$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538303a393330303a3a2f34302d3438203d3e20323136323939.roa File: 326131343a373538303a393330303a3a2f34302d3438203d3e20323136323939.roa (raw, json) Hash identifier: 0JNkK9KnjI4w2zV41Uw2bLOQhv0TkTdwPhPOAejMVJo= Subject key identifier: C9:62:82:52:49:C3:8E:76:AB:20:1C:36:61:9C:7C:29:9C:F8:AB:B0 Certificate issuer: /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A Certificate serial: 3546216DB38FE8C613BE94622888B5C6CD2DE2B5 Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538303a393330303a3a2f34302d3438203d3e20323136323939.roa Signing time: Sat 30 Nov 2024 14:10:52 +0000 ROA not before: Sat 30 Nov 2024 14:05:52 +0000 ROA not after: Sat 29 Nov 2025 14:10:52 +0000 asID: 216299 IP address blocks: 2a14:7580:9300::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 06 Apr 2025 22:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:46:21:6d:b3:8f:e8:c6:13:be:94:62:28:88:b5:c6:cd:2d:e2:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A Validity Not Before: Nov 30 14:05:52 2024 GMT Not After : Nov 29 14:10:52 2025 GMT Subject: CN=C962825249C38E76AB201C36619C7C299CF8ABB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:db:1a:df:9c:68:2c:aa:dc:11:3e:d9:06:c1: e6:53:1e:73:27:29:32:fe:7f:e9:b6:b2:66:c6:f0: e5:b3:c1:ff:fd:6f:5e:e4:7a:0c:8e:87:f1:6a:4e: 91:77:03:14:f2:08:46:ad:ff:bb:7c:dd:1f:a0:b7: df:d6:b0:b1:9e:72:a5:8c:3f:b3:83:4b:66:cc:b8: f0:77:cc:a1:90:bb:cb:bb:c0:8c:98:2a:82:16:44: 6d:b1:0a:58:ad:3c:0c:80:9b:c4:c4:78:d7:5b:ec: 0c:f7:93:2b:2b:46:c5:51:da:4f:e9:9f:e5:b3:68: fb:6a:01:0e:ef:60:f5:bc:ff:14:7f:b4:5c:e5:87: 8d:ec:58:b8:99:e0:70:d3:ee:3a:84:ec:20:f7:a4: 8d:f4:4c:f5:17:4f:9e:c8:18:f6:76:01:83:34:ad: 3b:78:bb:72:17:c7:ec:63:7f:10:61:ea:d8:05:07: e2:9a:a5:6d:b2:85:0c:81:14:9d:48:98:0d:8d:96: 82:43:0e:7f:f8:6d:6e:89:4e:36:c4:d3:74:ee:fd: 06:5a:a6:24:aa:81:77:d7:96:ab:f3:65:f1:0d:fc: 35:28:7c:2d:9b:0e:4b:8e:90:ac:42:51:60:83:84: fd:10:43:0d:f4:fd:7f:5c:f2:1e:b6:f6:1a:fa:40: cb:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:62:82:52:49:C3:8E:76:AB:20:1C:36:61:9C:7C:29:9C:F8:AB:B0 X509v3 Authority Key Identifier: keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538303a393330303a3a2f34302d3438203d3e20323136323939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:9300::/40 Signature Algorithm: sha256WithRSAEncryption 50:53:3d:70:cc:f8:5b:43:08:c0:1c:bb:e4:23:98:05:96:91: 08:cf:03:9c:e3:0b:ec:3a:56:72:ab:e9:c6:66:f8:ae:c8:db: 79:0f:5d:6b:ec:0d:44:86:1e:fe:28:5e:c2:08:1f:1a:f7:30: 30:6e:0d:4c:b7:82:b2:eb:90:df:14:b5:3c:26:ac:4a:c8:f9: 3d:87:ad:8a:eb:1d:d9:75:82:21:c1:1d:2d:5a:5d:d9:7d:1d: 12:80:c9:c7:e0:e5:0b:b6:ea:55:b3:93:00:46:8e:bb:ab:b4: 04:a6:c9:a5:c3:e7:37:84:c5:6a:0e:cd:b6:93:d5:ec:82:e8: ed:01:3c:ba:84:69:05:2b:2e:d5:8b:b0:77:d3:10:c9:6e:e3: 89:fd:c7:c0:0c:22:84:80:60:28:7b:42:e1:2b:e0:f8:98:8a: 81:e5:b5:f1:c5:b3:a2:56:62:21:bc:2f:df:84:a8:c0:39:cb: 4f:d3:3e:a1:60:62:9f:88:7b:af:10:e8:69:ba:a7:33:c7:03: 05:a0:3f:ba:1a:79:aa:b5:80:3b:30:0a:ef:e6:b2:9f:37:f5: a2:6c:a8:7e:60:80:73:e3:7a:d1:2a:9c:6f:0d:f5:ce:9c:52: ed:74:48:52:81:07:7a:93:6d:0e:da:40:88:b1:af:ca:bb:e7: f9:e5:aa:cf -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUNUYhbbOP6MYTvpRiKIi1xs0t4rUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB RUY3QUQxQTAeFw0yNDExMzAxNDA1NTJaFw0yNTExMjkxNDEwNTJaMDMxMTAvBgNV BAMTKEM5NjI4MjUyNDlDMzhFNzZBQjIwMUMzNjYxOUM3QzI5OUNGOEFCQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC22xrfnGgsqtwRPtkGweZTHnMn KTL+f+m2smbG8OWzwf/9b17kegyOh/FqTpF3AxTyCEat/7t83R+gt9/WsLGecqWM P7ODS2bMuPB3zKGQu8u7wIyYKoIWRG2xClitPAyAm8TEeNdb7Az3kysrRsVR2k/p n+WzaPtqAQ7vYPW8/xR/tFzlh43sWLiZ4HDT7jqE7CD3pI30TPUXT57IGPZ2AYM0 rTt4u3IXx+xjfxBh6tgFB+KapW2yhQyBFJ1ImA2NloJDDn/4bW6JTjbE03Tu/QZa piSqgXfXlqvzZfEN/DUofC2bDkuOkKxCUWCDhP0QQw30/X9c8h629hr6QMu3AgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUyWKCUknDjnarIBw2YZx8KZz4q7AwHwYDVR0j BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTM5MzMzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz MTM2MzIzOTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1gJMwDQYJKoZIhvcNAQELBQADggEBAFBT PXDM+FtDCMAcu+QjmAWWkQjPA5zjC+w6VnKr6cZm+K7I23kPXWvsDUSGHv4oXsII Hxr3MDBuDUy3grLrkN8UtTwmrErI+T2HrYrrHdl1giHBHS1aXdl9HRKAycfg5Qu2 6lWzkwBGjrurtASmyaXD5zeExWoOzbaT1eyC6O0BPLqEaQUrLtWLsHfTEMlu44n9 x8AMIoSAYCh7QuEr4PiYioHltfHFs6JWYiG8L9+EqMA5y0/TPqFgYp+Ie68Q6Gm6 pzPHAwWgP7oaeaq1gDswCu/msp839aJsqH5ggHPjetEqnG8N9c6cUu10SFKBB3qT bQ7aQIixr8q75/nlqs8= -----END CERTIFICATE-----Generated at Sun Apr 6 05:53:25 2025 by rpki-client