$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530333a3a2f34382d3438203d3e20323135393536.roa File: 326131343a373538303a656530333a3a2f34382d3438203d3e20323135393536.roa (raw, json) Hash identifier: fOqLl9BSQ8Slcj2C1mlf1IGa+BOV0eLtADVCtmkqld8= Subject key identifier: C7:78:DA:21:82:3B:1C:9C:FB:1E:20:3E:A3:37:6B:E1:AA:BE:8C:A5 Certificate issuer: /CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B Certificate serial: 3D54BB80511929AF9239C54954407C5AFB2EDE94 Authority key identifier: 9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530333a3a2f34382d3438203d3e20323135393536.roa Signing time: Mon 03 Mar 2025 00:06:47 +0000 ROA not before: Mon 03 Mar 2025 00:01:47 +0000 ROA not after: Mon 02 Mar 2026 00:06:47 +0000 asID: 215956 IP address blocks: 2a14:7580:ee03::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 14:04:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:54:bb:80:51:19:29:af:92:39:c5:49:54:40:7c:5a:fb:2e:de:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B Validity Not Before: Mar 3 00:01:47 2025 GMT Not After : Mar 2 00:06:47 2026 GMT Subject: CN=C778DA21823B1C9CFB1E203EA3376BE1AABE8CA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f9:07:b6:64:1d:ec:a5:ed:c0:a9:59:c9:6f: 6a:d4:4b:bd:88:75:82:43:34:51:7e:9c:27:02:06: 8d:a3:77:23:9b:af:5d:af:2d:c1:03:9d:cb:86:f3: 8d:2e:9c:8f:62:c2:ef:7b:57:6b:4c:8a:12:f7:26: 8f:cb:8a:24:9d:cb:ad:64:56:3b:55:84:78:c8:a9: 62:e8:fe:3b:b3:56:cd:28:9a:c5:d0:2b:5a:f7:85: 45:4c:8a:e1:74:23:e1:f6:3d:d9:fe:7d:73:73:78: a2:8f:68:e6:98:9a:88:e8:6c:b5:7b:1a:00:aa:bb: 2a:77:75:ed:04:3c:a1:b5:ac:a1:db:4b:bd:24:7d: 29:b8:6b:1d:91:d6:36:2c:a8:ae:c5:fe:df:81:c2: 4e:0c:a0:d9:42:bc:b4:c2:d5:2a:a1:98:ae:21:d7: 3e:4a:f0:f0:84:e6:a9:58:22:5f:65:a8:c4:24:a0: 75:59:cc:58:fd:ff:03:2a:80:f4:c6:b5:0c:11:93: c3:b9:9b:5c:7d:de:6c:35:9b:f0:ae:47:70:cb:a8: 7a:8e:14:25:1e:d6:5c:27:6d:98:f4:81:d2:ab:66: 3a:3f:1a:99:e6:ba:bd:19:0e:7f:5b:66:6d:f6:37: 1c:30:23:71:f9:e4:40:99:39:2d:c7:24:21:e0:ce: 66:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:78:DA:21:82:3B:1C:9C:FB:1E:20:3E:A3:37:6B:E1:AA:BE:8C:A5 X509v3 Authority Key Identifier: keyid:9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530333a3a2f34382d3438203d3e20323135393536.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ee03::/48 Signature Algorithm: sha256WithRSAEncryption 62:f7:2c:a0:4b:11:b6:4a:ca:47:dd:2a:c8:59:78:88:a8:ea: da:db:e0:fd:4f:fe:fd:57:d6:0f:e9:61:47:95:68:4c:2e:e3: e8:36:a0:60:2b:2d:e8:68:b1:c5:cf:87:f8:26:88:e1:7c:c2: 8b:91:21:8f:ee:d4:1a:76:e9:0c:55:9b:9e:04:8e:7b:67:4d: 9d:18:c4:9b:6d:5f:60:25:ef:40:a3:aa:ba:78:24:be:a5:69: 26:b3:2e:af:17:8d:31:35:20:05:54:bc:a9:69:6e:38:2d:73: 0a:70:9f:e4:34:a7:be:8e:ae:21:e5:7d:e9:38:cb:8d:bf:1d: 64:2b:03:49:4e:e0:76:fa:79:d6:f3:14:99:3d:b2:5a:1b:9e: f4:b9:43:9a:09:03:9a:af:82:8a:3b:a4:27:06:de:50:fc:03: 27:9c:0a:90:69:22:93:df:8d:e5:d8:dc:9c:29:02:67:ee:58: 73:84:6e:1e:da:a6:ce:17:c0:fc:be:4e:b5:4c:ef:4b:0e:94: 40:eb:41:44:5f:a3:3e:56:3c:d9:7e:9d:ba:ed:4a:8d:53:5a: de:fc:62:0b:48:a7:ee:17:d9:d6:ac:8f:4f:46:be:51:73:8a: 9c:0e:cf:e6:e2:cf:9f:0d:ee:08:30:07:95:0a:8e:f3:7e:47: c6:44:39:15 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUPVS7gFEZKa+SOcVJVEB8Wvsu3pQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5 QjhEOTAyQjAeFw0yNTAzMDMwMDAxNDdaFw0yNjAzMDIwMDA2NDdaMDMxMTAvBgNV BAMTKEM3NzhEQTIxODIzQjFDOUNGQjFFMjAzRUEzMzc2QkUxQUFCRThDQTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+Qe2ZB3spe3AqVnJb2rUS72I dYJDNFF+nCcCBo2jdyObr12vLcEDncuG840unI9iwu97V2tMihL3Jo/LiiSdy61k VjtVhHjIqWLo/juzVs0omsXQK1r3hUVMiuF0I+H2Pdn+fXNzeKKPaOaYmojobLV7 GgCquyp3de0EPKG1rKHbS70kfSm4ax2R1jYsqK7F/t+Bwk4MoNlCvLTC1SqhmK4h 1z5K8PCE5qlYIl9lqMQkoHVZzFj9/wMqgPTGtQwRk8O5m1x93mw1m/CuR3DLqHqO FCUe1lwnbZj0gdKrZjo/Gpnmur0ZDn9bZm32NxwwI3H55ECZOS3HJCHgzmYJAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUx3jaIYI7HJz7HiA+ozdr4aq+jKUwHwYDVR0j BBgwFoAUnIISxdHd6EtVc+/HPauELZuNkCswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj OTEyLzMvOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5QjhEOTAyQi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85QzgyMTJDNUQxRERFODRCNTU3M0VGQzcz REFCODQyRDlCOEQ5MDJCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9lYmYwNGM3Yy1mODJkLTQ3MWQtODVhZC05OGM2NWRlMWM5MTIvMy8zMjYxMzEz NDNhMzczNTM4MzAzYTY1NjUzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM1MzkzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gO4DMA0GCSqGSIb3DQEBCwUAA4IBAQBi 9yygSxG2SspH3SrIWXiIqOra2+D9T/79V9YP6WFHlWhMLuPoNqBgKy3oaLHFz4f4 JojhfMKLkSGP7tQadukMVZueBI57Z02dGMSbbV9gJe9Ao6q6eCS+pWkmsy6vF40x NSAFVLypaW44LXMKcJ/kNKe+jq4h5X3pOMuNvx1kKwNJTuB2+nnW8xSZPbJaG570 uUOaCQOar4KKO6QnBt5Q/AMnnAqQaSKT343l2NycKQJn7lhzhG4e2qbOF8D8vk61 TO9LDpRA60FEX6M+VjzZfp267UqNU1re/GILSKfuF9nWrI9PRr5Rc4qcDs/m4s+f De4IMAeVCo7zfkfGRDkV -----END CERTIFICATE-----Generated at Sat Apr 5 06:26:59 2025 by rpki-client