$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa File: 326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa (raw, json) Hash identifier: M7y4yNzKisPGrMDI6N/h2uK0LmUwgVtJCXB3eT1YcCs= Subject key identifier: 89:1F:EA:6E:76:78:74:03:2F:BD:08:D8:B9:FB:81:AF:30:D3:39:5B Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Certificate serial: 2ED4D405A10A8AEEB6E044BBB0804A9EBFE4404D Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa Signing time: Tue 12 May 2026 17:34:57 +0000 ROA not before: Tue 12 May 2026 17:29:57 +0000 ROA not after: Tue 11 May 2027 17:34:57 +0000 asID: 48700 IP address blocks: 2a14:1ec7:c400::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 11:18:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:d4:d4:05:a1:0a:8a:ee:b6:e0:44:bb:b0:80:4a:9e:bf:e4:40:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6 Validity Not Before: May 12 17:29:57 2026 GMT Not After : May 11 17:34:57 2027 GMT Subject: CN=891FEA6E767874032FBD08D8B9FB81AF30D3395B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:19:63:de:67:c9:8c:7f:20:9d:d2:b1:74:48: 0b:c2:0a:af:0b:6b:27:af:fe:a9:18:bb:24:10:8a: f6:cc:30:06:9b:44:3b:b1:16:a2:99:23:fb:62:4a: b1:5a:00:3a:b7:cc:05:e8:ec:ed:4d:0c:a9:a8:31: 52:6f:94:8c:02:9e:33:9f:96:38:97:bf:80:2b:ac: 9d:a7:7c:fd:65:6a:59:98:0d:83:37:9d:b4:92:c0: f8:82:a6:b8:e8:31:86:0b:0b:8c:33:74:25:e9:3f: fb:e5:62:61:58:5c:64:11:2d:a7:60:5f:46:67:b2: ed:c7:ec:6f:76:12:b5:1f:fa:1f:9d:ab:04:88:e7: a9:ab:ea:52:cf:94:45:1f:92:5f:d9:4b:82:d3:f7: c1:ee:1b:e1:72:3b:8f:97:fa:dd:e4:2f:12:22:44: ed:07:04:48:71:6b:d7:45:94:b7:07:87:2d:50:a4: ac:f8:0a:97:30:31:03:44:76:9e:c9:bc:e0:a9:40: a0:a2:74:1d:c3:a5:6b:1b:93:70:65:91:65:9c:76: e8:f1:53:bd:b1:d9:f9:49:76:58:7a:a6:7d:2f:8a: 9d:15:a9:08:a6:83:f4:0b:9b:3f:47:49:c0:8c:07: 28:48:2c:b5:62:0a:50:42:e6:9a:50:d9:ac:ae:06: 24:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:1F:EA:6E:76:78:74:03:2F:BD:08:D8:B9:FB:81:AF:30:D3:39:5B X509v3 Authority Key Identifier: keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633430303a3a2f34302d3438203d3e203438373030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec7:c400::/40 Signature Algorithm: sha256WithRSAEncryption 0d:03:84:78:47:8b:c0:1b:e6:c9:07:a2:52:18:ec:04:e0:42: 9d:93:de:d7:d3:4e:ae:90:fd:48:4f:ed:17:c3:c8:09:c5:c3: 32:0c:9c:a1:a9:08:0c:d8:7c:4a:4a:9e:04:50:f6:69:3d:5d: 06:fc:a4:1c:c2:10:af:52:9c:96:ab:13:36:25:f3:ca:e7:3b: 6c:7b:60:c4:ad:e2:16:99:c2:a6:3a:53:84:a9:16:fa:1a:48: b7:99:ff:6b:d4:96:34:e9:79:67:33:84:55:46:c7:5a:86:82: 5a:99:8f:19:94:cf:4b:55:40:5f:c2:c2:01:c7:8b:9b:46:16: 68:ff:3c:26:5d:d3:0e:13:81:27:0d:19:3c:34:9d:22:09:b2: af:83:23:66:3e:ee:b4:e6:09:37:da:32:f3:d7:b5:b3:89:19: 8f:fa:96:95:23:b1:78:da:9d:c2:0f:89:83:10:19:24:c8:ab: 45:50:f7:5e:97:1a:55:6e:21:66:82:28:bc:4a:61:18:47:2f: 61:a5:f9:f7:bb:8e:90:7c:0e:59:07:31:a0:a7:20:7d:b5:c3: af:0f:a8:06:80:2f:a7:7d:ea:c5:22:02:8f:eb:06:b6:8c:83: 12:74:99:bd:43:ef:6a:94:01:0d:55:6f:06:c6:a7:8c:fc:47: 4a:89:61:de -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIULtTUBaEKiu624ES7sIBKnr/kQE0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG NEFCREVDNjAeFw0yNjA1MTIxNzI5NTdaFw0yNzA1MTExNzM0NTdaMDMxMTAvBgNV BAMTKDg5MUZFQTZFNzY3ODc0MDMyRkJEMDhEOEI5RkI4MUFGMzBEMzM5NUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzGWPeZ8mMfyCd0rF0SAvCCq8L ayev/qkYuyQQivbMMAabRDuxFqKZI/tiSrFaADq3zAXo7O1NDKmoMVJvlIwCnjOf ljiXv4ArrJ2nfP1lalmYDYM3nbSSwPiCprjoMYYLC4wzdCXpP/vlYmFYXGQRLadg X0Znsu3H7G92ErUf+h+dqwSI56mr6lLPlEUfkl/ZS4LT98HuG+FyO4+X+t3kLxIi RO0HBEhxa9dFlLcHhy1QpKz4CpcwMQNEdp7JvOCpQKCidB3DpWsbk3BlkWWcdujx U72x2flJdlh6pn0vip0VqQimg/QLmz9HScCMByhILLViClBC5ppQ2ayuBiRvAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUiR/qbnZ4dAMvvQjYufuBrzDTOVswHwYDVR0j BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz NDNhMzE2NTYzMzczYTYzMzQzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQz ODM3MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUHsfEMA0GCSqGSIb3DQEBCwUAA4IBAQANA4R4 R4vAG+bJB6JSGOwE4EKdk97X006ukP1IT+0Xw8gJxcMyDJyhqQgM2HxKSp4EUPZp PV0G/KQcwhCvUpyWqxM2JfPK5ztse2DEreIWmcKmOlOEqRb6Gki3mf9r1JY06Xln M4RVRsdahoJamY8ZlM9LVUBfwsIBx4ubRhZo/zwmXdMOE4EnDRk8NJ0iCbKvgyNm Pu605gk32jLz17WziRmP+paVI7F42p3CD4mDEBkkyKtFUPdelxpVbiFmgii8SmEY Ry9hpfn3u46QfA5ZBzGgpyB9tcOvD6gGgC+nferFIgKP6wa2jIMSdJm9Q+9qlAEN VW8GxqeM/EdKiWHe -----END CERTIFICATE-----Generated at Tue May 12 21:34:26 2026 by rpki-client