$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634323a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538303a666634323a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: 9k9VorkprwzOj4hWnDvwpKS020LK9HlBFwzRrzgLjKw= Subject key identifier: 76:5C:3E:5B:47:89:74:0C:E2:E2:CB:18:2E:53:C8:F1:61:66:72:84 Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 0AC39A734C26839DAB7519C57A95149B94999DB4 Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634323a3a2f34382d3438203d3e20323134333434.roa Signing time: Thu 01 May 2025 06:30:26 +0000 ROA not before: Thu 01 May 2025 06:25:26 +0000 ROA not after: Thu 30 Apr 2026 06:30:26 +0000 asID: 214344 IP address blocks: 2a14:7580:ff42::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 May 2025 15:37:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:c3:9a:73:4c:26:83:9d:ab:75:19:c5:7a:95:14:9b:94:99:9d:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: May 1 06:25:26 2025 GMT Not After : Apr 30 06:30:26 2026 GMT Subject: CN=765C3E5B4789740CE2E2CB182E53C8F161667284 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:7f:b7:60:cb:98:e5:4f:77:fb:a4:90:f4:70: c1:fc:2d:8d:fc:f3:a6:86:8f:f7:74:23:7c:b7:c9: 1d:e8:e2:d7:0b:f1:b6:c2:4b:6c:2f:8e:7e:46:ee: 76:f1:85:f9:ff:9b:81:00:be:34:4e:5e:9b:60:16: 31:6c:8b:38:50:fc:09:25:36:06:e5:53:a7:8e:ea: a5:c1:94:5d:f0:1d:bc:33:b0:e9:8c:73:e5:15:f0: 50:08:aa:a4:45:bc:89:6d:a3:59:27:f2:5c:fb:f2: 35:77:c0:60:6b:30:19:70:a9:41:7c:91:a4:0e:8f: 80:f8:2c:44:05:6e:41:e9:3b:51:a7:59:03:87:3b: f5:7c:e0:b6:4e:09:c5:46:55:c6:a3:59:6b:1c:66: cf:d3:86:b9:4d:dc:a3:2c:94:d9:bc:26:c3:fe:57: fc:ba:0e:32:cf:52:c7:52:c4:96:4f:23:bd:ff:d4: 91:71:92:2d:84:6d:66:f4:0a:e9:b5:7e:82:66:2f: fa:fa:96:25:18:db:9f:7d:b2:67:ff:8a:c7:71:3f: 46:8d:30:85:0c:ec:55:ec:b1:35:2c:20:43:dd:30: 5b:88:b1:5a:90:f3:d1:18:97:14:b4:4b:83:f7:b1: d4:26:6a:88:ad:7b:36:40:db:5b:b1:da:fc:80:b9: e3:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:5C:3E:5B:47:89:74:0C:E2:E2:CB:18:2E:53:C8:F1:61:66:72:84 X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634323a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff42::/48 Signature Algorithm: sha256WithRSAEncryption 23:a9:ef:43:8f:0c:e2:1b:a5:a3:dd:89:88:ad:53:73:d6:02: 97:e4:70:de:b2:c1:aa:23:d0:e6:5d:94:3b:04:16:17:b8:3d: 21:32:84:58:e9:99:74:ba:1b:52:b5:74:21:50:61:7a:2d:c6: 56:4f:45:a2:e6:17:cc:4b:ce:f5:bb:e5:ad:59:53:52:0e:0a: 6a:25:e9:9b:12:f0:66:d8:b1:2c:b8:69:09:ba:a1:4d:34:34: 8a:e7:9c:b2:c0:39:6a:75:77:02:68:a1:aa:2f:80:6e:d0:93: 3e:36:83:97:2a:d3:67:f4:a0:7f:f2:82:bf:b9:d6:65:ab:13: 96:2b:12:12:9b:3e:61:b4:e3:93:f5:78:69:7d:b0:e1:0f:f0: 4a:b3:9c:1d:d6:26:c5:08:62:9d:46:a2:1c:77:70:8e:22:2a: 9d:14:14:9e:95:13:a9:8c:ed:39:6b:ef:cd:a9:b2:86:f8:3e: 11:32:5f:a3:9c:15:21:c2:fb:c0:96:15:46:94:27:12:13:9e: 89:38:8b:1e:e9:35:d3:dc:e2:0e:85:be:85:72:94:87:27:68: 60:97:06:18:2d:bb:5d:c5:94:89:43:93:26:cb:db:f9:97:4d: 35:cf:e4:c3:34:ac:1e:74:56:12:9a:dd:f0:a5:dc:2a:ad:4f: 15:53:fa:24 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUCsOac0wmg52rdRnFepUUm5SZnbQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA1MDEwNjI1MjZaFw0yNjA0MzAwNjMwMjZaMDMxMTAvBgNV BAMTKDc2NUMzRTVCNDc4OTc0MENFMkUyQ0IxODJFNTNDOEYxNjE2NjcyODQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8f7dgy5jlT3f7pJD0cMH8LY38 86aGj/d0I3y3yR3o4tcL8bbCS2wvjn5G7nbxhfn/m4EAvjROXptgFjFsizhQ/Akl NgblU6eO6qXBlF3wHbwzsOmMc+UV8FAIqqRFvIlto1kn8lz78jV3wGBrMBlwqUF8 kaQOj4D4LEQFbkHpO1GnWQOHO/V84LZOCcVGVcajWWscZs/ThrlN3KMslNm8JsP+ V/y6DjLPUsdSxJZPI73/1JFxki2EbWb0Cum1foJmL/r6liUY2599smf/isdxP0aN MIUM7FXssTUsIEPdMFuIsVqQ89EYlxS0S4P3sdQmaoitezZA21ux2vyAueP/AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUdlw+W0eJdAzi4ssYLlPI8WFmcoQwHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP9CMA0GCSqGSIb3DQEBCwUAA4IBAQAj qe9DjwziG6Wj3YmIrVNz1gKX5HDessGqI9DmXZQ7BBYXuD0hMoRY6Zl0uhtStXQh UGF6LcZWT0Wi5hfMS871u+WtWVNSDgpqJembEvBm2LEsuGkJuqFNNDSK55yywDlq dXcCaKGqL4Bu0JM+NoOXKtNn9KB/8oK/udZlqxOWKxISmz5htOOT9XhpfbDhD/BK s5wd1ibFCGKdRqIcd3COIiqdFBSelROpjO05a+/NqbKG+D4RMl+jnBUhwvvAlhVG lCcSE56JOIse6TXT3OIOhb6FcpSHJ2hglwYYLbtdxZSJQ5Mmy9v5l001z+TDNKwe dFYSmt3wpdwqrU8VU/ok -----END CERTIFICATE-----Generated at Thu May 8 07:45:26 2025 by rpki-client