$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030663a3a2f34382d3438203d3e20323038343533.roa File: 326131343a316563373a663030663a3a2f34382d3438203d3e20323038343533.roa (raw, json) Hash identifier: ZBQrTYQq6EzEXXQqVVLmnECxmx5vDStz1fI8gjrWa9o= Subject key identifier: CC:92:5E:47:4A:75:9C:5A:FA:47:3B:56:87:C8:3E:83:A2:BB:7B:A0 Certificate issuer: /CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71 Certificate serial: 1AB4B3646BD48230823BF24DD4897B8FF420FD95 Authority key identifier: 1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030663a3a2f34382d3438203d3e20323038343533.roa Signing time: Sun 21 Sep 2025 00:19:32 +0000 ROA not before: Sun 21 Sep 2025 00:14:32 +0000 ROA not after: Sun 20 Sep 2026 00:19:32 +0000 asID: 208453 IP address blocks: 2a14:1ec7:f00f::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.mft rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 18:23:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:b4:b3:64:6b:d4:82:30:82:3b:f2:4d:d4:89:7b:8f:f4:20:fd:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71 Validity Not Before: Sep 21 00:14:32 2025 GMT Not After : Sep 20 00:19:32 2026 GMT Subject: CN=CC925E474A759C5AFA473B5687C83E83A2BB7BA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6d:6e:11:ed:64:22:47:99:d8:1c:78:82:b3: bd:b7:3e:49:a3:e4:6f:88:8e:d0:49:20:a5:a5:9d: 6c:13:b2:53:fb:07:0e:7a:ed:07:f7:fc:8f:f2:4e: 02:06:b2:3b:50:14:37:e1:48:1e:6f:bb:47:ca:8a: 8e:60:5b:f7:25:a0:42:4d:a4:b8:14:25:a9:79:4a: b8:c7:d8:9f:13:f7:ff:e4:be:03:fd:d6:78:34:05: 86:40:ef:eb:ae:2a:16:a2:a3:7c:0d:a2:9d:7b:60: 24:be:98:b1:45:0c:cd:c9:4e:6e:43:04:77:a8:ac: fb:d2:17:81:9f:43:fe:8a:9c:0c:e1:69:b2:7e:6b: b1:5f:fd:cb:7f:9f:68:b0:8f:95:18:16:ca:ce:be: ea:f0:7f:ab:bd:12:0a:ec:39:5f:a4:40:28:d1:8f: 6d:87:cc:45:0e:0c:89:34:83:a2:cb:91:61:fd:05: 39:ee:ad:18:b5:e5:b8:75:07:4b:d0:0f:a0:bd:33: 40:5b:f4:66:62:38:3e:9e:04:bc:f5:09:68:64:6d: f1:de:1f:db:06:8b:d9:c7:f5:43:e2:54:8a:9b:b6: 1d:2c:29:78:ab:f5:48:a4:81:d5:d7:c6:f6:3b:21: c2:22:34:f3:d5:3d:b2:5c:12:04:25:07:95:78:9d: 71:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:92:5E:47:4A:75:9C:5A:FA:47:3B:56:87:C8:3E:83:A2:BB:7B:A0 X509v3 Authority Key Identifier: keyid:1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030663a3a2f34382d3438203d3e20323038343533.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1ec7:f00f::/48 Signature Algorithm: sha256WithRSAEncryption 2b:4d:a6:a8:e1:b4:0f:1a:ff:7e:14:2b:f3:45:9f:ef:75:fa: 61:bc:cb:12:64:3a:28:81:41:d6:a9:76:3a:b3:fc:c1:f6:2c: 3c:9e:bc:3f:92:51:08:4b:9e:12:36:8c:9b:81:83:e3:db:cb: 9d:d6:ca:72:cc:dd:fd:e4:92:e5:13:be:f7:25:72:aa:24:73: b6:14:22:15:e4:dd:09:94:15:f4:b2:f6:16:e5:82:f1:39:27: 6c:30:99:e8:cb:17:23:9b:d8:a9:e3:25:ec:e4:40:b1:4f:94: d0:b1:7b:61:a4:35:91:66:5a:46:f3:8d:eb:b7:c1:68:3d:53: 5b:99:3d:d3:f0:37:c0:db:35:99:d4:73:1b:17:21:b8:54:ca: 27:ef:3c:ff:12:b0:82:28:2b:f7:f7:7f:b2:c1:58:f6:2f:ad: 4c:15:8e:3e:df:a5:e2:dd:2e:13:9e:3f:44:4f:11:cb:83:eb: a6:cf:d6:6e:b9:5d:9c:20:3e:5f:5b:5d:8a:ec:fb:a9:bd:81: af:40:7e:a2:d0:fc:e2:2d:05:d5:72:8e:18:61:f2:9e:1b:62: 78:61:41:e3:a6:3b:e8:24:da:81:e1:24:38:39:f7:4f:20:ea: 39:e4:aa:8f:e4:4d:d8:ff:11:b8:74:77:b9:78:69:cb:a3:3c: 95:20:c2:a3 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUGrSzZGvUgjCCO/JN1Il7j/Qg/ZUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVG ODNFMEU3MTAeFw0yNTA5MjEwMDE0MzJaFw0yNjA5MjAwMDE5MzJaMDMxMTAvBgNV BAMTKENDOTI1RTQ3NEE3NTlDNUFGQTQ3M0I1Njg3QzgzRTgzQTJCQjdCQTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBbW4R7WQiR5nYHHiCs723Pkmj 5G+IjtBJIKWlnWwTslP7Bw567Qf3/I/yTgIGsjtQFDfhSB5vu0fKio5gW/cloEJN pLgUJal5SrjH2J8T9//kvgP91ng0BYZA7+uuKhaio3wNop17YCS+mLFFDM3JTm5D BHeorPvSF4GfQ/6KnAzhabJ+a7Ff/ct/n2iwj5UYFsrOvurwf6u9EgrsOV+kQCjR j22HzEUODIk0g6LLkWH9BTnurRi15bh1B0vQD6C9M0Bb9GZiOD6eBLz1CWhkbfHe H9sGi9nH9UPiVIqbth0sKXir9UikgdXXxvY7IcIiNPPVPbJcEgQlB5V4nXEHAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUzJJeR0p1nFr6RztWh8g+g6K7e6AwHwYDVR0j BBgwFoAUHb0dR/2ORXTIQhdDycxfDvg+DnEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE0NzZkNjItOWNmYS00ODcxLWEyZDktZmFkZjU3ODFj MTFiLzIvMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVGODNFMEU3MS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8xREJEMUQ0N0ZEOEU0NTc0Qzg0MjE3NDND OUNDNUYwRUY4M0UwRTcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS83MTQ3NmQ2Mi05Y2ZhLTQ4NzEtYTJkOS1mYWRmNTc4MWMxMWIvMi8zMjYxMzEz NDNhMzE2NTYzMzczYTY2MzAzMDY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDM4MzQzNTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhQex/APMA0GCSqGSIb3DQEBCwUAA4IBAQAr Taao4bQPGv9+FCvzRZ/vdfphvMsSZDoogUHWqXY6s/zB9iw8nrw/klEIS54SNoyb gYPj28ud1spyzN395JLlE773JXKqJHO2FCIV5N0JlBX0svYW5YLxOSdsMJnoyxcj m9ip4yXs5ECxT5TQsXthpDWRZlpG843rt8FoPVNbmT3T8DfA2zWZ1HMbFyG4VMon 7zz/ErCCKCv393+ywVj2L61MFY4+36Xi3S4Tnj9ETxHLg+umz9ZuuV2cID5fW12K 7PupvYGvQH6i0PziLQXVco4YYfKeG2J4YUHjpjvoJNqB4SQ4OfdPIOo55KqP5E3Y /xG4dHe5eGnLozyVIMKj -----END CERTIFICATE-----Generated at Mon Oct 20 10:25:55 2025 by rpki-client