$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa File: 326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa (raw, json) Hash identifier: NDSS2hHdj8htIMoCQNzuGfJRE+FjfS7resxOlAoGNDM= Subject key identifier: 0D:8C:AC:DE:D9:83:B9:4D:4E:5D:32:C5:96:66:A1:70:E6:FA:85:4B Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Certificate serial: 5D0A59ED4A095952E9C70EE31620D6942DECE81D Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa Signing time: Sat 20 Sep 2025 08:32:19 +0000 ROA not before: Sat 20 Sep 2025 08:27:19 +0000 ROA not after: Sat 19 Sep 2026 08:32:19 +0000 asID: 48700 IP address blocks: 2a14:1ec7:c000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 Oct 2025 10:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:0a:59:ed:4a:09:59:52:e9:c7:0e:e3:16:20:d6:94:2d:ec:e8:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Validity Not Before: Sep 20 08:27:19 2025 GMT Not After : Sep 19 08:32:19 2026 GMT Subject: CN=0D8CACDED983B94D4E5D32C59666A170E6FA854B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:0c:d3:1e:b1:73:7f:67:ad:82:9a:c8:92:1d: 8c:ed:7a:39:5f:45:e3:c8:8e:92:26:6b:37:d3:16: bc:f2:1a:cd:04:be:cb:84:0d:64:a8:55:6e:ae:02: 36:f7:a7:eb:0f:d5:0a:94:cd:4e:fb:f4:ed:54:6b: f1:d3:58:8a:6b:7c:d8:42:f1:66:fa:10:a4:2b:86: 60:6a:ec:2e:63:e3:b5:8a:5c:32:2e:49:15:c4:9b: a2:f3:e9:0a:f9:9d:6b:f9:01:58:3e:83:78:01:b9: ba:b9:38:7f:61:58:e5:ad:a9:1c:4d:0a:2f:16:c5: 08:be:69:eb:5b:c6:5f:4f:f5:73:a7:ee:aa:db:97: 9c:fc:f4:03:e8:56:98:2f:1f:76:8f:d4:89:ea:b3: c4:d2:f3:30:3e:b9:68:20:1e:36:d7:16:8b:28:a6: 31:ad:53:d1:22:ee:7e:de:e8:65:b0:0f:5d:15:b2: 5d:a6:d2:fd:5c:a3:2e:2e:ad:53:37:79:1e:c0:60: 83:de:e1:b3:b4:62:25:fa:91:b8:4c:c8:73:b6:27: aa:ba:ed:d3:22:c3:1a:bb:88:71:5a:e6:40:54:2e: a9:47:9d:34:56:2b:4f:67:6e:1f:37:98:fd:d5:5f: 51:34:30:7e:e1:24:89:f7:85:98:93:dc:72:55:fc: 01:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:8C:AC:DE:D9:83:B9:4D:4E:5D:32:C5:96:66:A1:70:E6:FA:85:4B X509v3 Authority Key Identifier: keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec7:c000::/36 Signature Algorithm: sha256WithRSAEncryption 8f:aa:1f:91:46:11:49:93:db:db:5f:21:1a:0b:a4:fd:62:33: c1:01:f9:12:93:e8:0f:e9:52:6e:31:84:65:9a:4d:e8:32:1b: 1a:6d:55:7c:96:e0:a0:1e:1c:26:1e:f2:80:64:38:fc:62:3a: de:62:47:62:c4:bb:7d:fc:ac:2d:d6:e5:7d:9b:2e:76:27:ea: 55:1c:e1:49:40:29:86:53:e4:da:55:07:cf:96:58:96:8b:bb: ea:b5:b3:8c:b0:0a:b2:b0:fc:f1:39:cb:bc:c7:31:ce:1a:46: d8:11:68:4c:e9:27:b4:8d:e4:ae:6d:1e:59:9a:e1:e2:2e:33: cd:85:af:40:c7:e5:ee:d2:dd:11:a3:84:f1:2f:64:f4:ce:da: af:cf:e3:71:62:b2:80:6f:62:0e:ec:ad:38:ee:7e:3a:94:a3: 42:d8:40:ab:85:47:dc:db:9e:86:65:3e:2e:9c:d6:6c:31:02: 30:ab:f0:6b:be:ff:3d:7a:56:e9:19:15:31:e1:b2:ad:9f:f6: 88:79:21:fa:35:d5:34:be:c5:2c:98:f8:4b:6e:99:18:53:24: ef:9f:68:16:d2:5d:9e:6a:a0:94:4b:42:14:27:97:d8:7c:8a: 07:53:72:e3:e3:ff:24:68:aa:9a:ee:b5:a0:00:82:f4:75:ac: d9:7d:fe:92 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUXQpZ7UoJWVLpxw7jFiDWlC3s6B0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG NEFCREVDNjAeFw0yNTA5MjAwODI3MTlaFw0yNjA5MTkwODMyMTlaMDMxMTAvBgNV BAMTKDBEOENBQ0RFRDk4M0I5NEQ0RTVEMzJDNTk2NjZBMTcwRTZGQTg1NEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZDNMesXN/Z62CmsiSHYztejlf RePIjpImazfTFrzyGs0EvsuEDWSoVW6uAjb3p+sP1QqUzU779O1Ua/HTWIprfNhC 8Wb6EKQrhmBq7C5j47WKXDIuSRXEm6Lz6Qr5nWv5AVg+g3gBubq5OH9hWOWtqRxN Ci8WxQi+aetbxl9P9XOn7qrbl5z89APoVpgvH3aP1Inqs8TS8zA+uWggHjbXFoso pjGtU9Ei7n7e6GWwD10Vsl2m0v1coy4urVM3eR7AYIPe4bO0YiX6kbhMyHO2J6q6 7dMiwxq7iHFa5kBULqlHnTRWK09nbh83mP3VX1E0MH7hJIn3hZiT3HJV/AGxAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUDYys3tmDuU1OXTLFlmahcOb6hUswHwYDVR0j BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz NDNhMzE2NTYzMzczYTYzMzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzQz ODM3MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGBCoUHsfAMA0GCSqGSIb3DQEBCwUAA4IBAQCPqh+R RhFJk9vbXyEaC6T9YjPBAfkSk+gP6VJuMYRlmk3oMhsabVV8luCgHhwmHvKAZDj8 YjreYkdixLt9/Kwt1uV9my52J+pVHOFJQCmGU+TaVQfPlliWi7vqtbOMsAqysPzx Ocu8xzHOGkbYEWhM6Se0jeSubR5ZmuHiLjPNha9Ax+Xu0t0Ro4TxL2T0ztqvz+Nx YrKAb2IO7K047n46lKNC2ECrhUfc256GZT4unNZsMQIwq/Brvv89elbpGRUx4bKt n/aIeSH6NdU0vsUsmPhLbpkYUyTvn2gW0l2eaqCUS0IUJ5fYfIoHU3Lj4/8kaKqa 7rWgAIL0dazZff6S -----END CERTIFICATE-----Generated at Mon Oct 20 21:15:38 2025 by rpki-client