$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa File: 326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa (raw, json) Hash identifier: jjg3HPw+XVWQVO0XHgF/TKZW97oaDPDZVvcbfhgJX94= Subject key identifier: 8A:69:94:A6:33:F7:3F:78:A8:28:EA:AD:14:9D:C7:39:96:02:E6:77 Certificate issuer: /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A Certificate serial: 75F259ABEB9677BC3F5BB846A8F3FB7C2F66C095 Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa Signing time: Sun 07 Sep 2025 19:22:58 +0000 ROA not before: Sun 07 Sep 2025 19:17:58 +0000 ROA not after: Sun 06 Sep 2026 19:22:58 +0000 asID: 214643 IP address blocks: 2a14:7581:f40::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Sep 2025 14:10:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:f2:59:ab:eb:96:77:bc:3f:5b:b8:46:a8:f3:fb:7c:2f:66:c0:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A Validity Not Before: Sep 7 19:17:58 2025 GMT Not After : Sep 6 19:22:58 2026 GMT Subject: CN=8A6994A633F73F78A828EAAD149DC7399602E677 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:c6:8a:73:d8:da:c4:84:d2:03:49:33:de:7b: c1:0b:95:93:a2:f7:26:8d:02:a3:50:ba:84:b4:b7: dc:2b:b2:bd:5b:60:ff:2f:37:40:89:a3:a4:aa:fd: c2:47:7c:45:2d:84:fe:fa:51:f7:2b:96:7e:35:84: 82:03:ea:d1:1b:97:9c:25:ae:b5:32:78:fa:5c:67: be:fe:ed:87:ed:ae:41:d7:b2:35:7c:9c:8d:94:c0: 11:90:97:47:64:e3:1d:b1:7f:8a:ae:de:b8:31:d6: 78:1e:a0:36:7a:13:78:f0:d0:57:8e:10:37:01:36: 51:52:36:4e:14:49:48:5a:a2:ab:87:d1:fd:c8:9f: 4b:bf:ee:c3:dd:3a:75:a4:11:82:2c:f0:dc:e2:b8: 2e:b3:bf:cd:03:2d:6b:87:e9:8e:a7:9a:f5:64:fe: 3c:70:a3:b5:dc:52:b6:ff:66:e0:4f:7d:20:dc:d9: e4:d2:30:8c:7f:31:9f:c7:ab:1f:97:4f:6f:79:ab: d7:5f:2a:6c:75:0f:dc:b2:06:61:4e:21:34:5f:53: 95:1b:8f:c0:fb:10:3d:99:fc:af:9c:bc:73:09:5d: 5b:e9:8e:d9:05:59:ac:4f:d0:4b:c0:5e:7a:c4:00: 22:7b:0c:92:d0:ef:28:4c:9a:88:f4:b7:eb:f1:45: 5d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:69:94:A6:33:F7:3F:78:A8:28:EA:AD:14:9D:C7:39:96:02:E6:77 X509v3 Authority Key Identifier: keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:f40::/44 Signature Algorithm: sha256WithRSAEncryption 85:bc:11:bf:14:81:26:fd:8a:aa:38:b3:15:fa:1c:a4:61:c1: 33:60:7f:25:73:ba:5d:6e:bc:1f:37:a6:91:3b:4d:60:45:ca: b1:f7:12:c3:22:ae:79:8a:dd:4f:68:88:6c:29:81:f3:9a:9c: 12:aa:86:26:90:74:c8:47:29:6d:86:3e:7a:fc:6c:6d:00:7c: 50:69:76:8e:02:36:b6:e7:8d:f8:c6:11:66:e6:aa:aa:7e:aa: f5:e8:31:39:56:e9:58:d4:9d:2e:5f:a1:08:6c:c0:50:85:82: 49:b5:4d:f7:11:2f:95:60:fc:ca:86:7e:66:55:80:da:79:8c: 2a:20:2d:15:f9:35:85:94:47:ab:cf:8a:9b:f9:05:91:e6:47: 0c:f3:94:b0:56:e5:4f:75:a2:96:cd:14:f9:f2:76:b0:c8:39: c5:51:06:93:cf:35:9d:63:26:8a:28:af:94:58:47:e3:fd:9f: f4:e2:1b:ff:49:0f:4f:5f:a3:a7:a5:cd:23:c7:7a:66:a5:76: 4b:c7:26:e2:18:bd:21:b3:67:ab:28:f1:d4:f1:04:62:bf:05: a7:bd:c3:a3:4a:44:d1:bf:9e:06:10:36:9b:3b:74:ba:bb:4b: cc:70:cf:58:a4:f4:5a:62:8d:48:fe:9f:14:4f:f1:68:78:c1: dc:f7:63:71 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUdfJZq+uWd7w/W7hGqPP7fC9mwJUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB RUY3QUQxQTAeFw0yNTA5MDcxOTE3NThaFw0yNjA5MDYxOTIyNThaMDMxMTAvBgNV BAMTKDhBNjk5NEE2MzNGNzNGNzhBODI4RUFBRDE0OURDNzM5OTYwMkU2NzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjxopz2NrEhNIDSTPee8ELlZOi 9yaNAqNQuoS0t9wrsr1bYP8vN0CJo6Sq/cJHfEUthP76Ufcrln41hIID6tEbl5wl rrUyePpcZ77+7YftrkHXsjV8nI2UwBGQl0dk4x2xf4qu3rgx1ngeoDZ6E3jw0FeO EDcBNlFSNk4USUhaoquH0f3In0u/7sPdOnWkEYIs8NziuC6zv80DLWuH6Y6nmvVk /jxwo7XcUrb/ZuBPfSDc2eTSMIx/MZ/Hqx+XT295q9dfKmx1D9yyBmFOITRfU5Ub j8D7ED2Z/K+cvHMJXVvpjtkFWaxP0EvAXnrEACJ7DJLQ7yhMmoj0t+vxRV2DAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUimmUpjP3P3ioKOqtFJ3HOZYC5ncwHwYDVR0j BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz MjU5RkM3OEFFRjdBRDFBLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTY2MzQzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEz NDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHBCoUdYEPQDANBgkqhkiG9w0BAQsFAAOCAQEAhbwR vxSBJv2KqjizFfocpGHBM2B/JXO6XW68HzemkTtNYEXKsfcSwyKueYrdT2iIbCmB 85qcEqqGJpB0yEcpbYY+evxsbQB8UGl2jgI2tueN+MYRZuaqqn6q9egxOVbpWNSd Ll+hCGzAUIWCSbVN9xEvlWD8yoZ+ZlWA2nmMKiAtFfk1hZRHq8+Km/kFkeZHDPOU sFblT3Wils0U+fJ2sMg5xVEGk881nWMmiiivlFhH4/2f9OIb/0kPT1+jp6XNI8d6 ZqV2S8cm4hi9IbNnqyjx1PEEYr8Fp73Do0pE0b+eBhA2mzt0urtLzHDPWKT0WmKN SP6fFE/xaHjB3PdjcQ== -----END CERTIFICATE-----Generated at Mon Sep 8 17:04:35 2025 by rpki-client