$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebb6890d-0d6b-4ea9-a2ef-92d34a3ae64d/0/326131343a373538313a3738363a3a2f34382d3438203d3e20323034383731.roa File: 326131343a373538313a3738363a3a2f34382d3438203d3e20323034383731.roa (raw, json) Hash identifier: d7JuEn5B8KAwVz8SpkU4AMcAJkaWbbl+bWkksQthj/k= Subject key identifier: 08:BC:2C:E9:B6:BF:6D:5A:9A:E5:1E:AA:E4:57:ED:B0:0C:5E:E5:99 Certificate issuer: /CN=31F76CE2EF4D020F925E37D7A9D8E35398C7C017 Certificate serial: 4475EF4E5C1EE78C3D9473078235EF498D9F7286 Authority key identifier: 31:F7:6C:E2:EF:4D:02:0F:92:5E:37:D7:A9:D8:E3:53:98:C7:C0:17 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/31F76CE2EF4D020F925E37D7A9D8E35398C7C017.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebb6890d-0d6b-4ea9-a2ef-92d34a3ae64d/0/326131343a373538313a3738363a3a2f34382d3438203d3e20323034383731.roa Signing time: Wed 15 Oct 2025 16:32:45 +0000 ROA not before: Wed 15 Oct 2025 16:27:45 +0000 ROA not after: Wed 14 Oct 2026 16:32:45 +0000 asID: 204871 IP address blocks: 2a14:7581:786::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebb6890d-0d6b-4ea9-a2ef-92d34a3ae64d/0/31F76CE2EF4D020F925E37D7A9D8E35398C7C017.crl rsync://rsync.paas.rpki.ripe.net/repository/ebb6890d-0d6b-4ea9-a2ef-92d34a3ae64d/0/31F76CE2EF4D020F925E37D7A9D8E35398C7C017.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/31F76CE2EF4D020F925E37D7A9D8E35398C7C017.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 08:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:75:ef:4e:5c:1e:e7:8c:3d:94:73:07:82:35:ef:49:8d:9f:72:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31F76CE2EF4D020F925E37D7A9D8E35398C7C017 Validity Not Before: Oct 15 16:27:45 2025 GMT Not After : Oct 14 16:32:45 2026 GMT Subject: CN=08BC2CE9B6BF6D5A9AE51EAAE457EDB00C5EE599 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:cd:91:ca:8c:76:b1:c7:4e:02:de:4e:e3:05: 7e:4f:3b:5d:8e:e3:ef:af:2b:f2:25:fa:76:16:e7: a8:09:2f:f2:c6:f0:e3:dc:6a:b3:b2:f0:8d:40:67: 9f:86:37:db:b4:8c:6f:22:83:54:99:26:eb:41:f5: 21:cb:eb:76:38:62:c4:d3:9e:7c:c3:0c:f5:19:eb: f3:86:ae:d9:69:48:b4:58:da:34:b0:94:a9:33:88: 14:7f:f4:fa:02:a7:20:fa:08:0c:2e:b5:47:54:b4: 99:f0:b9:84:ad:0f:f7:ab:d7:3a:d2:95:e8:e7:d0: f6:a3:70:36:a8:c1:8d:f0:12:60:ce:ef:76:a5:d6: b1:62:23:05:77:a8:92:81:7c:15:fb:51:cb:b0:f7: 62:dd:92:a5:00:fc:e8:37:5f:97:5c:d4:43:a5:47: 3c:e3:e9:48:58:cc:9d:a9:f5:fb:f2:69:9f:38:26: 6d:86:d3:8c:95:b3:c4:93:51:88:18:cf:4c:52:0d: 6a:77:f8:23:63:84:41:c9:47:81:9a:50:5c:5b:2f: cd:cd:54:98:12:ca:5b:60:dc:e5:46:2f:b5:85:53: 2d:c7:0a:6d:39:0b:0d:10:74:ac:e1:cf:e4:d1:99: cd:46:3b:48:8d:c7:32:ec:0f:5e:88:e0:37:74:7f: 5c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:BC:2C:E9:B6:BF:6D:5A:9A:E5:1E:AA:E4:57:ED:B0:0C:5E:E5:99 X509v3 Authority Key Identifier: keyid:31:F7:6C:E2:EF:4D:02:0F:92:5E:37:D7:A9:D8:E3:53:98:C7:C0:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ebb6890d-0d6b-4ea9-a2ef-92d34a3ae64d/0/31F76CE2EF4D020F925E37D7A9D8E35398C7C017.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/31F76CE2EF4D020F925E37D7A9D8E35398C7C017.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebb6890d-0d6b-4ea9-a2ef-92d34a3ae64d/0/326131343a373538313a3738363a3a2f34382d3438203d3e20323034383731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:786::/48 Signature Algorithm: sha256WithRSAEncryption 27:25:41:71:4a:df:f5:38:fc:26:1e:9e:10:8c:87:dc:a8:f7: b0:58:e2:5f:df:72:33:4e:6e:79:de:30:81:88:0f:4e:58:c3: 47:dc:ab:f4:97:53:b8:cb:4e:59:ec:49:81:ea:9c:1a:bf:4c: ef:3a:0e:19:d8:da:80:61:a3:d4:71:7f:5c:cc:43:c8:82:85: c9:ae:05:be:09:b0:10:38:85:45:a3:29:54:fa:28:60:5f:a7: ee:46:1e:db:6a:c6:9a:d4:b4:cc:d2:a8:72:3b:ea:f3:3e:17: 7e:51:d5:12:26:07:41:62:38:1a:65:64:5f:be:cd:4e:de:70: de:99:31:77:56:b4:e0:f6:ed:70:ec:91:23:ca:6b:06:56:52: 54:a1:4b:be:e4:63:21:b6:e4:a3:66:b3:12:05:ff:91:1a:a3: 6f:41:9b:64:87:e7:45:39:33:87:b9:7e:73:15:8b:7a:fb:f4: 0d:62:aa:ce:a5:40:35:46:30:a4:1f:66:fe:15:cc:82:4a:08: 5b:2e:7c:32:4a:1f:2c:57:40:93:27:ae:15:10:10:ba:b8:70: 24:c9:9a:0b:f8:c1:9b:18:67:fa:2d:ef:29:65:aa:68:5f:f9: 5c:d4:81:c7:73:53:36:81:e4:b4:6b:90:98:5a:6e:c1:12:b7: 7a:a4:66:16 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIURHXvTlwe54w9lHMHgjXvSY2fcoYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzFGNzZDRTJFRjREMDIwRjkyNUUzN0Q3QTlEOEUzNTM5 OEM3QzAxNzAeFw0yNTEwMTUxNjI3NDVaFw0yNjEwMTQxNjMyNDVaMDMxMTAvBgNV BAMTKDA4QkMyQ0U5QjZCRjZENUE5QUU1MUVBQUU0NTdFREIwMEM1RUU1OTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkzZHKjHaxx04C3k7jBX5PO12O 4++vK/Il+nYW56gJL/LG8OPcarOy8I1AZ5+GN9u0jG8ig1SZJutB9SHL63Y4YsTT nnzDDPUZ6/OGrtlpSLRY2jSwlKkziBR/9PoCpyD6CAwutUdUtJnwuYStD/er1zrS lejn0PajcDaowY3wEmDO73al1rFiIwV3qJKBfBX7Ucuw92LdkqUA/Og3X5dc1EOl Rzzj6UhYzJ2p9fvyaZ84Jm2G04yVs8STUYgYz0xSDWp3+CNjhEHJR4GaUFxbL83N VJgSyltg3OVGL7WFUy3HCm05Cw0QdKzhz+TRmc1GO0iNxzLsD16I4Dd0f1x/AgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUCLws6ba/bVqa5R6q5FftsAxe5ZkwHwYDVR0j BBgwFoAUMfds4u9NAg+SXjfXqdjjU5jHwBcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZWJiNjg5MGQtMGQ2Yi00ZWE5LWEyZWYtOTJkMzRhM2Fl NjRkLzAvMzFGNzZDRTJFRjREMDIwRjkyNUUzN0Q3QTlEOEUzNTM5OEM3QzAxNy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMUY3NkNFMkVGNEQwMjBGOTI1RTM3RDdB OUQ4RTM1Mzk4QzdDMDE3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9lYmI2ODkwZC0wZDZiLTRlYTktYTJlZi05MmQzNGEzYWU2NGQvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM3MzgzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz NDM4MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEHhjANBgkqhkiG9w0BAQsFAAOCAQEAJyVB cUrf9Tj8Jh6eEIyH3Kj3sFjiX99yM05ued4wgYgPTljDR9yr9JdTuMtOWexJgeqc Gr9M7zoOGdjagGGj1HF/XMxDyIKFya4FvgmwEDiFRaMpVPooYF+n7kYe22rGmtS0 zNKocjvq8z4XflHVEiYHQWI4GmVkX77NTt5w3pkxd1a04PbtcOyRI8prBlZSVKFL vuRjIbbko2azEgX/kRqjb0GbZIfnRTkzh7l+cxWLevv0DWKqzqVANUYwpB9m/hXM gkoIWy58MkofLFdAkyeuFRAQurhwJMmaC/jBmxhn+i3vKWWqaF/5XNSBx3NTNoHk tGuQmFpuwRK3eqRmFg== -----END CERTIFICATE-----Generated at Fri Oct 24 16:25:47 2025 by rpki-client