$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3438203d3e20323039313039.roa File: 326131343a373538313a393230303a3a2f34302d3438203d3e20323039313039.roa (raw, json) Hash identifier: pMn1lmNiSpZ9TgFB+IRiwlTd7+lbxKBF0vBWWTkkXYs= Subject key identifier: A9:58:86:97:FE:41:2F:5F:F6:25:6F:B4:98:C1:86:0D:CA:F0:97:C1 Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Certificate serial: 2AE4F6B50019C80866281DE3867588912FC8D637 Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3438203d3e20323039313039.roa Signing time: Sat 16 Aug 2025 18:07:09 +0000 ROA not before: Sat 16 Aug 2025 18:02:09 +0000 ROA not after: Sat 15 Aug 2026 18:07:09 +0000 asID: 209109 IP address blocks: 2a14:7581:9200::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 12:25:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:e4:f6:b5:00:19:c8:08:66:28:1d:e3:86:75:88:91:2f:c8:d6:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926 Validity Not Before: Aug 16 18:02:09 2025 GMT Not After : Aug 15 18:07:09 2026 GMT Subject: CN=A9588697FE412F5FF6256FB498C1860DCAF097C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:03:0d:42:75:2b:31:55:f1:78:83:42:66:bc: f3:78:f0:8b:3b:16:fa:8e:e7:d7:e2:ac:de:cd:fe: 25:5c:ad:ff:25:5a:02:cd:b3:35:6f:e9:4f:ed:97: 3f:95:69:f1:9b:fa:57:98:44:1b:13:33:6a:77:5a: ce:03:49:ba:7d:a5:12:76:dc:dc:69:cd:eb:a4:45: a1:02:03:dd:36:f0:0a:4f:c2:e2:4d:8d:0c:e4:1c: da:17:09:99:d7:04:bb:5c:a2:9a:c3:08:57:9f:c5: e0:eb:cf:35:f5:fd:7a:0f:c4:de:65:13:6b:97:8c: 1e:ca:a3:41:19:84:d8:e7:6d:b8:2c:a4:71:a0:c8: cd:65:ec:da:b2:b5:dc:b8:b1:6e:b4:38:65:ba:9c: 32:3a:18:27:2b:8d:f6:d2:8b:6e:db:84:f1:04:44: 1c:41:f5:a4:de:82:e8:3f:b7:dc:b2:93:d5:16:a2: ee:5b:1a:b3:af:76:ca:63:13:f0:a8:04:ff:3f:84: fc:7c:48:d5:10:d4:2a:b9:91:9f:3d:52:4d:3d:06: 64:8a:1e:74:1e:53:68:18:28:4e:51:38:11:6f:64: 0b:c9:41:6b:d6:1e:fc:a8:a2:bc:f2:16:bf:82:57: 73:49:f7:36:e7:14:7a:00:6f:b4:28:71:5a:2c:e6: eb:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:58:86:97:FE:41:2F:5F:F6:25:6F:B4:98:C1:86:0D:CA:F0:97:C1 X509v3 Authority Key Identifier: keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393230303a3a2f34302d3438203d3e20323039313039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9200::/40 Signature Algorithm: sha256WithRSAEncryption b2:8a:e1:c2:9c:87:e2:f3:63:62:e3:28:c8:1d:68:85:6d:12: 05:ac:43:ab:06:b8:b5:50:e5:86:32:72:51:33:a9:90:76:d0: e3:36:31:8d:77:c3:cc:22:7a:30:f2:c7:d7:35:63:b4:7f:03: 88:47:87:f8:8a:a9:f9:b8:5f:7b:9e:c2:f0:55:5a:3a:f5:42: 85:6f:9f:37:89:23:15:79:1e:9f:64:f6:aa:ca:eb:e8:db:db: 2e:b2:35:fe:b0:a2:43:11:74:d8:ae:2c:b8:2d:fc:c9:fe:65: ce:2e:44:ba:d4:72:04:6f:69:2b:7c:77:74:c2:4b:d6:a1:f3: 7a:ae:76:92:4e:1e:3f:ed:27:84:30:52:23:7c:1a:a5:1f:c4: 48:9a:d0:5b:f7:60:2c:34:ec:e4:c2:f9:58:71:4f:fb:6c:29: 09:0b:22:a3:91:c5:9f:89:fa:bc:12:38:ae:45:81:90:7a:10: cf:6d:cd:ec:76:ed:ea:a3:81:12:96:79:36:b6:28:ee:07:ad: f8:e7:2f:b0:4e:46:b7:9c:4b:db:3e:5b:98:19:b5:0c:bb:39: 31:2e:f0:3f:be:f9:e0:bc:c1:26:c0:ea:97:39:29:31:68:5e: 2e:54:38:a4:fb:da:6b:fa:90:9b:fe:96:c8:8c:a0:ce:95:d4: d3:ba:46:16 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUKuT2tQAZyAhmKB3jhnWIkS/I1jcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3 NzdEQTkyNjAeFw0yNTA4MTYxODAyMDlaFw0yNjA4MTUxODA3MDlaMDMxMTAvBgNV BAMTKEE5NTg4Njk3RkU0MTJGNUZGNjI1NkZCNDk4QzE4NjBEQ0FGMDk3QzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWAw1CdSsxVfF4g0JmvPN48Is7 FvqO59firN7N/iVcrf8lWgLNszVv6U/tlz+VafGb+leYRBsTM2p3Ws4DSbp9pRJ2 3NxpzeukRaECA9028ApPwuJNjQzkHNoXCZnXBLtcoprDCFefxeDrzzX1/XoPxN5l E2uXjB7Ko0EZhNjnbbgspHGgyM1l7Nqytdy4sW60OGW6nDI6GCcrjfbSi27bhPEE RBxB9aTegug/t9yyk9UWou5bGrOvdspjE/CoBP8/hPx8SNUQ1Cq5kZ89Uk09BmSK HnQeU2gYKE5ROBFvZAvJQWvWHvyoorzyFr+CV3NJ9zbnFHoAb7QocVos5utFAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQUqViGl/5BL1/2JW+0mMGGDcrwl8EwHwYDVR0j BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3 NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzIzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz MDM5MzEzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1gZIwDQYJKoZIhvcNAQELBQADggEBALKK 4cKch+LzY2LjKMgdaIVtEgWsQ6sGuLVQ5YYyclEzqZB20OM2MY13w8wiejDyx9c1 Y7R/A4hHh/iKqfm4X3uewvBVWjr1QoVvnzeJIxV5Hp9k9qrK6+jb2y6yNf6wokMR dNiuLLgt/Mn+Zc4uRLrUcgRvaSt8d3TCS9ah83qudpJOHj/tJ4QwUiN8GqUfxEia 0Fv3YCw07OTC+VhxT/tsKQkLIqORxZ+J+rwSOK5FgZB6EM9tzex27eqjgRKWeTa2 KO4HrfjnL7BORrecS9s+W5gZtQy7OTEu8D+++eC8wSbA6pc5KTFoXi5UOKT72mv6 kJv+lsiMoM6V1NO6RhY= -----END CERTIFICATE-----Generated at Sat Aug 23 21:15:13 2025 by rpki-client