$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa File: 326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa (raw, json) Hash identifier: Ev3rOkqZsW7zdikCCUw3UiV18aO5+Lr8u68oqxdnuog= Subject key identifier: 42:78:EE:A8:BE:AF:A0:A8:A1:65:F0:3C:59:A5:4A:1B:5F:B5:B1:E7 Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Certificate serial: 21402E5265A2C853965BB936EF2C640AB0F7AF9B Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa Signing time: Mon 25 Mar 2024 11:47:41 +0000 ROA not before: Mon 25 Mar 2024 11:42:41 +0000 ROA not after: Mon 24 Mar 2025 11:47:41 +0000 asID: 203511 IP address blocks: 2a0f:85c1:7f0::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 25 Jun 2024 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:40:2e:52:65:a2:c8:53:96:5b:b9:36:ef:2c:64:0a:b0:f7:af:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Validity Not Before: Mar 25 11:42:41 2024 GMT Not After : Mar 24 11:47:41 2025 GMT Subject: CN=4278EEA8BEAFA0A8A165F03C59A54A1B5FB5B1E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:96:d5:23:b7:63:e1:03:c0:78:1d:1b:78:81: 60:d8:0a:2d:43:3c:7c:a3:2b:3a:ac:c3:f3:3a:65: 5e:ed:bf:34:b5:1c:2b:08:65:9f:6a:0a:00:ef:c2: ba:b9:f5:0d:2e:70:98:c3:ed:31:71:f3:78:f3:36: 65:e5:2a:ab:3a:78:23:77:f7:da:2a:46:ec:a0:41: 7d:cb:34:f3:ae:8c:2b:c5:2b:ae:2f:0c:ca:e7:84: 16:17:01:06:80:e2:e0:12:fb:78:aa:18:8f:22:54: 0d:78:69:5c:96:c0:d6:29:1e:8e:6c:6a:5f:59:f5: 52:7a:a6:ea:29:59:94:c0:e2:07:15:85:a4:a6:6c: 17:9e:60:e9:bb:77:25:be:ce:99:6c:bc:88:f5:4c: ce:8c:c8:2e:0f:5b:29:2d:11:d2:df:f6:49:71:50: 1e:0f:2a:04:ea:e7:b5:45:2b:03:03:e2:f8:57:03: b5:56:0c:0c:77:1d:87:98:d4:37:0d:57:28:69:4d: 2f:41:b1:c9:1a:56:ad:62:27:34:f9:2d:1e:9e:3c: 53:ae:44:0d:4b:fb:db:af:79:79:58:4c:9d:7f:3e: ac:fa:d9:55:82:4a:aa:a6:55:7e:c1:40:0d:03:80: 44:b0:43:32:80:1f:76:ab:12:6f:14:a9:67:bb:db: 2f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:78:EE:A8:BE:AF:A0:A8:A1:65:F0:3C:59:A5:4A:1B:5F:B5:B1:E7 X509v3 Authority Key Identifier: keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:7f0::/48 Signature Algorithm: sha256WithRSAEncryption 12:83:5f:c8:8a:e4:28:5e:53:91:49:92:e0:2b:8f:b1:9a:78: 61:d4:5a:5a:5d:e8:92:0c:0d:3f:bf:7b:2a:9e:b9:b9:27:d3: 64:cf:ba:35:ec:6c:af:ef:89:77:aa:6d:04:7f:98:f8:ad:ab: cd:d5:c3:6b:57:54:8e:6b:cb:2a:b6:72:98:99:3c:5d:22:55: 07:ab:76:e2:69:0f:de:3e:40:8a:b6:60:75:38:00:0c:5d:d0: 32:e6:9f:9c:a6:35:a6:88:8f:0e:b2:34:37:37:ed:53:0e:d1: f7:5e:71:51:3b:96:41:3e:96:cb:1b:35:28:bc:5a:2b:2e:1f: df:9e:c0:82:29:0e:44:15:6c:68:07:a4:50:de:f9:8e:d1:2a: eb:74:54:81:71:32:f0:ad:36:5e:d0:00:df:f5:da:3c:f9:d3: 8d:55:19:e8:fb:ac:e4:79:6a:ac:29:a5:a5:b8:01:cb:cc:c4: db:6e:87:02:3e:0b:6a:44:b3:ec:8e:a0:1e:6e:1a:21:57:fc: 84:28:1c:a7:ac:f1:3e:c3:7e:46:a1:21:18:02:51:64:96:99: 38:94:2f:8b:cd:64:69:03:43:60:45:ef:40:59:91:5b:78:ee: cf:83:0f:e9:09:e8:39:65:af:48:5b:27:44:0d:d3:59:5b:a7: a5:ba:e5:69 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUIUAuUmWiyFOWW7k27yxkCrD3r5swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0 OUMxODM3NzAeFw0yNDAzMjUxMTQyNDFaFw0yNTAzMjQxMTQ3NDFaMDMxMTAvBgNV BAMTKDQyNzhFRUE4QkVBRkEwQThBMTY1RjAzQzU5QTU0QTFCNUZCNUIxRTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGltUjt2PhA8B4HRt4gWDYCi1D PHyjKzqsw/M6ZV7tvzS1HCsIZZ9qCgDvwrq59Q0ucJjD7TFx83jzNmXlKqs6eCN3 99oqRuygQX3LNPOujCvFK64vDMrnhBYXAQaA4uAS+3iqGI8iVA14aVyWwNYpHo5s al9Z9VJ6puopWZTA4gcVhaSmbBeeYOm7dyW+zplsvIj1TM6MyC4PWyktEdLf9klx UB4PKgTq57VFKwMD4vhXA7VWDAx3HYeY1DcNVyhpTS9BsckaVq1iJzT5LR6ePFOu RA1L+9uveXlYTJ1/Pqz62VWCSqqmVX7BQA0DgESwQzKAH3arEm8UqWe72y/xAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUQnjuqL6voKihZfA8WaVKG1+1secwHwYDVR0j BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0 MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2 NjNhMzgzNTYzMzEzYTM3NjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz MzM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8DANBgkqhkiG9w0BAQsFAAOCAQEAEoNf yIrkKF5TkUmS4CuPsZp4YdRaWl3okgwNP797Kp65uSfTZM+6Nexsr++Jd6ptBH+Y +K2rzdXDa1dUjmvLKrZymJk8XSJVB6t24mkP3j5AirZgdTgADF3QMuafnKY1poiP DrI0NzftUw7R915xUTuWQT6Wyxs1KLxaKy4f357AgikORBVsaAekUN75jtEq63RU gXEy8K02XtAA3/XaPPnTjVUZ6Pus5HlqrCmlpbgBy8zE226HAj4LakSz7I6gHm4a IVf8hCgcp6zxPsN+RqEhGAJRZJaZOJQvi81kaQNDYEXvQFmRW3juz4MP6QnoOWWv SFsnRA3TWVunpbrlaQ== -----END CERTIFICATE-----Generated at Tue Jun 25 06:40:39 2024 by rpki-client on console-ams.rpki-client.org