$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/326130663a316363353a323630303a3a2f34302d3438203d3e203533383038.roa File: 326130663a316363353a323630303a3a2f34302d3438203d3e203533383038.roa (raw, json) Hash identifier: u1C6r96nrZzsP725w3rwf3Ro6iVU6GABz5hYSkgtUzk= Subject key identifier: C0:2B:4F:AA:A1:90:53:3D:B9:96:A1:F8:C2:B5:B9:CB:F1:33:9E:BC Certificate issuer: /CN=2A91778ACCE76333081468D9784DE132C2985976 Certificate serial: 1FBF70CB5E44DC89AF13279FE1D0F12C4F2CB514 Authority key identifier: 2A:91:77:8A:CC:E7:63:33:08:14:68:D9:78:4D:E1:32:C2:98:59:76 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/2A91778ACCE76333081468D9784DE132C2985976.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/326130663a316363353a323630303a3a2f34302d3438203d3e203533383038.roa Signing time: Sun 15 Mar 2026 17:16:54 +0000 ROA not before: Sun 15 Mar 2026 17:11:54 +0000 ROA not after: Sun 14 Mar 2027 17:16:54 +0000 asID: 53808 IP address blocks: 2a0f:1cc5:2600::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/2A91778ACCE76333081468D9784DE132C2985976.crl rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/2A91778ACCE76333081468D9784DE132C2985976.mft rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/2A91778ACCE76333081468D9784DE132C2985976.cer rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 10:25:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:bf:70:cb:5e:44:dc:89:af:13:27:9f:e1:d0:f1:2c:4f:2c:b5:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A91778ACCE76333081468D9784DE132C2985976 Validity Not Before: Mar 15 17:11:54 2026 GMT Not After : Mar 14 17:16:54 2027 GMT Subject: CN=C02B4FAAA190533DB996A1F8C2B5B9CBF1339EBC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:48:cb:c0:7d:ce:a9:32:e8:73:6b:02:3e:0c: d2:bc:04:eb:af:c4:f8:fc:2d:e4:f8:43:50:d4:78: 05:08:d5:6c:da:b7:ea:83:56:96:ea:7b:d2:54:71: 6c:15:04:ec:ff:ee:22:72:46:2b:a2:73:ba:9b:35: ea:a6:8b:d0:24:8c:8a:60:4b:d6:67:e3:fd:e3:0f: 7a:4b:c1:bd:65:70:91:57:61:9f:1f:96:59:2f:de: b4:f2:f7:54:a9:11:21:50:37:e8:20:32:a1:63:dd: 4c:fc:b6:61:3c:cf:ca:65:e8:30:d0:c6:98:ce:37: f0:1b:1f:a0:65:34:5d:4d:cc:de:8a:07:b2:d8:89: 65:b4:ba:3b:40:38:bf:43:33:b6:0d:bf:3b:6e:25: bf:6f:c6:d4:af:9c:0a:2d:2c:6a:61:91:0a:4d:b7: 05:a4:2d:29:fe:d0:93:18:b3:1e:3d:b5:65:7c:54: 2c:fe:f5:b4:f6:ac:e4:56:c0:64:02:28:8e:2c:9f: a8:a7:7e:81:94:9a:bd:50:e4:8e:bd:bb:a0:98:52: d9:7b:e9:62:45:bb:c6:26:e0:22:0e:b6:3f:e7:6b: 3b:66:32:be:fe:25:a5:1a:82:5f:41:66:7f:4f:56: 0d:cd:3c:6f:4d:ca:52:f3:9d:6e:db:a0:3a:89:0a: d0:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:2B:4F:AA:A1:90:53:3D:B9:96:A1:F8:C2:B5:B9:CB:F1:33:9E:BC X509v3 Authority Key Identifier: keyid:2A:91:77:8A:CC:E7:63:33:08:14:68:D9:78:4D:E1:32:C2:98:59:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/2A91778ACCE76333081468D9784DE132C2985976.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/2A91778ACCE76333081468D9784DE132C2985976.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/40cba61d-4056-46a9-9392-a61dfc500dc9/1/326130663a316363353a323630303a3a2f34302d3438203d3e203533383038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:2600::/40 Signature Algorithm: sha256WithRSAEncryption 52:df:db:e5:49:13:c1:0a:fb:73:58:80:e9:62:42:01:77:eb: cd:95:be:c5:bf:b6:28:a8:fc:55:ec:79:0b:f6:c0:57:e6:81: ab:e6:20:df:a8:71:0e:2b:2e:96:3a:52:af:25:9a:bf:00:4c: 54:40:60:db:86:26:72:ee:35:e2:8d:11:27:22:20:c8:85:91: ee:fe:2f:45:d9:55:11:4e:c3:d7:21:c6:79:f4:45:6e:69:14: b9:21:5b:7d:73:7c:2a:e7:5b:ac:c5:1e:87:04:b7:54:23:51: 90:49:ee:7f:43:d0:21:f6:7e:d8:50:d1:d0:a7:f0:b9:84:13: 1c:d0:35:00:c3:b4:ae:96:46:9d:a5:c3:88:b6:4d:1b:22:6f: 37:18:7a:b9:27:b8:9a:ed:20:c2:bc:e4:20:37:f2:c9:ff:8e: 7f:42:29:26:64:c1:33:b6:88:ce:ff:1e:ca:fa:ae:b7:c1:5f: cb:ec:20:07:a4:87:64:de:d3:c4:41:b5:4e:43:06:23:a5:c7: 93:5a:21:41:20:f8:c6:2c:35:52:3d:84:04:8b:83:c6:af:3d: 50:20:99:d0:fb:96:d5:46:ec:0f:90:d0:8e:75:3e:57:d6:dc: a9:a1:4a:79:27:ce:b9:cd:da:43:aa:a5:b7:60:e2:34:6e:c6: 1b:52:16:96 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUH79wy15E3ImvEyef4dDxLE8stRQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkE5MTc3OEFDQ0U3NjMzMzA4MTQ2OEQ5Nzg0REUxMzJD Mjk4NTk3NjAeFw0yNjAzMTUxNzExNTRaFw0yNzAzMTQxNzE2NTRaMDMxMTAvBgNV BAMTKEMwMkI0RkFBQTE5MDUzM0RCOTk2QTFGOEMyQjVCOUNCRjEzMzlFQkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDESMvAfc6pMuhzawI+DNK8BOuv xPj8LeT4Q1DUeAUI1Wzat+qDVpbqe9JUcWwVBOz/7iJyRiuic7qbNeqmi9AkjIpg S9Zn4/3jD3pLwb1lcJFXYZ8fllkv3rTy91SpESFQN+ggMqFj3Uz8tmE8z8pl6DDQ xpjON/AbH6BlNF1NzN6KB7LYiWW0ujtAOL9DM7YNvztuJb9vxtSvnAotLGphkQpN twWkLSn+0JMYsx49tWV8VCz+9bT2rORWwGQCKI4sn6infoGUmr1Q5I69u6CYUtl7 6WJFu8Ym4CIOtj/naztmMr7+JaUagl9BZn9PVg3NPG9NylLznW7boDqJCtCNAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUwCtPqqGQUz25lqH4wrW5y/EznrwwHwYDVR0j BBgwFoAUKpF3isznYzMIFGjZeE3hMsKYWXYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNDBjYmE2MWQtNDA1Ni00NmE5LTkzOTItYTYxZGZjNTAw ZGM5LzEvMkE5MTc3OEFDQ0U3NjMzMzA4MTQ2OEQ5Nzg0REUxMzJDMjk4NTk3Ni5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YWZiNWZlMi0zYzJhLTQ5 MzktOTVlOS0wMDc3YjgwYjRmMGUvMC8yQTkxNzc4QUNDRTc2MzMzMDgxNDY4RDk3 ODRERTEzMkMyOTg1OTc2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS80MGNiYTYxZC00MDU2LTQ2YTktOTM5Mi1hNjFkZmM1MDBkYzkvMS8zMjYxMzA2 NjNhMzE2MzYzMzUzYTMyMzYzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzUz MzM4MzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoPHMUmMA0GCSqGSIb3DQEBCwUAA4IBAQBS39vl SRPBCvtzWIDpYkIBd+vNlb7Fv7YoqPxV7HkL9sBX5oGr5iDfqHEOKy6WOlKvJZq/ AExUQGDbhiZy7jXijREnIiDIhZHu/i9F2VURTsPXIcZ59EVuaRS5IVt9c3wq51us xR6HBLdUI1GQSe5/Q9Ah9n7YUNHQp/C5hBMc0DUAw7SulkadpcOItk0bIm83GHq5 J7ia7SDCvOQgN/LJ/45/QikmZMEztojO/x7K+q63wV/L7CAHpIdk3tPEQbVOQwYj pceTWiFBIPjGLDVSPYQEi4PGrz1QIJnQ+5bVRuwPkNCOdT5X1typoUp5J865zdpD qqW3YOI0bsYbUhaW -----END CERTIFICATE-----Generated at Thu Mar 26 00:49:06 2026 by rpki-client