$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/092d16f2-9b46-4a11-ac59-42b3ddee1106/2/326130663a316363363a623139303a3a2f34342d3438203d3e20313938333035.roa File: 326130663a316363363a623139303a3a2f34342d3438203d3e20313938333035.roa (raw, json) Hash identifier: MqnRABjnmlRpFJeXPojgQfKbU77XB43KxaLrjADcIBQ= Subject key identifier: B6:CF:F4:8E:2C:27:58:F1:73:A0:47:F8:D5:DB:65:D3:A8:7A:16:FE Certificate issuer: /CN=529BFC6DD306B2C49629AA6CEB313194CAA5D33F Certificate serial: 573339D4EDF6D49FA44EA9EEAE540BE258D3E63B Authority key identifier: 52:9B:FC:6D:D3:06:B2:C4:96:29:AA:6C:EB:31:31:94:CA:A5:D3:3F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/529BFC6DD306B2C49629AA6CEB313194CAA5D33F.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/092d16f2-9b46-4a11-ac59-42b3ddee1106/2/326130663a316363363a623139303a3a2f34342d3438203d3e20313938333035.roa Signing time: Wed 29 Apr 2026 19:12:16 +0000 ROA not before: Wed 29 Apr 2026 19:07:16 +0000 ROA not after: Wed 28 Apr 2027 19:12:16 +0000 asID: 198305 IP address blocks: 2a0f:1cc6:b190::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/092d16f2-9b46-4a11-ac59-42b3ddee1106/2/529BFC6DD306B2C49629AA6CEB313194CAA5D33F.crl rsync://rsync.paas.rpki.ripe.net/repository/092d16f2-9b46-4a11-ac59-42b3ddee1106/2/529BFC6DD306B2C49629AA6CEB313194CAA5D33F.mft rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/529BFC6DD306B2C49629AA6CEB313194CAA5D33F.cer rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 19:08:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:33:39:d4:ed:f6:d4:9f:a4:4e:a9:ee:ae:54:0b:e2:58:d3:e6:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=529BFC6DD306B2C49629AA6CEB313194CAA5D33F Validity Not Before: Apr 29 19:07:16 2026 GMT Not After : Apr 28 19:12:16 2027 GMT Subject: CN=B6CFF48E2C2758F173A047F8D5DB65D3A87A16FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:21:ce:0d:8f:1c:91:3a:be:25:4c:c4:f8:47: d3:95:5b:cd:03:01:89:d7:00:01:50:ae:cb:5e:5b: 2d:13:5f:44:d7:e9:bb:5b:67:31:d7:48:40:d0:d6: c4:cc:09:f7:4e:76:f7:48:c7:e1:65:86:b1:d4:c9: 87:9c:bd:83:b3:2c:e1:1c:d7:c1:8d:0f:de:64:a1: ab:55:b1:39:ee:56:86:5a:22:2c:37:19:ea:5f:96: 82:7f:61:a1:31:34:bb:64:fe:d3:b0:fe:c6:cf:14: ab:bc:c5:e3:48:e8:f3:24:85:43:87:33:0a:9d:c9: 6b:ce:15:37:19:29:48:26:e7:74:5a:19:e8:64:fe: 41:3c:98:8f:17:ec:44:39:95:00:03:18:65:23:85: 8c:05:1d:35:6c:b2:31:02:7f:94:d9:c4:8e:ac:90: 0c:15:93:0c:59:02:99:7f:6b:d5:77:5e:72:39:74: 09:54:5a:b4:86:72:7b:5b:cc:51:0f:6a:f0:ed:15: 82:fd:e9:6f:40:0a:ce:51:2a:d3:0c:01:9d:53:d1: 3b:f2:f9:38:b3:39:44:ce:93:66:40:df:aa:fd:c7: 55:d5:d4:a8:97:bd:32:32:3a:fa:5c:66:ee:73:e9: 62:06:16:a8:53:d3:95:ec:f9:97:7c:7c:a5:75:e6: 52:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:CF:F4:8E:2C:27:58:F1:73:A0:47:F8:D5:DB:65:D3:A8:7A:16:FE X509v3 Authority Key Identifier: keyid:52:9B:FC:6D:D3:06:B2:C4:96:29:AA:6C:EB:31:31:94:CA:A5:D3:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/092d16f2-9b46-4a11-ac59-42b3ddee1106/2/529BFC6DD306B2C49629AA6CEB313194CAA5D33F.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/529BFC6DD306B2C49629AA6CEB313194CAA5D33F.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/092d16f2-9b46-4a11-ac59-42b3ddee1106/2/326130663a316363363a623139303a3a2f34342d3438203d3e20313938333035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc6:b190::/44 Signature Algorithm: sha256WithRSAEncryption 76:9a:3c:b2:7b:01:14:bd:06:7f:21:46:4b:c4:44:1b:b4:71: af:e3:d3:f0:b3:04:1e:23:49:d2:f4:53:21:b4:37:6f:58:d7: 5a:47:21:15:4c:11:76:5c:7c:56:7b:43:ee:05:62:52:32:4e: 70:6b:55:93:87:b4:20:ef:ce:09:ba:a5:3f:2b:15:25:09:66: c8:0a:44:01:d2:60:fa:33:a0:85:e0:3d:70:13:76:56:4e:90: 30:b7:20:e9:0f:4b:d9:d0:54:52:3d:f2:de:1b:bb:ac:26:3d: 05:1c:da:50:61:69:aa:5d:83:97:16:c4:e1:6e:1b:9c:3f:74: b2:48:e5:07:d1:21:6d:f4:73:40:e4:40:ed:71:a5:d3:e5:56: 65:8a:cf:ed:38:2f:40:d0:c9:d1:3d:62:db:56:74:2d:32:2e: 28:57:89:43:a5:f4:e4:57:26:c4:17:34:36:95:14:cc:64:62: 63:fb:06:77:51:80:a9:db:ee:77:bf:53:b2:cc:06:09:7a:9a: 09:0c:1e:29:41:0e:94:5c:2f:c6:3c:bc:31:51:a2:fa:dc:d0: 12:ee:95:1c:3b:35:99:74:d5:a4:fa:d0:84:69:f1:86:24:1c: 26:36:65:d5:c9:f6:54:10:30:d2:9e:30:4d:87:ce:3e:b8:c9: ec:47:f3:0b -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUVzM51O321J+kTqnurlQL4ljT5jswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTI5QkZDNkREMzA2QjJDNDk2MjlBQTZDRUIzMTMxOTRD QUE1RDMzRjAeFw0yNjA0MjkxOTA3MTZaFw0yNzA0MjgxOTEyMTZaMDMxMTAvBgNV BAMTKEI2Q0ZGNDhFMkMyNzU4RjE3M0EwNDdGOEQ1REI2NUQzQTg3QTE2RkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEIc4NjxyROr4lTMT4R9OVW80D AYnXAAFQrsteWy0TX0TX6btbZzHXSEDQ1sTMCfdOdvdIx+FlhrHUyYecvYOzLOEc 18GND95koatVsTnuVoZaIiw3GepfloJ/YaExNLtk/tOw/sbPFKu8xeNI6PMkhUOH MwqdyWvOFTcZKUgm53RaGehk/kE8mI8X7EQ5lQADGGUjhYwFHTVssjECf5TZxI6s kAwVkwxZApl/a9V3XnI5dAlUWrSGcntbzFEPavDtFYL96W9ACs5RKtMMAZ1T0Tvy +TizOUTOk2ZA36r9x1XV1KiXvTIyOvpcZu5z6WIGFqhT05Xs+Zd8fKV15lLbAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUts/0jiwnWPFzoEf41dtl06h6Fv4wHwYDVR0j BBgwFoAUUpv8bdMGssSWKaps6zExlMql0z8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDkyZDE2ZjItOWI0Ni00YTExLWFjNTktNDJiM2RkZWUx MTA2LzIvNTI5QkZDNkREMzA2QjJDNDk2MjlBQTZDRUIzMTMxOTRDQUE1RDMzRi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5 MzktOTVlOS0wMDc3YjgwYjRmMGUvMC81MjlCRkM2REQzMDZCMkM0OTYyOUFBNkNF QjMxMzE5NENBQTVEMzNGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8wOTJkMTZmMi05YjQ2LTRhMTEtYWM1OS00MmIzZGRlZTExMDYvMi8zMjYxMzA2 NjNhMzE2MzYzMzYzYTYyMzEzOTMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzEz OTM4MzMzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKg8cxrGQMA0GCSqGSIb3DQEBCwUAA4IBAQB2 mjyyewEUvQZ/IUZLxEQbtHGv49PwswQeI0nS9FMhtDdvWNdaRyEVTBF2XHxWe0Pu BWJSMk5wa1WTh7Qg784JuqU/KxUlCWbICkQB0mD6M6CF4D1wE3ZWTpAwtyDpD0vZ 0FRSPfLeG7usJj0FHNpQYWmqXYOXFsThbhucP3SySOUH0SFt9HNA5EDtcaXT5VZl is/tOC9A0MnRPWLbVnQtMi4oV4lDpfTkVybEFzQ2lRTMZGJj+wZ3UYCp2+53v1Oy zAYJepoJDB4pQQ6UXC/GPLwxUaL63NAS7pUcOzWZdNWk+tCEafGGJBwmNmXVyfZU EDDSnjBNh84+uMnsR/ML -----END CERTIFICATE-----Generated at Wed May 13 09:15:00 2026 by rpki-client