$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663532613a3a2f34382d3438203d3e20323133363035.roa File: 326131343a373538333a663532613a3a2f34382d3438203d3e20323133363035.roa (raw, json) Hash identifier: aV7gG9d5Jm1xL7quU3kvraReedZSPl0atIf2oiaL4bI= Subject key identifier: 55:03:CF:9B:DE:CA:A2:A8:A2:C7:9B:A3:45:D5:CA:C9:1D:ED:35:EF Certificate issuer: /CN=8BD4F7EBFF9763C061D537B8A1D0872D70697632 Certificate serial: 267D5AAA2044B5AEAB0FD2AB7E386603758E8DBB Authority key identifier: 8B:D4:F7:EB:FF:97:63:C0:61:D5:37:B8:A1:D0:87:2D:70:69:76:32 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663532613a3a2f34382d3438203d3e20323133363035.roa Signing time: Fri 26 Sep 2025 12:35:12 +0000 ROA not before: Fri 26 Sep 2025 12:30:12 +0000 ROA not after: Fri 25 Sep 2026 12:35:12 +0000 asID: 213605 IP address blocks: 2a14:7583:f52a::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.crl rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 18:52:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:7d:5a:aa:20:44:b5:ae:ab:0f:d2:ab:7e:38:66:03:75:8e:8d:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BD4F7EBFF9763C061D537B8A1D0872D70697632 Validity Not Before: Sep 26 12:30:12 2025 GMT Not After : Sep 25 12:35:12 2026 GMT Subject: CN=5503CF9BDECAA2A8A2C79BA345D5CAC91DED35EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ca:9d:3c:71:bd:da:18:54:91:e4:9c:3e:f3: 61:f9:08:77:28:30:af:cc:64:14:11:f6:41:9c:d1: 34:50:ca:77:9f:1a:e3:05:48:bc:9e:51:98:ef:fb: 74:f4:88:19:c0:e9:80:92:18:00:4a:db:49:cd:b0: a6:f1:66:ec:36:6d:8a:07:d7:38:3a:6e:be:16:6e: 18:d8:82:fc:8c:d5:2c:8a:9d:76:32:e8:3f:7b:b9: 87:0e:23:02:37:bf:c8:63:02:c3:88:ad:57:5b:c2: 68:ba:0a:4d:8a:db:a4:64:ca:68:57:8c:63:de:3e: 05:24:cf:9a:5a:ba:50:10:62:4e:6a:49:78:8d:a9: 9c:49:c5:c5:f4:c0:03:ea:28:aa:87:ca:10:fc:a5: e5:0a:b4:5b:b5:22:53:da:73:b8:3e:47:99:a1:01: d8:61:52:79:85:6e:7b:31:89:25:67:5b:92:a5:f1: cc:4d:c2:f3:90:6a:de:cf:7b:12:60:b9:cb:09:71: d7:5a:a4:11:f4:d0:e8:6f:55:d6:fe:db:4d:bc:75: 0e:22:bf:22:a3:a6:a6:e0:91:4b:20:ee:1b:74:b5: 2d:16:4f:26:14:ef:82:bd:64:69:6a:ea:d2:0b:7e: 7e:fb:14:22:75:36:e3:36:40:35:76:56:66:94:c2: 71:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:03:CF:9B:DE:CA:A2:A8:A2:C7:9B:A3:45:D5:CA:C9:1D:ED:35:EF X509v3 Authority Key Identifier: keyid:8B:D4:F7:EB:FF:97:63:C0:61:D5:37:B8:A1:D0:87:2D:70:69:76:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663532613a3a2f34382d3438203d3e20323133363035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:f52a::/48 Signature Algorithm: sha256WithRSAEncryption 96:a9:1b:e2:27:81:bc:97:3d:d5:94:94:3e:98:28:93:d7:aa: 82:41:33:7f:81:4a:9a:97:b7:f9:08:c1:52:7b:33:f6:d4:2d: 2b:ac:ea:b3:a7:67:49:de:92:9f:4e:5e:03:d8:ec:24:a8:94: 91:e8:3a:f7:82:e7:89:c5:50:a5:4d:71:17:f1:c5:b2:2a:f4: eb:1f:14:5f:c2:21:62:a3:89:9e:fd:9c:30:eb:37:a9:e4:7c: 10:07:ed:54:dd:16:d5:3a:59:46:3b:53:e7:9e:18:06:a3:fc: 51:04:58:33:fc:5c:f6:ac:e5:a7:35:7f:18:e0:cb:a9:3c:b9: d0:38:eb:43:a1:03:0a:5e:79:84:39:ef:b8:98:88:27:62:0f: 2e:e9:8d:dc:7f:a9:4b:1a:ba:fe:2f:c8:57:a3:1f:7e:ff:83: 2f:91:14:d8:cd:ca:fd:61:74:ef:e3:04:33:46:5b:f7:eb:09: 17:37:a6:70:89:f0:a5:70:ca:c9:bb:11:40:07:c4:1b:67:fc: 33:ec:95:de:6a:6b:b3:64:0c:33:31:09:04:9b:6e:79:1b:58: fd:d4:6e:11:88:cc:d6:a5:3c:96:1f:f2:84:1c:da:d4:ea:f5: ce:bb:7a:93:74:3c:42:61:ab:c5:3a:d3:8e:40:66:1f:3b:48: 04:d1:b9:64 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUJn1aqiBEta6rD9KrfjhmA3WOjbswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJENEY3RUJGRjk3NjNDMDYxRDUzN0I4QTFEMDg3MkQ3 MDY5NzYzMjAeFw0yNTA5MjYxMjMwMTJaFw0yNjA5MjUxMjM1MTJaMDMxMTAvBgNV BAMTKDU1MDNDRjlCREVDQUEyQThBMkM3OUJBMzQ1RDVDQUM5MURFRDM1RUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDyp08cb3aGFSR5Jw+82H5CHco MK/MZBQR9kGc0TRQynefGuMFSLyeUZjv+3T0iBnA6YCSGABK20nNsKbxZuw2bYoH 1zg6br4WbhjYgvyM1SyKnXYy6D97uYcOIwI3v8hjAsOIrVdbwmi6Ck2K26RkymhX jGPePgUkz5paulAQYk5qSXiNqZxJxcX0wAPqKKqHyhD8peUKtFu1IlPac7g+R5mh AdhhUnmFbnsxiSVnW5Kl8cxNwvOQat7PexJgucsJcddapBH00OhvVdb+2028dQ4i vyKjpqbgkUsg7ht0tS0WTyYU74K9ZGlq6tILfn77FCJ1NuM2QDV2VmaUwnG1AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUVQPPm97Koqiix5ujRdXKyR3tNe8wHwYDVR0j BBgwFoAUi9T36/+XY8Bh1Te4odCHLXBpdjIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODdkOGRiNzEtYTViZS00NjRjLWE4YjktOGI3YjM3NGFl M2ZhLzEvOEJENEY3RUJGRjk3NjNDMDYxRDUzN0I4QTFEMDg3MkQ3MDY5NzYzMi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84QkQ0RjdFQkZGOTc2M0MwNjFENTM3QjhB MUQwODcyRDcwNjk3NjMyLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84N2Q4ZGI3MS1hNWJlLTQ2NGMtYThiOS04YjdiMzc0YWUzZmEvMS8zMjYxMzEz NDNhMzczNTM4MzMzYTY2MzUzMjYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTMzMzYzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1g/UqMA0GCSqGSIb3DQEBCwUAA4IBAQCW qRviJ4G8lz3VlJQ+mCiT16qCQTN/gUqal7f5CMFSezP21C0rrOqzp2dJ3pKfTl4D 2OwkqJSR6Dr3gueJxVClTXEX8cWyKvTrHxRfwiFio4me/Zww6zep5HwQB+1U3RbV OllGO1PnnhgGo/xRBFgz/Fz2rOWnNX8Y4MupPLnQOOtDoQMKXnmEOe+4mIgnYg8u 6Y3cf6lLGrr+L8hXox9+/4MvkRTYzcr9YXTv4wQzRlv36wkXN6ZwifClcMrJuxFA B8QbZ/wz7JXeamuzZAwzMQkEm255G1j91G4RiMzWpTyWH/KEHNrU6vXOu3qTdDxC YavFOtOOQGYfO0gE0blk -----END CERTIFICATE-----Generated at Mon Oct 20 11:56:11 2025 by rpki-client