$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa File: 326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa (raw, json) Hash identifier: IrzDtIj0AlXPRTO7R/Sx9Wz1/g3+OlKqFRdo5p5WK/A= Subject key identifier: 16:4D:B1:8E:06:4E:09:89:76:6E:BF:E9:57:83:31:78:10:5A:57:E8 Certificate issuer: /CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B Certificate serial: 6220E0A7C9019E99D8EBD70FF5B2AB150AECF7FC Authority key identifier: 9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa Signing time: Fri 07 Mar 2025 23:44:55 +0000 ROA not before: Fri 07 Mar 2025 23:39:55 +0000 ROA not after: Fri 06 Mar 2026 23:44:55 +0000 asID: 215956 IP address blocks: 2a14:7580:ee08::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 25 Oct 2025 08:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:20:e0:a7:c9:01:9e:99:d8:eb:d7:0f:f5:b2:ab:15:0a:ec:f7:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B Validity Not Before: Mar 7 23:39:55 2025 GMT Not After : Mar 6 23:44:55 2026 GMT Subject: CN=164DB18E064E0989766EBFE957833178105A57E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ec:09:45:6c:3b:52:a5:7d:0d:6d:1c:1c:ff: 74:a0:42:4d:f3:86:b1:ec:72:7b:c7:af:c2:68:67: 5d:41:84:9c:f8:d8:92:52:c6:20:3c:4d:a1:ce:58: b1:8e:87:13:5a:ae:eb:9f:de:20:8c:53:d3:ff:bc: a7:73:54:a6:0e:22:ef:59:51:5b:00:be:b1:8c:30: e9:7e:a3:63:3d:2b:6f:73:79:fe:55:74:73:4d:7d: 16:a9:1e:54:24:0f:77:3d:66:f1:34:7d:10:fd:36: f2:a7:2a:3d:3f:52:65:e2:36:a9:05:0a:e7:48:f4: 50:e6:b8:60:38:c3:3d:f9:eb:1d:56:20:ee:cb:1e: f7:03:96:8d:00:0f:26:7a:75:bc:6f:59:00:79:7e: 58:36:1a:e3:1e:c3:c1:39:97:39:7c:c0:c2:21:56: 6b:3e:66:2d:4d:93:14:29:48:27:bc:5c:3c:6f:cb: bd:1f:27:5d:b4:ee:4c:d8:cf:83:d6:84:66:73:85: 56:14:eb:bf:5f:92:c7:f6:7d:da:8c:09:f9:2e:49: 26:e7:ca:6b:fb:69:6c:d2:ec:fc:95:47:24:c7:e9: 60:8e:0a:a2:4a:e4:a9:ab:d8:ed:f0:16:2e:e7:24: 15:cc:88:8d:2c:53:11:39:ba:e1:f0:7b:d7:64:f3: 28:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:4D:B1:8E:06:4E:09:89:76:6E:BF:E9:57:83:31:78:10:5A:57:E8 X509v3 Authority Key Identifier: keyid:9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ee08::/48 Signature Algorithm: sha256WithRSAEncryption a5:0f:56:4b:9b:5f:64:aa:c4:0d:6a:45:97:98:b0:88:40:c5: 77:c4:cf:bb:9d:22:4b:4b:cd:5e:a3:59:45:16:36:55:e3:47: a6:c4:af:ee:38:bf:a3:99:03:27:5a:d1:2c:6c:f8:2b:00:8a: 60:97:52:bb:e1:30:57:ac:e8:77:61:ed:5b:99:b7:15:4a:00: 05:52:03:55:b2:3f:2a:c2:c1:6e:4e:09:73:8d:bb:a6:85:ce: 90:c5:b2:ae:b4:b4:cb:86:8b:2e:03:c5:35:e6:a5:bb:f0:e2: 01:eb:8d:7b:86:9b:70:b6:cc:39:37:cb:4f:ce:e3:98:fb:27: 51:c2:a5:9c:f0:e9:b6:e6:a9:5d:d8:25:09:c9:c5:d2:fd:0c: 7f:67:86:53:59:9f:20:b2:91:98:99:c8:a7:e2:77:ff:e0:73: 49:c7:ce:55:6c:2c:fa:f4:b5:4b:ea:b8:aa:55:30:e9:43:f5: 1d:29:00:78:df:08:16:1f:bb:56:c4:e8:81:b4:1c:2d:3d:2e: e8:48:5b:26:79:29:22:b7:65:31:39:04:20:58:25:bd:84:31: b2:a6:eb:88:f1:d7:06:0d:67:d7:b1:e4:76:b3:f5:1e:40:4f: f2:19:d4:81:b3:31:30:0c:dc:8e:41:f8:4c:18:0e:46:06:ba: 5d:1a:b2:6d -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUYiDgp8kBnpnY69cP9bKrFQrs9/wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5 QjhEOTAyQjAeFw0yNTAzMDcyMzM5NTVaFw0yNjAzMDYyMzQ0NTVaMDMxMTAvBgNV BAMTKDE2NERCMThFMDY0RTA5ODk3NjZFQkZFOTU3ODMzMTc4MTA1QTU3RTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY7AlFbDtSpX0NbRwc/3SgQk3z hrHscnvHr8JoZ11BhJz42JJSxiA8TaHOWLGOhxNaruuf3iCMU9P/vKdzVKYOIu9Z UVsAvrGMMOl+o2M9K29zef5VdHNNfRapHlQkD3c9ZvE0fRD9NvKnKj0/UmXiNqkF CudI9FDmuGA4wz356x1WIO7LHvcDlo0ADyZ6dbxvWQB5flg2GuMew8E5lzl8wMIh Vms+Zi1NkxQpSCe8XDxvy70fJ1207kzYz4PWhGZzhVYU679fksf2fdqMCfkuSSbn ymv7aWzS7PyVRyTH6WCOCqJK5Kmr2O3wFi7nJBXMiI0sUxE5uuHwe9dk8yhNAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUFk2xjgZOCYl2br/pV4MxeBBaV+gwHwYDVR0j BBgwFoAUnIISxdHd6EtVc+/HPauELZuNkCswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj OTEyLzMvOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5QjhEOTAyQi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85QzgyMTJDNUQxRERFODRCNTU3M0VGQzcz REFCODQyRDlCOEQ5MDJCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9lYmYwNGM3Yy1mODJkLTQ3MWQtODVhZC05OGM2NWRlMWM5MTIvMy8zMjYxMzEz NDNhMzczNTM4MzAzYTY1NjUzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM1MzkzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gO4IMA0GCSqGSIb3DQEBCwUAA4IBAQCl D1ZLm19kqsQNakWXmLCIQMV3xM+7nSJLS81eo1lFFjZV40emxK/uOL+jmQMnWtEs bPgrAIpgl1K74TBXrOh3Ye1bmbcVSgAFUgNVsj8qwsFuTglzjbumhc6QxbKutLTL hosuA8U15qW78OIB6417hptwtsw5N8tPzuOY+ydRwqWc8Om25qld2CUJycXS/Qx/ Z4ZTWZ8gspGYmcin4nf/4HNJx85VbCz69LVL6riqVTDpQ/UdKQB43wgWH7tWxOiB tBwtPS7oSFsmeSkit2UxOQQgWCW9hDGypuuI8dcGDWfXseR2s/UeQE/yGdSBszEw DNyOQfhMGA5GBrpdGrJt -----END CERTIFICATE-----Generated at Fri Oct 24 16:39:56 2025 by rpki-client