$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393063303a3a2f34342d3438203d3e203134343437.roa File: 326131343a373538313a393063303a3a2f34342d3438203d3e203134343437.roa (raw, json) Hash identifier: 1KwjyQC5mQq96/1cZ1aeVWaWGIQIpF6Ei+ZSWIfd5WM= Subject key identifier: 5A:20:D0:24:32:2E:94:2A:BC:7F:A3:69:F1:E7:A9:71:60:83:D4:E5 Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 161E23C25A8D92238DFB159579E303EDF5827850 Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393063303a3a2f34342d3438203d3e203134343437.roa Signing time: Mon 08 Sep 2025 16:56:55 +0000 ROA not before: Mon 08 Sep 2025 16:51:55 +0000 ROA not after: Mon 07 Sep 2026 16:56:55 +0000 asID: 14447 IP address blocks: 2a14:7581:90c0::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 18:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:1e:23:c2:5a:8d:92:23:8d:fb:15:95:79:e3:03:ed:f5:82:78:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: Sep 8 16:51:55 2025 GMT Not After : Sep 7 16:56:55 2026 GMT Subject: CN=5A20D024322E942ABC7FA369F1E7A9716083D4E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b3:c8:d5:40:6b:8c:f4:37:27:92:9f:11:c2: 4e:f4:d7:72:9d:c0:f8:08:94:9d:97:6a:df:5f:18: 5b:c7:27:92:a3:b9:a3:eb:24:e8:05:3d:54:82:11: 43:26:db:d9:11:5a:2d:25:43:42:f7:37:98:86:3a: d5:9a:54:58:2d:c4:ea:f8:f2:3e:24:22:74:7c:68: 4f:a7:9a:c9:83:a3:86:2f:08:98:fb:81:a2:fc:73: 39:9e:38:70:a9:aa:31:d3:b0:ae:bd:53:0f:4b:ba: fa:57:a6:f1:a8:7c:c6:b9:0e:4e:8f:19:b1:62:8a: ff:90:10:ac:bf:6f:01:60:3b:31:9e:77:68:77:ee: b3:6d:35:de:66:d8:c1:22:72:4d:a9:4d:04:a4:89: 31:f1:d8:9c:2a:82:61:a3:5c:8b:c8:34:5b:e7:09: 04:23:29:e1:49:60:6f:10:24:05:a9:0b:77:5a:bd: 79:8e:d7:e6:8d:f6:b4:da:2b:5a:63:f1:d9:ca:2e: 5f:ab:26:9d:55:dd:d7:d8:4c:96:86:ba:6e:00:f7: 16:bf:1f:6a:43:62:8b:ee:f4:d5:7e:c5:ee:68:19: 82:31:27:63:e4:56:77:20:bf:03:83:89:5e:25:83: 2d:14:cb:41:db:37:0f:04:0d:3a:5a:98:9f:6b:e7: a9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:20:D0:24:32:2E:94:2A:BC:7F:A3:69:F1:E7:A9:71:60:83:D4:E5 X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393063303a3a2f34342d3438203d3e203134343437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:90c0::/44 Signature Algorithm: sha256WithRSAEncryption 1c:e3:9b:12:4f:bd:c7:6c:7c:ef:c3:d1:54:fc:8d:51:d3:70: b0:e8:a6:52:e3:8a:cc:d1:8c:59:c2:96:89:d0:b4:f6:ba:d4: d3:1b:4d:78:be:0f:57:2f:f7:1e:6a:ea:e9:cf:07:42:dd:bf: f1:2e:a6:c5:34:55:0a:ea:77:b7:d8:51:c0:d6:60:c1:fd:36: 86:70:e3:86:37:6e:28:8f:5f:41:76:f1:f0:ae:2b:40:2e:1b: 8f:3c:63:38:49:e6:3c:7c:d8:8a:b8:79:f1:72:11:39:27:ed: d6:b4:40:b3:26:8e:bb:6a:74:da:33:8a:9f:3f:f1:5a:ae:33: 90:19:3f:94:62:e9:6f:dd:83:5f:f7:e8:0a:73:96:0f:eb:c9: 08:2b:58:ad:e2:02:3a:56:dc:33:0d:dd:15:2d:98:8e:70:4f: 75:e0:09:c9:77:a1:85:c1:da:48:84:ff:20:04:92:a5:ae:62: b6:e5:48:50:c6:d9:b3:66:b6:14:02:af:eb:3d:34:4f:8d:8d: 47:64:c2:aa:7b:af:fc:67:08:a5:42:3f:f2:54:7a:be:23:ed: e4:86:79:1f:ed:13:2b:fc:1f:f4:59:7e:d3:9e:2a:67:c7:10: 7c:23:84:ed:92:a0:fa:f8:a6:67:19:7e:d7:24:c2:88:9c:b1: 96:a7:29:dc -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUFh4jwlqNkiON+xWVeeMD7fWCeFAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNTA5MDgxNjUxNTVaFw0yNjA5MDcxNjU2NTVaMDMxMTAvBgNV BAMTKDVBMjBEMDI0MzIyRTk0MkFCQzdGQTM2OUYxRTdBOTcxNjA4M0Q0RTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCis8jVQGuM9Dcnkp8Rwk7013Kd wPgIlJ2Xat9fGFvHJ5KjuaPrJOgFPVSCEUMm29kRWi0lQ0L3N5iGOtWaVFgtxOr4 8j4kInR8aE+nmsmDo4YvCJj7gaL8czmeOHCpqjHTsK69Uw9LuvpXpvGofMa5Dk6P GbFiiv+QEKy/bwFgOzGed2h37rNtNd5m2MEick2pTQSkiTHx2JwqgmGjXIvINFvn CQQjKeFJYG8QJAWpC3davXmO1+aN9rTaK1pj8dnKLl+rJp1V3dfYTJaGum4A9xa/ H2pDYovu9NV+xe5oGYIxJ2PkVncgvwODiV4lgy0Uy0HbNw8EDTpamJ9r56nVAgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUWiDQJDIulCq8f6Np8eepcWCD1OUwHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzA2MzMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzEz NDM0MzQzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHBCoUdYGQwDANBgkqhkiG9w0BAQsFAAOCAQEAHOOb Ek+9x2x878PRVPyNUdNwsOimUuOKzNGMWcKWidC09rrU0xtNeL4PVy/3Hmrq6c8H Qt2/8S6mxTRVCup3t9hRwNZgwf02hnDjhjduKI9fQXbx8K4rQC4bjzxjOEnmPHzY irh58XIROSft1rRAsyaOu2p02jOKnz/xWq4zkBk/lGLpb92DX/foCnOWD+vJCCtY reICOlbcMw3dFS2YjnBPdeAJyXehhcHaSIT/IASSpa5ituVIUMbZs2a2FAKv6z00 T42NR2TCqnuv/GcIpUI/8lR6viPt5IZ5H+0TK/wf9Fl+054qZ8cQfCOE7ZKg+vim Zxl+1yTCiJyxlqcp3A== -----END CERTIFICATE-----Generated at Mon Oct 20 10:21:29 2025 by rpki-client