$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663566303a3a2f34342d3438203d3e20323135373532.roa File: 326131343a373538333a663566303a3a2f34342d3438203d3e20323135373532.roa (raw, json) Hash identifier: CQeQBv1si6HjY/pqPKCiw+E43BXtrCR5FS8uJNoFCsQ= Subject key identifier: 73:4E:8C:08:60:00:9D:E0:25:A9:9C:CC:9A:C4:BF:03:BA:0E:AD:3A Certificate issuer: /CN=8BD4F7EBFF9763C061D537B8A1D0872D70697632 Certificate serial: 099893399E336091770640B53389362777A326C3 Authority key identifier: 8B:D4:F7:EB:FF:97:63:C0:61:D5:37:B8:A1:D0:87:2D:70:69:76:32 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663566303a3a2f34342d3438203d3e20323135373532.roa Signing time: Wed 10 Sep 2025 15:46:57 +0000 ROA not before: Wed 10 Sep 2025 15:41:57 +0000 ROA not after: Wed 09 Sep 2026 15:46:57 +0000 asID: 215752 IP address blocks: 2a14:7583:f5f0::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.crl rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 15:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:98:93:39:9e:33:60:91:77:06:40:b5:33:89:36:27:77:a3:26:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BD4F7EBFF9763C061D537B8A1D0872D70697632 Validity Not Before: Sep 10 15:41:57 2025 GMT Not After : Sep 9 15:46:57 2026 GMT Subject: CN=734E8C0860009DE025A99CCC9AC4BF03BA0EAD3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:a8:ee:89:2b:55:fd:b7:4d:96:a7:75:e5:e1: 5e:b7:13:f3:d1:e7:40:44:f4:cc:17:58:0d:6d:0b: 22:9a:72:8e:f8:33:87:90:f6:09:0a:73:b0:66:8f: 5f:4c:32:e2:96:f1:3b:1e:e5:a3:65:21:5e:97:16: a7:38:b2:b2:01:0a:8e:b5:df:77:96:a2:92:df:1e: 0c:9c:bf:9c:2e:19:68:17:d9:f2:b6:24:46:a3:c7: 63:5a:fa:af:a3:48:7f:1f:b7:dd:e5:d8:b9:cf:e3: 15:c3:f6:33:c5:74:fd:e9:8d:3d:1b:9f:e8:c1:0a: de:2d:6f:4d:a6:37:de:5e:df:1d:3d:1d:c3:a7:57: 93:94:1e:c5:d9:a7:08:47:83:25:4b:79:6c:65:5e: 7a:43:2a:ff:83:16:eb:6f:83:81:8a:89:0a:bb:7e: 2b:50:7c:ed:82:08:79:4e:2f:e4:67:48:f9:bf:00: 1f:d0:15:18:a5:67:76:ba:e2:5c:9f:6f:ed:0b:07: 69:0d:b5:1c:55:a1:f6:5b:f3:25:05:d4:53:ec:ab: 7e:da:1e:0a:5f:8f:02:90:23:a9:fe:80:a6:33:07: bd:2d:4e:ac:d6:56:8f:45:a9:15:48:e1:b5:30:f2: b7:73:50:70:3c:8e:69:fc:11:a7:b3:69:57:d6:e7: 34:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:4E:8C:08:60:00:9D:E0:25:A9:9C:CC:9A:C4:BF:03:BA:0E:AD:3A X509v3 Authority Key Identifier: keyid:8B:D4:F7:EB:FF:97:63:C0:61:D5:37:B8:A1:D0:87:2D:70:69:76:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/8BD4F7EBFF9763C061D537B8A1D0872D70697632.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8BD4F7EBFF9763C061D537B8A1D0872D70697632.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87d8db71-a5be-464c-a8b9-8b7b374ae3fa/1/326131343a373538333a663566303a3a2f34342d3438203d3e20323135373532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:f5f0::/44 Signature Algorithm: sha256WithRSAEncryption c4:c7:87:da:ae:ab:9d:0a:61:56:9b:c8:a4:a1:f5:09:50:df: f7:1e:96:b6:bd:6f:ef:26:84:26:79:3e:39:7f:0c:ac:50:95: 6f:78:96:b6:f8:94:61:37:08:8e:a0:1b:9c:c9:4f:a4:bd:32: e0:93:68:e9:73:bb:43:c1:5b:d6:d9:e8:ef:e2:fa:9a:99:c5: e6:23:73:6a:ba:56:b1:ad:d3:92:35:7c:e0:c6:82:a2:a2:a9: 77:d3:43:2d:bd:08:b5:3f:e8:94:8b:a4:b1:5a:89:47:af:d0: 25:38:1b:82:4d:10:46:09:26:0b:56:3a:3a:1e:65:62:f9:39: f1:22:30:90:bc:49:36:92:ab:16:c0:fb:2f:87:a6:11:c8:b7: b6:54:0f:de:a8:54:22:d3:e6:88:2f:31:d5:f0:34:f0:2a:10: 80:65:ff:4c:61:26:8d:fc:59:12:ae:7e:05:d9:54:a4:65:e0: 38:ec:71:ab:35:b7:f1:49:b4:20:06:86:b7:36:1f:68:17:e1: dc:fd:b2:0d:bd:1b:fb:d7:61:bd:d4:57:9d:32:de:61:d2:0b: e5:8a:44:b3:34:30:e8:d2:ff:4e:94:16:2b:29:6f:d2:a5:55: 8c:76:5b:e8:7f:27:bf:48:f6:99:c4:e9:91:c9:d2:f2:5a:72: 53:68:39:0e -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUCZiTOZ4zYJF3BkC1M4k2J3ejJsMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJENEY3RUJGRjk3NjNDMDYxRDUzN0I4QTFEMDg3MkQ3 MDY5NzYzMjAeFw0yNTA5MTAxNTQxNTdaFw0yNjA5MDkxNTQ2NTdaMDMxMTAvBgNV BAMTKDczNEU4QzA4NjAwMDlERTAyNUE5OUNDQzlBQzRCRjAzQkEwRUFEM0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWqO6JK1X9t02Wp3Xl4V63E/PR 50BE9MwXWA1tCyKaco74M4eQ9gkKc7Bmj19MMuKW8Tse5aNlIV6XFqc4srIBCo61 33eWopLfHgycv5wuGWgX2fK2JEajx2Na+q+jSH8ft93l2LnP4xXD9jPFdP3pjT0b n+jBCt4tb02mN95e3x09HcOnV5OUHsXZpwhHgyVLeWxlXnpDKv+DFutvg4GKiQq7 fitQfO2CCHlOL+RnSPm/AB/QFRilZ3a64lyfb+0LB2kNtRxVofZb8yUF1FPsq37a HgpfjwKQI6n+gKYzB70tTqzWVo9FqRVI4bUw8rdzUHA8jmn8EaezaVfW5zQ1AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUc06MCGAAneAlqZzMmsS/A7oOrTowHwYDVR0j BBgwFoAUi9T36/+XY8Bh1Te4odCHLXBpdjIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODdkOGRiNzEtYTViZS00NjRjLWE4YjktOGI3YjM3NGFl M2ZhLzEvOEJENEY3RUJGRjk3NjNDMDYxRDUzN0I4QTFEMDg3MkQ3MDY5NzYzMi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84QkQ0RjdFQkZGOTc2M0MwNjFENTM3QjhB MUQwODcyRDcwNjk3NjMyLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS84N2Q4ZGI3MS1hNWJlLTQ2NGMtYThiOS04YjdiMzc0YWUzZmEvMS8zMjYxMzEz NDNhMzczNTM4MzMzYTY2MzU2NjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz MTM1MzczNTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1g/XwMA0GCSqGSIb3DQEBCwUAA4IBAQDE x4farqudCmFWm8ikofUJUN/3Hpa2vW/vJoQmeT45fwysUJVveJa2+JRhNwiOoBuc yU+kvTLgk2jpc7tDwVvW2ejv4vqamcXmI3NqulaxrdOSNXzgxoKioql300MtvQi1 P+iUi6SxWolHr9AlOBuCTRBGCSYLVjo6HmVi+TnxIjCQvEk2kqsWwPsvh6YRyLe2 VA/eqFQi0+aILzHV8DTwKhCAZf9MYSaN/FkSrn4F2VSkZeA47HGrNbfxSbQgBoa3 Nh9oF+Hc/bINvRv712G91FedMt5h0gvlikSzNDDo0v9OlBYrKW/SpVWMdlvofye/ SPaZxOmRydLyWnJTaDkO -----END CERTIFICATE-----Generated at Mon Oct 20 00:49:27 2025 by rpki-client