$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/326130663a316363353a323630303a3a2f34302d3438203d3e203434333234.roa File: 326130663a316363353a323630303a3a2f34302d3438203d3e203434333234.roa (raw, json) Hash identifier: cDN3mdERPdV9IfirHT4t4rSQ9VN0hgzy5abYthSlLfc= Subject key identifier: FC:D7:CA:B2:36:2B:64:8D:78:74:C2:E2:8B:14:B6:BC:34:43:BA:0C Certificate issuer: /CN=2A91778ACCE76333081468D9784DE132C2985976 Certificate serial: 72498AF73C41240DF21AAB3795C248455772B5B9 Authority key identifier: 2A:91:77:8A:CC:E7:63:33:08:14:68:D9:78:4D:E1:32:C2:98:59:76 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/2A91778ACCE76333081468D9784DE132C2985976.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/326130663a316363353a323630303a3a2f34302d3438203d3e203434333234.roa Signing time: Sun 15 Mar 2026 17:16:24 +0000 ROA not before: Sun 15 Mar 2026 17:11:24 +0000 ROA not after: Sun 14 Mar 2027 17:16:24 +0000 asID: 44324 IP address blocks: 2a0f:1cc5:2600::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/2A91778ACCE76333081468D9784DE132C2985976.crl rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/2A91778ACCE76333081468D9784DE132C2985976.mft rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/2A91778ACCE76333081468D9784DE132C2985976.cer rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 10:25:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:49:8a:f7:3c:41:24:0d:f2:1a:ab:37:95:c2:48:45:57:72:b5:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A91778ACCE76333081468D9784DE132C2985976 Validity Not Before: Mar 15 17:11:24 2026 GMT Not After : Mar 14 17:16:24 2027 GMT Subject: CN=FCD7CAB2362B648D7874C2E28B14B6BC3443BA0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:5a:59:5e:15:af:b6:97:f4:cf:75:d3:6f:db: 7f:af:fe:40:b7:46:9e:47:a9:92:80:4e:f7:31:4a: 4e:46:f2:77:01:47:c1:5e:64:e5:6c:07:79:63:82: 35:be:e4:89:d0:9f:6f:05:e1:aa:76:8b:df:51:74: 61:74:51:f2:8b:70:80:4d:94:1c:51:b7:e6:7c:86: 9e:56:05:fb:11:1d:e1:bb:e1:49:9a:84:66:e7:5d: e6:6c:f5:cb:03:e5:e1:88:7e:97:b6:59:e1:68:11: b7:8e:57:e7:8a:d1:f9:92:a8:e4:e8:c4:e1:b8:93: b9:85:34:72:a9:9e:b4:04:79:c3:ee:d2:f9:86:f0: 32:0f:c7:9d:b1:a8:64:bf:c8:36:15:74:fb:cc:3e: 41:c1:50:4b:88:b1:58:fb:f7:93:f6:f7:53:38:da: 58:90:96:7c:92:49:79:6e:64:9e:9b:8d:29:de:43: 0b:ec:83:e7:7f:78:9d:0e:77:3a:87:ea:32:5a:7e: fa:e7:ed:7d:88:92:89:7d:40:dd:89:48:f3:66:64: be:94:4d:26:45:ad:fb:43:64:21:00:48:bc:0c:db: 3a:ec:2d:45:99:f9:6a:21:84:02:bd:35:8a:9d:9a: 00:57:14:30:d4:18:c4:98:14:f7:0b:bb:be:d2:1d: 94:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:D7:CA:B2:36:2B:64:8D:78:74:C2:E2:8B:14:B6:BC:34:43:BA:0C X509v3 Authority Key Identifier: keyid:2A:91:77:8A:CC:E7:63:33:08:14:68:D9:78:4D:E1:32:C2:98:59:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/2A91778ACCE76333081468D9784DE132C2985976.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/2A91778ACCE76333081468D9784DE132C2985976.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/326130663a316363353a323630303a3a2f34302d3438203d3e203434333234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:2600::/40 Signature Algorithm: sha256WithRSAEncryption 45:a3:7c:b2:12:67:3a:8e:63:9f:a3:41:96:0e:ac:cc:e1:e1: c4:4a:8a:87:dc:16:7c:4e:fb:4d:38:27:35:b0:0c:96:e9:20: f9:ad:9e:fd:1d:92:f1:0f:95:11:51:41:1a:a9:87:55:ab:9c: 6e:a6:3a:77:ac:a8:79:22:cb:f6:c2:7d:89:ef:00:51:bd:24: 23:8c:33:3c:07:42:07:c2:45:86:58:df:4c:97:99:ce:a3:13: cd:63:01:64:64:c0:13:1d:b6:44:cb:77:32:75:2b:5e:11:0e: 3c:9f:ed:54:11:89:e3:f5:cc:f6:9c:6d:f2:ec:3d:aa:81:dd: c7:21:39:ca:7a:70:20:84:ac:27:9c:bc:ab:0a:d0:c3:45:c6: 71:ea:29:de:39:02:65:78:30:16:66:cf:48:7e:19:e2:7c:ab: 96:8e:9b:f6:54:d4:10:ec:80:b5:46:5c:30:47:13:6f:ab:5a: 35:9d:03:c3:3f:ed:cb:f7:4f:69:5f:99:1b:d3:2d:eb:a1:d7: 58:c4:73:91:04:4a:21:fa:5f:cc:bc:00:85:0e:31:99:6e:10: 5f:90:e0:a2:1e:43:38:d4:41:86:63:cc:b4:6c:4a:ed:71:7d: e2:10:38:47:28:25:35:3e:95:f1:d4:ff:a9:f8:a6:cd:12:b2: 5b:d6:2f:f0 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUckmK9zxBJA3yGqs3lcJIRVdytbkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkE5MTc3OEFDQ0U3NjMzMzA4MTQ2OEQ5Nzg0REUxMzJD Mjk4NTk3NjAeFw0yNjAzMTUxNzExMjRaFw0yNzAzMTQxNzE2MjRaMDMxMTAvBgNV BAMTKEZDRDdDQUIyMzYyQjY0OEQ3ODc0QzJFMjhCMTRCNkJDMzQ0M0JBMEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfWlleFa+2l/TPddNv23+v/kC3 Rp5HqZKATvcxSk5G8ncBR8FeZOVsB3ljgjW+5InQn28F4ap2i99RdGF0UfKLcIBN lBxRt+Z8hp5WBfsRHeG74UmahGbnXeZs9csD5eGIfpe2WeFoEbeOV+eK0fmSqOTo xOG4k7mFNHKpnrQEecPu0vmG8DIPx52xqGS/yDYVdPvMPkHBUEuIsVj795P291M4 2liQlnySSXluZJ6bjSneQwvsg+d/eJ0OdzqH6jJafvrn7X2Ikol9QN2JSPNmZL6U TSZFrftDZCEASLwM2zrsLUWZ+WohhAK9NYqdmgBXFDDUGMSYFPcLu77SHZTFAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQU/NfKsjYrZI14dMLiixS2vDRDugwwHwYDVR0j BBgwFoAUKpF3isznYzMIFGjZeE3hMsKYWXYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNDBjYmE2MWQtNDA1Ni00NmE5LTkzOTItYTYxZGZjNTAw ZGM5LzEvMkE5MTc3OEFDQ0U3NjMzMzA4MTQ2OEQ5Nzg0REUxMzJDMjk4NTk3Ni5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5 MzktOTVlOS0wMDc3YjgwYjRmMGUvMC8yQTkxNzc4QUNDRTc2MzMzMDgxNDY4RDk3 ODRERTEzMkMyOTg1OTc2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS80MGNiYTYxZC00MDU2LTQ2YTktOTM5Mi1hNjFkZmM1MDBkYzkvMS8zMjYxMzA2 NjNhMzE2MzYzMzUzYTMyMzYzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQz NDMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoPHMUmMA0GCSqGSIb3DQEBCwUAA4IBAQBFo3yy Emc6jmOfo0GWDqzM4eHESoqH3BZ8TvtNOCc1sAyW6SD5rZ79HZLxD5URUUEaqYdV q5xupjp3rKh5Isv2wn2J7wBRvSQjjDM8B0IHwkWGWN9Ml5nOoxPNYwFkZMATHbZE y3cydSteEQ48n+1UEYnj9cz2nG3y7D2qgd3HITnKenAghKwnnLyrCtDDRcZx6ine OQJleDAWZs9IfhnifKuWjpv2VNQQ7IC1RlwwRxNvq1o1nQPDP+3L909pX5kb0y3r oddYxHORBEoh+l/MvACFDjGZbhBfkOCiHkM41EGGY8y0bErtcX3iEDhHKCU1PpXx 1P+p+KbNErJb1i/w -----END CERTIFICATE-----Generated at Wed Mar 25 23:09:05 2026 by rpki-client