 23 04:56:43 2026 GMT Subject: CN=C920FCD35A6D55279265583D3C2BACE693042D26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:50:e2:ef:cd:ab:1f:23:1c:d1:8f:9e:f2:b9: 02:f2:0a:50:6a:81:4c:2d:d4:3c:62:7c:84:ed:df: 46:7d:d5:f9:9c:0d:44:50:6c:32:66:f9:69:46:89: a1:2a:8b:cd:62:df:6d:7b:39:d8:02:d0:2c:e4:51: 94:61:0b:17:9f:c7:95:4e:13:6e:78:fd:ae:18:6b: 27:aa:77:3e:7c:b3:e1:72:ba:aa:bc:3a:f3:55:78: 5c:1a:ca:21:fc:8a:0b:be:ad:46:52:f3:36:5c:87: 31:81:5e:a7:d6:2a:76:03:c5:8a:4f:98:2f:19:01: 3c:6a:9c:be:cd:3b:32:02:ae:51:fb:ec:7f:d7:a5: 39:d6:ee:f4:65:c5:5c:96:80:75:80:c6:19:7a:b4: 4b:88:52:80:b0:bb:1c:9b:46:df:82:17:46:86:2e: cd:80:a4:72:65:eb:73:b6:ef:58:4b:8d:e3:d3:f4: d0:be:cb:ec:40:3e:a5:cf:4a:eb:7f:03:ef:68:d8: 78:05:ab:41:77:56:55:bb:bb:a5:9d:51:7b:9d:e9: 08:17:44:c2:45:f5:7f:19:d6:58:2d:7a:1f:57:97: 24:a6:59:1a:f8:82:f4:61:7f:2f:82:7d:45:df:73: e5:49:58:de:0e:eb:fd:60:10:4f:98:fa:ae:4a:34: 5e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:20:FC:D3:5A:6D:55:27:92:65:58:3D:3C:2B:AC:E6:93:04:2D:26 X509v3 Authority Key Identifier: keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:701::/48 Signature Algorithm: sha256WithRSAEncryption 88:65:9f:2e:39:e0:57:4a:f0:0d:6d:47:e3:e0:fc:3d:a2:a0: 6a:77:32:fa:52:e1:52:ed:e8:59:b4:7b:f1:a7:f2:5f:22:66: c7:d4:e1:e6:e7:0e:52:b5:2c:fb:04:77:3c:35:77:09:47:d4: 3d:a7:ca:4f:e4:b6:a0:dd:19:6c:03:75:17:43:e7:b3:08:e9: f8:c5:22:44:c9:18:5e:97:ee:78:99:be:c5:a5:4f:55:06:a2: a7:60:82:8a:a2:61:d5:c9:06:43:7e:3d:2e:1d:cf:38:b9:04: 58:93:cc:b0:b4:59:ea:7f:61:7c:d8:c1:02:1b:f0:1d:30:d1: 5f:bc:43:10:a3:7a:bb:27:2f:68:20:12:04:77:be:fe:12:7e: 20:a2:b0:05:13:ce:fd:b4:31:8c:e9:0c:c8:f9:77:52:3d:e5: 04:af:c1:70:25:f4:29:b7:f1:18:ce:cd:86:b1:09:a5:f3:49: 9b:4e:a3:6c:d4:a4:48:09:be:9c:be:e9:aa:d4:dd:03:c4:7c: b5:00:8a:62:8b:d2:29:91:83:bd:fc:2b:cb:8d:81:2a:5b:1e: 68:f1:6c:cd:6d:d4:22:b1:39:4e:9a:6b:b7:62:89:40:8b:51: 31:cc:80:62:2d:c8:35:f1:03:f5:b0:44:bc:60:78:ca:e2:f2: 4f:29:a9:12 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUfyDr+CUWOMU2lTFxfJpylAwtqpkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0 OUMxODM3NzAeFw0yNTAyMjQwNDUxNDNaFw0yNjAyMjMwNDU2NDNaMDMxMTAvBgNV BAMTKEM5MjBGQ0QzNUE2RDU1Mjc5MjY1NTgzRDNDMkJBQ0U2OTMwNDJEMjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuUOLvzasfIxzRj57yuQLyClBq gUwt1DxifITt30Z91fmcDURQbDJm+WlGiaEqi81i3217OdgC0CzkUZRhCxefx5VO E254/a4Yayeqdz58s+Fyuqq8OvNVeFwayiH8igu+rUZS8zZchzGBXqfWKnYDxYpP mC8ZATxqnL7NOzICrlH77H/XpTnW7vRlxVyWgHWAxhl6tEuIUoCwuxybRt+CF0aG Ls2ApHJl63O271hLjePT9NC+y+xAPqXPSut/A+9o2HgFq0F3VlW7u6WdUXud6QgX RMJF9X8Z1lgteh9XlySmWRr4gvRhfy+CfUXfc+VJWN4O6/1gEE+Y+q5KNF41AgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUySD801ptVSeSZVg9PCus5pMELSYwHwYDVR0j BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0 MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3 MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2 NjNhMzgzNTYzMzEzYTM3MzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz MzM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEHATANBgkqhkiG9w0BAQsFAAOCAQEAiGWf LjngV0rwDW1H4+D8PaKgancy+lLhUu3oWbR78afyXyJmx9Th5ucOUrUs+wR3PDV3 CUfUPafKT+S2oN0ZbAN1F0Pnswjp+MUiRMkYXpfueJm+xaVPVQaip2CCiqJh1ckG Q349Lh3POLkEWJPMsLRZ6n9hfNjBAhvwHTDRX7xDEKN6uycvaCASBHe+/hJ+IKKw BRPO/bQxjOkMyPl3Uj3lBK/BcCX0KbfxGM7NhrEJpfNJm06jbNSkSAm+nL7pqtTd A8R8tQCKYovSKZGDvfwry42BKlseaPFszW3UIrE5Tpprt2KJQItRMcyAYi3INfED 9bBEvGB4yuLyTympEg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:54:58 2025 by rpki-client