$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538343a326630303a3a2f34302d3430203d3e20323134343531.roa File: 326131343a373538343a326630303a3a2f34302d3430203d3e20323134343531.roa (raw, json) Hash identifier: BVEufTN1j/5/3JlAtiBF76psjVuWYELIUZLMoB7yQqo= Subject key identifier: 90:9D:B1:DC:42:B3:44:FA:AE:1F:0D:1B:D9:0E:0F:CF:03:53:4C:B1 Certificate issuer: /CN=41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B Certificate serial: 3654417E99FDE48B5FF231D7F0AE0E4A77C9EF47 Authority key identifier: 41:C6:B5:56:7A:DB:76:46:22:2A:1B:9F:1A:A7:03:8F:0C:2D:4B:4B Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538343a326630303a3a2f34302d3430203d3e20323134343531.roa Signing time: Fri 20 Jun 2025 11:26:33 +0000 ROA not before: Fri 20 Jun 2025 11:21:33 +0000 ROA not after: Fri 19 Jun 2026 11:26:33 +0000 asID: 214451 IP address blocks: 2a14:7584:2f00::/40 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.crl rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 30 Jun 2025 16:39:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:54:41:7e:99:fd:e4:8b:5f:f2:31:d7:f0:ae:0e:4a:77:c9:ef:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B Validity Not Before: Jun 20 11:21:33 2025 GMT Not After : Jun 19 11:26:33 2026 GMT Subject: CN=909DB1DC42B344FAAE1F0D1BD90E0FCF03534CB1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:83:a2:80:15:05:a9:8d:18:82:d6:f2:02:64: 00:70:8b:eb:9d:65:71:ab:87:01:69:62:e6:a5:6e: 02:60:19:e4:0f:2e:b8:f0:9b:1d:88:9f:80:4f:31: 44:2d:1d:a7:22:4c:0d:67:02:b7:24:a9:00:28:b8: fc:2e:f2:ef:90:7f:ce:18:93:76:07:96:e4:3e:69: 59:68:8b:b0:6c:81:86:65:46:d6:b8:b0:10:19:93: 07:ff:bf:e9:df:3e:ca:37:b1:80:aa:90:a5:a7:f0: 5a:8e:17:95:63:28:7d:43:58:54:3f:0b:bc:a2:0f: 58:7f:cb:6c:dd:6d:ba:8b:59:e1:00:03:86:cd:ae: f6:b7:64:b2:d0:f4:d7:ab:f8:42:66:b7:64:bd:6d: c1:63:2b:8f:4f:d2:b3:72:70:46:62:0a:36:b9:9d: 26:0f:c1:3e:44:02:e8:90:49:63:ba:1c:b9:6b:5d: c6:4e:49:10:18:50:6e:bb:a5:d3:cf:a3:05:3c:f0: 25:0d:d5:f2:87:cf:8b:aa:4e:2f:a6:00:ee:65:d7: 86:7d:55:c4:1a:e8:2f:1f:72:46:93:23:73:71:84: 27:a2:b9:59:5f:70:89:9e:7e:9e:cb:01:60:31:83: 19:64:44:4a:24:05:3f:e7:f7:4b:0d:3d:9c:d4:a0: f9:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:9D:B1:DC:42:B3:44:FA:AE:1F:0D:1B:D9:0E:0F:CF:03:53:4C:B1 X509v3 Authority Key Identifier: keyid:41:C6:B5:56:7A:DB:76:46:22:2A:1B:9F:1A:A7:03:8F:0C:2D:4B:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538343a326630303a3a2f34302d3430203d3e20323134343531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:2f00::/40 Signature Algorithm: sha256WithRSAEncryption b6:34:79:29:bf:c5:c2:9f:5c:e9:4b:ef:98:ef:a5:ed:72:20: 09:b4:a4:99:f9:70:c5:91:81:0a:09:b1:e7:6b:dd:f2:88:fb: f7:b8:d5:e6:5c:93:3c:19:27:80:85:9e:21:dd:3c:08:32:55: 06:ae:44:89:3c:f8:85:96:92:c7:55:de:93:1d:17:02:a2:cd: e7:da:36:e7:c5:e7:de:49:2f:95:74:98:f3:ff:8c:35:82:1a: d4:06:e1:ca:c5:a7:66:04:dc:ac:6f:f8:cf:f2:01:57:37:a9: d6:cf:9d:34:99:bf:83:05:79:c0:7a:94:fa:d5:4b:3e:89:f1: 63:f7:9b:12:72:8f:ff:fd:a6:b4:d7:b0:6d:1a:47:8c:bb:16: 71:0f:5f:f8:54:f5:b2:97:b5:36:4d:25:3c:9e:97:19:d9:85: 48:4c:17:02:70:6b:f9:ff:76:56:9c:a0:f1:92:c7:e6:7d:f0: 0c:62:69:0f:bb:56:cf:ce:fc:41:0a:3b:8c:ad:26:dd:51:b2: eb:dd:32:6b:4e:ac:ec:8e:af:9e:6c:9e:ae:af:3b:49:66:a1: 5f:c9:ca:76:7f:cb:60:8c:d0:44:09:f9:5f:60:4b:72:59:c5: 82:f7:aa:c8:ea:81:ce:d8:13:a0:03:2c:09:da:47:fc:5d:b3: 05:72:a6:68 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUNlRBfpn95Itf8jHX8K4OSnfJ70cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFDNkI1NTY3QURCNzY0NjIyMkExQjlGMUFBNzAzOEYw QzJENEI0QjAeFw0yNTA2MjAxMTIxMzNaFw0yNjA2MTkxMTI2MzNaMDMxMTAvBgNV BAMTKDkwOURCMURDNDJCMzQ0RkFBRTFGMEQxQkQ5MEUwRkNGMDM1MzRDQjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClg6KAFQWpjRiC1vICZABwi+ud ZXGrhwFpYualbgJgGeQPLrjwmx2In4BPMUQtHaciTA1nArckqQAouPwu8u+Qf84Y k3YHluQ+aVloi7BsgYZlRta4sBAZkwf/v+nfPso3sYCqkKWn8FqOF5VjKH1DWFQ/ C7yiD1h/y2zdbbqLWeEAA4bNrva3ZLLQ9Ner+EJmt2S9bcFjK49P0rNycEZiCja5 nSYPwT5EAuiQSWO6HLlrXcZOSRAYUG67pdPPowU88CUN1fKHz4uqTi+mAO5l14Z9 VcQa6C8fckaTI3NxhCeiuVlfcImefp7LAWAxgxlkREokBT/n90sNPZzUoPnBAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUkJ2x3EKzRPquHw0b2Q4PzwNTTLEwHwYDVR0j BBgwFoAUQca1VnrbdkYiKhufGqcDjwwtS0swDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjJjZjhiYTctY2IwMi00MThiLWJlMDQtNGQ5ZjNhMDdl OTUwLzEvNDFDNkI1NTY3QURCNzY0NjIyMkExQjlGMUFBNzAzOEYwQzJENEI0Qi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC80MUM2QjU1NjdBREI3NjQ2MjIyQTFCOUYx QUE3MDM4RjBDMkQ0QjRCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yMmNmOGJhNy1jYjAyLTQxOGItYmUwNC00ZDlmM2EwN2U5NTAvMS8zMjYxMzEz NDNhMzczNTM4MzQzYTMyNjYzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz MTM0MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1hC8wDQYJKoZIhvcNAQELBQADggEBALY0 eSm/xcKfXOlL75jvpe1yIAm0pJn5cMWRgQoJsedr3fKI+/e41eZckzwZJ4CFniHd PAgyVQauRIk8+IWWksdV3pMdFwKizefaNufF595JL5V0mPP/jDWCGtQG4crFp2YE 3Kxv+M/yAVc3qdbPnTSZv4MFecB6lPrVSz6J8WP3mxJyj//9prTXsG0aR4y7FnEP X/hU9bKXtTZNJTyelxnZhUhMFwJwa/n/dlacoPGSx+Z98AxiaQ+7Vs/O/EEKO4yt Jt1RsuvdMmtOrOyOr55snq6vO0lmoV/JynZ/y2CM0EQJ+V9gS3JZxYL3qsjqgc7Y E6ADLAnaR/xdswVypmg= -----END CERTIFICATE-----Generated at Mon Jun 30 05:17:51 2025 by rpki-client