$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034313a3a2f33322d3332203d3e203437323732.roa File: 326130613a363034313a3a2f33322d3332203d3e203437323732.roa (raw, json) Hash identifier: e5trK+RgKbHRjbTiUa5ULhgeVkIXhqhOkb+GjBLbeUA= Subject key identifier: 0F:68:81:AB:F9:22:BE:40:52:28:17:7F:56:B6:0A:CF:52:A9:A8:91 Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36 Certificate serial: 579AEA2BE30B9CE52FF4B436220E2FB561ED64B1 Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034313a3a2f33322d3332203d3e203437323732.roa Signing time: Fri 07 Feb 2025 19:13:21 +0000 ROA not before: Fri 07 Feb 2025 19:08:21 +0000 ROA not after: Fri 06 Feb 2026 19:13:21 +0000 asID: 47272 IP address blocks: 2a0a:6041::/32 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 03 Apr 2025 15:16:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:9a:ea:2b:e3:0b:9c:e5:2f:f4:b4:36:22:0e:2f:b5:61:ed:64:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36 Validity Not Before: Feb 7 19:08:21 2025 GMT Not After : Feb 6 19:13:21 2026 GMT Subject: CN=0F6881ABF922BE405228177F56B60ACF52A9A891 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d0:93:62:7d:41:22:0b:ba:68:d7:22:50:cc: 77:b1:bd:0c:ca:57:f5:d0:d8:6a:ce:bd:fe:77:1c: fe:69:84:ac:e0:04:85:f1:51:e3:07:fb:94:e0:e6: ec:c4:0c:a0:21:58:b1:ea:56:83:26:67:a4:f9:36: a5:40:76:17:f8:43:de:f9:3f:56:9f:36:37:38:8d: 65:f2:27:dd:19:e9:d5:54:a1:cd:0a:09:13:34:31: 6e:dd:7d:8e:95:41:f8:29:2d:18:48:88:25:76:0a: 5e:93:57:39:5d:59:88:0b:69:37:24:c1:d4:4f:f0: 59:c9:bf:4b:6f:2c:0e:07:8c:b4:c9:bf:43:01:ab: 07:f9:09:da:26:e1:69:8a:fd:33:51:2e:8e:26:b3: 6a:4e:99:e8:c0:51:6e:27:2a:38:43:9e:ed:02:c8: 08:c3:98:0f:52:1b:82:ba:51:35:04:e9:d8:ae:57: 1a:51:6a:a5:c4:19:c5:9c:99:d7:51:fb:9b:36:50: 18:7f:d4:7c:2d:fc:65:55:6f:66:c9:0c:f7:4c:4c: 79:be:04:78:75:25:e5:ec:75:a5:44:84:8f:be:d1: 24:76:dc:73:df:e8:32:40:55:4f:0f:6e:08:25:47: 96:62:d0:69:fa:6f:6d:5f:23:93:ca:a3:4d:a8:cc: 72:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:68:81:AB:F9:22:BE:40:52:28:17:7F:56:B6:0A:CF:52:A9:A8:91 X509v3 Authority Key Identifier: keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034313a3a2f33322d3332203d3e203437323732.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6041::/32 Signature Algorithm: sha256WithRSAEncryption b3:79:f3:85:3d:86:99:bd:13:24:02:2d:82:9e:a7:75:b2:7c: e9:2c:4d:11:9f:67:3f:da:46:46:f2:e5:7e:5d:eb:59:2e:15: 26:5e:fc:f1:52:ef:01:4c:f5:26:06:a4:2b:de:29:63:f3:f4: e4:2b:56:ab:40:76:47:ff:03:3b:78:05:e5:3a:3d:98:d7:6e: e5:6e:bc:13:7b:72:4b:e8:00:01:90:7b:6d:48:a3:f6:72:13: c3:f4:85:27:c8:fa:ed:b7:a7:0d:b0:55:6d:13:10:95:90:f9: 6b:b1:9d:2a:38:3c:67:9a:61:84:e2:e0:7a:79:bb:53:50:90: be:47:89:9d:38:16:cb:84:87:96:4a:9c:cc:42:2b:4b:54:a7: 0b:6c:2b:14:e9:b2:bd:d1:df:9f:ef:36:bf:92:08:a8:41:f0: 15:60:a8:29:6b:63:ce:6e:8b:7e:96:30:14:60:2e:0e:7e:ba: b2:a5:09:f1:56:4a:9c:cf:35:6e:ea:65:4c:76:1e:ac:d4:fa: 4d:e5:37:3c:f5:91:55:3c:be:69:4e:ff:38:9e:ca:9d:83:92: e0:b0:fa:d4:e7:73:39:94:40:f7:6d:97:a6:38:87:50:4a:ec: 9f:6d:4f:b0:f8:4e:dd:79:71:4d:56:65:f1:8c:02:cc:fa:6c: d6:76:8d:9b -----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgIUV5rqK+MLnOUv9LQ2Ig4vtWHtZLEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx OEMyM0IzNjAeFw0yNTAyMDcxOTA4MjFaFw0yNjAyMDYxOTEzMjFaMDMxMTAvBgNV BAMTKDBGNjg4MUFCRjkyMkJFNDA1MjI4MTc3RjU2QjYwQUNGNTJBOUE4OTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC40JNifUEiC7po1yJQzHexvQzK V/XQ2GrOvf53HP5phKzgBIXxUeMH+5Tg5uzEDKAhWLHqVoMmZ6T5NqVAdhf4Q975 P1afNjc4jWXyJ90Z6dVUoc0KCRM0MW7dfY6VQfgpLRhIiCV2Cl6TVzldWYgLaTck wdRP8FnJv0tvLA4HjLTJv0MBqwf5Cdom4WmK/TNRLo4ms2pOmejAUW4nKjhDnu0C yAjDmA9SG4K6UTUE6diuVxpRaqXEGcWcmddR+5s2UBh/1Hwt/GVVb2bJDPdMTHm+ BHh1JeXsdaVEhI++0SR23HPf6DJAVU8PbgglR5Zi0Gn6b21fI5PKo02ozHJFAgMB AAGjggJsMIICaDAdBgNVHQ4EFgQUD2iBq/kivkBSKBd/VrYKz1KpqJEwHwYDVR0j BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5 OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy M0IzNi5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzMvMzI2MTMwNjEzYTM2MzAzNDMx M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzQzNzMyMzczMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoK YEEwDQYJKoZIhvcNAQELBQADggEBALN584U9hpm9EyQCLYKep3WyfOksTRGfZz/a Rkby5X5d61kuFSZe/PFS7wFM9SYGpCveKWPz9OQrVqtAdkf/Azt4BeU6PZjXbuVu vBN7ckvoAAGQe21Io/ZyE8P0hSfI+u23pw2wVW0TEJWQ+WuxnSo4PGeaYYTi4Hp5 u1NQkL5HiZ04FsuEh5ZKnMxCK0tUpwtsKxTpsr3R35/vNr+SCKhB8BVgqClrY85u i36WMBRgLg5+urKlCfFWSpzPNW7qZUx2HqzU+k3lNzz1kVU8vmlO/zieyp2DkuCw +tTnczmUQPdtl6Y4h1BK7J9tT7D4Tt15cU1WZfGMAsz6bNZ2jZs= -----END CERTIFICATE-----Generated at Thu Apr 3 07:10:24 2025 by rpki-client