$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634313a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538303a666634313a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: pdCqfiQKAk5mpE38Sur9HB4NVG9NXvRtOzzMMORY0Ss= Subject key identifier: B7:1B:7A:A4:B5:E0:D4:4E:B4:0C:D5:3E:46:09:45:2F:6D:64:76:6B Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 409BF5614A5F0391B0EE3678FCDAAEDCEA9F4161 Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634313a3a2f34382d3438203d3e20323134333434.roa Signing time: Thu 01 May 2025 06:29:49 +0000 ROA not before: Thu 01 May 2025 06:24:49 +0000 ROA not after: Thu 30 Apr 2026 06:29:49 +0000 asID: 214344 IP address blocks: 2a14:7580:ff41::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 May 2025 13:31:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:9b:f5:61:4a:5f:03:91:b0:ee:36:78:fc:da:ae:dc:ea:9f:41:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: May 1 06:24:49 2025 GMT Not After : Apr 30 06:29:49 2026 GMT Subject: CN=B71B7AA4B5E0D44EB40CD53E4609452F6D64766B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ba:44:8d:05:8b:29:99:e2:77:04:10:f1:c4: 75:e9:bd:ad:69:45:7b:ff:2b:43:f3:5a:91:c0:d0: 09:64:1f:3b:e4:47:47:b9:90:5e:08:77:55:31:d6: b0:0d:a3:f9:0e:55:30:7d:46:c3:da:26:5d:07:4b: 90:f9:23:d0:54:df:b0:dc:72:41:ac:33:4b:bd:a1: ed:a0:c2:62:d9:d8:cb:87:7d:72:72:80:3e:71:c0: ea:aa:f2:ac:87:c1:89:68:3c:0d:ac:66:ef:9f:8b: 5e:92:08:b3:3a:41:ea:37:b9:22:de:96:f7:8d:3e: 83:60:1f:1d:1e:f2:3d:47:b0:c8:e5:c4:78:7e:2f: 12:27:83:2a:b6:67:e2:59:d8:bc:80:c0:da:3b:a1: ad:25:1d:10:8a:0d:48:11:93:1e:a8:cf:ad:ad:64: af:78:b6:90:d4:e5:3d:b3:25:62:0a:47:4c:d4:8c: 99:43:9e:62:08:e5:ca:4d:f9:35:a5:62:05:25:39: 50:46:56:73:05:5a:ce:68:27:c5:dc:68:74:8d:f8: 36:2a:98:d7:96:21:ff:6a:fc:60:50:53:6f:70:1f: 90:87:69:95:3d:25:88:94:1d:99:34:b2:e0:92:a6: 1e:0c:f1:b5:fa:d7:92:6b:7a:83:9a:4c:05:9e:eb: c7:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:1B:7A:A4:B5:E0:D4:4E:B4:0C:D5:3E:46:09:45:2F:6D:64:76:6B X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634313a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff41::/48 Signature Algorithm: sha256WithRSAEncryption 1b:77:26:eb:de:97:0c:89:76:2f:18:13:f8:0a:37:4a:a7:2c: 17:ec:80:92:94:5d:c7:47:52:7c:a3:c4:fa:37:33:94:f3:d6: 8c:03:af:a2:bf:c4:0b:5b:b8:77:7e:cd:f4:27:a1:0d:e0:40: 23:3e:99:d1:4e:b1:8b:b2:26:43:01:40:e5:de:4c:ba:d4:20: 97:aa:52:4e:6c:ab:f8:28:85:cd:e7:fa:97:9f:51:aa:1c:10: 99:fc:77:a8:f2:8c:fb:85:6c:e4:55:c8:34:bc:9b:d9:e4:da: c2:14:39:0e:66:8c:b1:6d:79:a7:17:52:1a:6b:a2:92:4b:dc: f8:8b:c7:76:ca:9d:07:51:b8:b5:8e:a5:20:9b:6b:45:3b:33: f5:ee:42:0f:b3:8f:47:56:a7:06:21:53:e3:87:3c:51:4d:8b: 2a:4b:3d:60:28:ba:ed:3a:f8:7f:60:d3:3c:00:18:b5:6d:d4: 18:52:89:46:ee:26:bf:2d:4a:47:af:08:5c:26:2c:c8:cc:d4: 9a:71:54:eb:21:90:76:8b:df:20:94:fa:34:03:64:c9:73:33: af:a2:87:10:bc:17:5e:c3:5b:6d:e3:58:76:e6:7d:50:00:73: f5:24:73:f1:35:4d:22:94:ff:01:f2:91:d6:6e:49:2b:dd:79: b0:5d:62:1e -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUQJv1YUpfA5Gw7jZ4/Nqu3OqfQWEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA1MDEwNjI0NDlaFw0yNjA0MzAwNjI5NDlaMDMxMTAvBgNV BAMTKEI3MUI3QUE0QjVFMEQ0NEVCNDBDRDUzRTQ2MDk0NTJGNkQ2NDc2NkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQukSNBYspmeJ3BBDxxHXpva1p RXv/K0PzWpHA0AlkHzvkR0e5kF4Id1Ux1rANo/kOVTB9RsPaJl0HS5D5I9BU37Dc ckGsM0u9oe2gwmLZ2MuHfXJygD5xwOqq8qyHwYloPA2sZu+fi16SCLM6Qeo3uSLe lveNPoNgHx0e8j1HsMjlxHh+LxIngyq2Z+JZ2LyAwNo7oa0lHRCKDUgRkx6oz62t ZK94tpDU5T2zJWIKR0zUjJlDnmII5cpN+TWlYgUlOVBGVnMFWs5oJ8XcaHSN+DYq mNeWIf9q/GBQU29wH5CHaZU9JYiUHZk0suCSph4M8bX615JreoOaTAWe68ehAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUtxt6pLXg1E60DNU+RglFL21kdmswHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP9BMA0GCSqGSIb3DQEBCwUAA4IBAQAb dybr3pcMiXYvGBP4CjdKpywX7ICSlF3HR1J8o8T6NzOU89aMA6+iv8QLW7h3fs30 J6EN4EAjPpnRTrGLsiZDAUDl3ky61CCXqlJObKv4KIXN5/qXn1GqHBCZ/Heo8oz7 hWzkVcg0vJvZ5NrCFDkOZoyxbXmnF1Iaa6KSS9z4i8d2yp0HUbi1jqUgm2tFOzP1 7kIPs49HVqcGIVPjhzxRTYsqSz1gKLrtOvh/YNM8ABi1bdQYUolG7ia/LUpHrwhc JizIzNSacVTrIZB2i98glPo0A2TJczOvoocQvBdew1tt41h25n1QAHP1JHPxNU0i lP8B8pHWbkkr3XmwXWIe -----END CERTIFICATE-----Generated at Wed May 7 17:12:10 2025 by rpki-client