$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634303a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538303a666634303a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: dPCGiKkWz0E9rMprVOstBFLQuVK9OG6CBSKX+fk7UXw= Subject key identifier: 49:B4:F9:F8:29:C7:B5:97:0C:76:C1:1F:DE:A7:83:51:77:D2:F2:08 Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 7DC3B72D1F7AB7F1BA599D13ED6F2AB60FD8221E Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634303a3a2f34382d3438203d3e20323134333434.roa Signing time: Thu 01 May 2025 06:29:37 +0000 ROA not before: Thu 01 May 2025 06:24:37 +0000 ROA not after: Thu 30 Apr 2026 06:29:37 +0000 asID: 214344 IP address blocks: 2a14:7580:ff40::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 May 2025 11:37:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:c3:b7:2d:1f:7a:b7:f1:ba:59:9d:13:ed:6f:2a:b6:0f:d8:22:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: May 1 06:24:37 2025 GMT Not After : Apr 30 06:29:37 2026 GMT Subject: CN=49B4F9F829C7B5970C76C11FDEA7835177D2F208 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:4b:f8:ab:07:b6:b0:fc:f6:b7:0a:9d:90:19: 0e:e1:c3:f6:3e:31:bd:e0:2e:bb:48:d1:6a:1f:8b: 3f:94:38:9b:21:2f:f4:d1:55:c0:74:3f:85:c6:36: ee:c4:1e:7f:da:98:14:57:30:ba:d2:45:56:fc:c1: f3:ac:ac:88:56:a9:9b:7c:b1:e9:10:72:d7:0d:d9: 1b:af:4f:04:60:23:c0:3e:a9:0f:95:00:d9:ed:46: 36:a2:0c:46:89:38:e2:68:0a:a5:ee:d6:6f:ff:0b: 86:e0:30:1d:f7:ec:90:84:c2:4a:8d:3e:14:e4:23: 5d:b2:0e:ab:6c:5f:b0:1c:84:30:72:b7:14:0c:3d: 29:fc:bf:1f:68:a1:e0:9c:ad:f3:22:08:cc:af:3b: 2c:e1:07:09:ad:dd:8e:f7:84:31:33:fe:4a:19:9e: ed:dc:6a:a7:23:ea:95:1d:83:68:3b:1c:19:01:e1: d7:cd:17:23:ed:65:d7:68:fd:64:a5:1c:59:10:8f: 2f:40:09:f6:9f:d8:56:09:ab:7a:c0:22:6a:c2:30: 19:c1:01:8f:82:69:61:c2:07:5c:b7:86:5f:95:dc: 93:ed:1e:db:2c:74:22:61:30:41:33:c6:4c:ec:8e: 5f:87:48:b2:b6:cd:88:c7:32:43:47:e1:36:5f:dc: 0f:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B4:F9:F8:29:C7:B5:97:0C:76:C1:1F:DE:A7:83:51:77:D2:F2:08 X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634303a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff40::/48 Signature Algorithm: sha256WithRSAEncryption 15:7a:a3:96:0f:32:57:dc:6c:4a:29:a4:19:bb:e9:40:6c:7b: fa:86:dd:0a:34:1b:75:7e:eb:44:83:b9:0b:a1:87:ce:90:01: 73:bd:3b:01:f8:de:45:5c:4f:ae:65:94:88:dc:a5:0c:85:75: eb:5e:38:4e:ed:0e:2c:e6:92:b2:35:fc:d8:fc:47:ff:c7:40: 9a:16:cc:bf:4c:1e:96:8b:be:cc:e6:86:85:6a:86:4c:60:10: 72:45:df:8b:df:40:34:b1:fa:f0:20:ce:41:09:17:52:1f:64: 04:b1:4e:80:19:68:d5:94:ea:4b:97:5d:87:02:ca:dc:88:3c: e3:fb:f8:e6:36:03:78:67:cb:49:fd:e6:97:c3:60:6d:98:93: a5:d3:4b:05:ef:68:85:9f:39:dc:6d:67:bd:47:1f:fe:2c:e5: a3:d6:48:69:46:c7:df:fe:b9:02:b7:6c:a8:3b:e1:95:dd:0d: b4:3e:4e:4b:ba:15:89:8f:96:2f:47:a8:84:fa:60:a4:d1:31: 23:b8:4e:1d:bd:b1:14:19:ac:3c:3a:2a:9d:71:c9:ae:42:77: 3e:e4:c2:de:77:66:8c:b3:5d:25:e6:ba:e5:72:04:69:d8:c4: 89:5d:2f:71:27:15:4e:88:17:a3:c3:1b:a4:73:49:de:06:41: 45:4e:cc:69 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUfcO3LR96t/G6WZ0T7W8qtg/YIh4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA1MDEwNjI0MzdaFw0yNjA0MzAwNjI5MzdaMDMxMTAvBgNV BAMTKDQ5QjRGOUY4MjlDN0I1OTcwQzc2QzExRkRFQTc4MzUxNzdEMkYyMDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaS/irB7aw/Pa3Cp2QGQ7hw/Y+ Mb3gLrtI0Wofiz+UOJshL/TRVcB0P4XGNu7EHn/amBRXMLrSRVb8wfOsrIhWqZt8 sekQctcN2RuvTwRgI8A+qQ+VANntRjaiDEaJOOJoCqXu1m//C4bgMB337JCEwkqN PhTkI12yDqtsX7AchDBytxQMPSn8vx9ooeCcrfMiCMyvOyzhBwmt3Y73hDEz/koZ nu3caqcj6pUdg2g7HBkB4dfNFyPtZddo/WSlHFkQjy9ACfaf2FYJq3rAImrCMBnB AY+CaWHCB1y3hl+V3JPtHtssdCJhMEEzxkzsjl+HSLK2zYjHMkNH4TZf3A+FAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUSbT5+CnHtZcMdsEf3qeDUXfS8ggwHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP9AMA0GCSqGSIb3DQEBCwUAA4IBAQAV eqOWDzJX3GxKKaQZu+lAbHv6ht0KNBt1futEg7kLoYfOkAFzvTsB+N5FXE+uZZSI 3KUMhXXrXjhO7Q4s5pKyNfzY/Ef/x0CaFsy/TB6Wi77M5oaFaoZMYBByRd+L30A0 sfrwIM5BCRdSH2QEsU6AGWjVlOpLl12HAsrciDzj+/jmNgN4Z8tJ/eaXw2BtmJOl 00sF72iFnzncbWe9Rx/+LOWj1khpRsff/rkCt2yoO+GV3Q20Pk5LuhWJj5YvR6iE +mCk0TEjuE4dvbEUGaw8OiqdccmuQnc+5MLed2aMs10l5rrlcgRp2MSJXS9xJxVO iBejwxukc0neBkFFTsxp -----END CERTIFICATE-----Generated at Fri May 9 02:45:58 2025 by rpki-client