$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634353a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538303a666634353a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: 8IkTFY6NhSlGUxhiOR1gV0K8W7L2BzrfJSsZgSDz+CM= Subject key identifier: CD:CF:3A:CA:DE:C2:6B:8A:CC:57:D9:CF:1F:20:CD:F8:63:D3:41:A5 Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 0E5713ED1B3675FE84037EBB194670DE9E6F91DE Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634353a3a2f34382d3438203d3e20323134333434.roa Signing time: Thu 01 May 2025 06:31:19 +0000 ROA not before: Thu 01 May 2025 06:26:19 +0000 ROA not after: Thu 30 Apr 2026 06:31:19 +0000 asID: 214344 IP address blocks: 2a14:7580:ff45::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 May 2025 07:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:57:13:ed:1b:36:75:fe:84:03:7e:bb:19:46:70:de:9e:6f:91:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: May 1 06:26:19 2025 GMT Not After : Apr 30 06:31:19 2026 GMT Subject: CN=CDCF3ACADEC26B8ACC57D9CF1F20CDF863D341A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:55:4f:e5:05:8d:c7:c6:70:b2:5b:fa:71:76: 96:65:b7:87:d7:5d:0e:e9:f4:35:f5:f3:6f:87:b4: fa:b6:6b:66:9c:d8:cd:1d:69:de:42:f9:19:57:85: 5e:1d:e3:a5:bd:d1:01:0c:21:31:68:3c:61:c5:95: 87:f0:ab:74:1b:1e:08:b6:b0:09:35:8f:d4:0a:e2: 7e:d5:99:e8:ee:9d:c2:ee:bc:5b:d6:21:13:ff:44: 73:08:ca:20:69:4d:57:9a:43:ed:e4:1c:35:e0:2a: 28:24:51:94:21:a2:8c:38:3e:e1:ca:f2:b5:46:e7: d7:ef:14:cd:29:ff:94:47:5f:04:a0:77:8c:5f:f1: 75:03:bf:70:a3:90:7c:8d:c5:64:8d:f4:41:39:72: 2b:65:ae:14:0b:a1:d1:b1:17:5f:9b:c2:02:02:8f: 87:7d:94:b2:e9:a3:7f:b1:3c:7f:98:be:68:33:37: 4b:7f:70:78:1c:6e:ed:b6:c8:d0:07:d6:e6:5c:e0: 89:26:8a:25:97:7b:c9:18:7f:00:e9:a8:b7:31:0d: a8:da:75:66:a2:72:55:e1:67:67:8d:12:7b:91:b8: 82:32:a6:ff:05:7e:55:83:4d:00:7c:eb:fc:e3:4c: 73:47:27:f2:53:eb:3e:b9:ba:09:ec:e8:1a:74:af: 92:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:CF:3A:CA:DE:C2:6B:8A:CC:57:D9:CF:1F:20:CD:F8:63:D3:41:A5 X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538303a666634353a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ff45::/48 Signature Algorithm: sha256WithRSAEncryption 2b:7d:93:d3:e7:2a:13:81:e7:bf:5f:12:22:7c:b5:99:7a:c5: 0c:ff:d7:01:58:4d:eb:12:7a:f0:d3:6f:af:c1:e4:8a:2a:0f: 1d:34:7b:11:5e:df:e4:94:e7:8c:40:74:44:fd:86:3f:a4:22: 6c:0f:fb:92:49:f5:9e:64:85:d2:f2:1c:29:f6:67:03:0c:dc: 8c:31:63:9c:62:d0:a4:46:5d:b5:9c:cc:e4:36:c9:d8:6a:c0: 97:61:1e:a2:63:b4:8a:3b:a1:69:62:b5:0a:31:42:3b:0f:46: a1:a4:5a:df:f5:d7:0c:44:be:b4:ab:63:29:71:0d:f7:c7:da: 20:89:ef:e9:3d:61:71:07:27:38:cf:26:2b:c3:29:86:a5:9c: a4:de:f0:67:2d:0f:20:3b:81:fb:7c:34:53:ed:7f:29:ec:b5: 21:2a:3d:3e:c0:95:79:41:56:97:b7:ad:27:c5:ff:f7:bd:f2: 1b:7f:f8:e2:49:97:45:7b:3d:b9:ff:a6:ab:51:c8:6f:45:fa: b8:96:68:97:0c:c1:1c:23:aa:58:71:d4:f2:2c:18:42:30:f9: 80:6f:fc:73:6f:ed:78:db:98:af:2b:54:08:9e:91:4a:fe:a5: 97:da:e5:e0:ba:7a:71:d2:3b:81:0d:4c:fa:10:33:66:e3:c8: 50:bf:73:c6 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUDlcT7Rs2df6EA367GUZw3p5vkd4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA1MDEwNjI2MTlaFw0yNjA0MzAwNjMxMTlaMDMxMTAvBgNV BAMTKENEQ0YzQUNBREVDMjZCOEFDQzU3RDlDRjFGMjBDREY4NjNEMzQxQTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgVU/lBY3HxnCyW/pxdpZlt4fX XQ7p9DX182+HtPq2a2ac2M0dad5C+RlXhV4d46W90QEMITFoPGHFlYfwq3QbHgi2 sAk1j9QK4n7VmejuncLuvFvWIRP/RHMIyiBpTVeaQ+3kHDXgKigkUZQhoow4PuHK 8rVG59fvFM0p/5RHXwSgd4xf8XUDv3CjkHyNxWSN9EE5citlrhQLodGxF1+bwgIC j4d9lLLpo3+xPH+YvmgzN0t/cHgcbu22yNAH1uZc4IkmiiWXe8kYfwDpqLcxDaja dWaiclXhZ2eNEnuRuIIypv8FflWDTQB86/zjTHNHJ/JT6z65ugns6Bp0r5JVAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUzc86yt7Ca4rMV9nPHyDN+GPTQaUwHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTY2NjYzNDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gP9FMA0GCSqGSIb3DQEBCwUAA4IBAQAr fZPT5yoTgee/XxIifLWZesUM/9cBWE3rEnrw02+vweSKKg8dNHsRXt/klOeMQHRE /YY/pCJsD/uSSfWeZIXS8hwp9mcDDNyMMWOcYtCkRl21nMzkNsnYasCXYR6iY7SK O6FpYrUKMUI7D0ahpFrf9dcMRL60q2MpcQ33x9ogie/pPWFxByc4zyYrwymGpZyk 3vBnLQ8gO4H7fDRT7X8p7LUhKj0+wJV5QVaXt60nxf/3vfIbf/jiSZdFez25/6ar UchvRfq4lmiXDMEcI6pYcdTyLBhCMPmAb/xzb+1425ivK1QInpFK/qWX2uXgunpx 0juBDUz6EDNm48hQv3PG -----END CERTIFICATE-----Generated at Thu May 8 16:57:10 2025 by rpki-client