$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393930313a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538313a393930313a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: i94AFUzw6e810fYgj7x6pZ8Yx8k5H6Glrkwkeys08UU= Subject key identifier: 99:14:EF:BD:97:B2:1A:71:A9:77:F8:7F:1B:A3:7A:A5:89:39:8E:AD Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 264076D8014F7F8B3B3FFEC06D71CFE75723F797 Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393930313a3a2f34382d3438203d3e20323134333434.roa Signing time: Mon 28 Apr 2025 16:23:10 +0000 ROA not before: Mon 28 Apr 2025 16:18:10 +0000 ROA not after: Mon 27 Apr 2026 16:23:10 +0000 asID: 214344 IP address blocks: 2a14:7581:9901::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 May 2025 17:45:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:40:76:d8:01:4f:7f:8b:3b:3f:fe:c0:6d:71:cf:e7:57:23:f7:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: Apr 28 16:18:10 2025 GMT Not After : Apr 27 16:23:10 2026 GMT Subject: CN=9914EFBD97B21A71A977F87F1BA37AA589398EAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:4f:30:b6:31:e0:70:a1:ba:83:63:01:7c:23: 58:7f:b6:07:3f:fd:a7:1c:b8:6f:d3:9f:1d:c4:77: ca:cd:7d:71:55:e7:62:8f:b4:c6:9c:f2:ba:bd:44: 9b:02:bf:14:e8:71:f9:53:76:09:66:ac:30:ab:9f: b2:aa:5e:55:5a:08:68:dc:10:76:18:2d:51:d3:4f: bc:78:b7:54:d4:67:2c:84:a8:50:85:dc:90:7d:8c: d6:09:33:4a:9c:12:26:1e:9c:cd:4f:2d:f0:fe:f0: fa:23:f6:91:a2:ad:a5:7c:28:ce:a6:8b:75:17:f7: 82:ec:a0:31:e8:e1:24:e8:c0:7e:e8:85:30:c7:bb: 3b:4e:e6:0b:b3:32:2f:23:cf:fb:47:84:c5:3a:96: 07:a2:63:55:63:45:0f:45:0f:dd:70:ae:bf:7f:0d: 41:df:19:01:c3:56:e1:db:9c:ab:ac:35:79:02:50: e7:a8:64:b6:1f:bb:de:03:19:04:a6:84:89:bd:7e: c7:33:d1:b3:2f:56:74:fe:c3:69:20:70:ca:9d:13: 81:50:c7:39:46:37:fb:02:73:8f:b5:8e:69:6a:e6: 5c:81:05:c2:df:41:d6:32:fd:50:7b:34:96:ef:92: c3:e1:cc:b7:8f:6e:3f:34:38:e8:63:ce:00:c5:a5: 5f:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:14:EF:BD:97:B2:1A:71:A9:77:F8:7F:1B:A3:7A:A5:89:39:8E:AD X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393930313a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9901::/48 Signature Algorithm: sha256WithRSAEncryption 20:54:28:83:51:ea:ee:5d:38:64:e8:7a:16:bd:9e:e4:57:a5: 27:5e:ba:e3:09:a5:04:06:39:1e:98:08:33:e0:c6:94:99:1b: e0:43:ff:45:1d:6b:c9:0d:73:25:2f:fd:c1:fa:fd:8b:80:12: ca:7a:93:25:6e:1a:d7:d2:76:06:13:9a:d5:e3:1b:14:2a:42: c7:9c:45:32:74:bf:1b:41:c7:85:07:c9:ac:9e:b8:13:cf:d7: fd:c0:ee:5a:2d:9d:0d:b2:7b:1e:ed:49:63:7c:34:31:3f:08: 7b:6b:a2:57:f6:17:26:4e:94:33:e6:a1:a9:38:cc:f2:72:1c: 30:82:85:ea:2d:b2:6d:6a:fd:9a:8a:b2:7e:bd:69:54:30:49: 25:ed:60:76:8e:44:12:c1:ea:d7:dc:3e:40:35:7a:56:69:04: 54:0e:cd:9f:51:25:9b:de:79:42:ca:14:94:7d:74:92:a9:68: 11:b2:a2:e6:08:7b:5c:ff:f2:9b:e8:67:36:53:ab:78:d1:3d: f9:26:64:ab:0c:1f:09:5d:1f:9d:c5:8a:80:49:cd:8f:99:29: 5a:dd:2f:2d:5a:d8:21:0d:1e:14:ed:27:7b:91:71:8d:87:f5: e4:c0:ec:c7:f2:48:3c:13:bc:bf:e7:94:30:25:37:d5:b2:58: 56:29:0f:76 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUJkB22AFPf4s7P/7AbXHP51cj95cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA0MjgxNjE4MTBaFw0yNjA0MjcxNjIzMTBaMDMxMTAvBgNV BAMTKDk5MTRFRkJEOTdCMjFBNzFBOTc3Rjg3RjFCQTM3QUE1ODkzOThFQUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtTzC2MeBwobqDYwF8I1h/tgc/ /accuG/Tnx3Ed8rNfXFV52KPtMac8rq9RJsCvxTocflTdglmrDCrn7KqXlVaCGjc EHYYLVHTT7x4t1TUZyyEqFCF3JB9jNYJM0qcEiYenM1PLfD+8Poj9pGiraV8KM6m i3UX94LsoDHo4STowH7ohTDHuztO5guzMi8jz/tHhMU6lgeiY1VjRQ9FD91wrr9/ DUHfGQHDVuHbnKusNXkCUOeoZLYfu94DGQSmhIm9fscz0bMvVnT+w2kgcMqdE4FQ xzlGN/sCc4+1jmlq5lyBBcLfQdYy/VB7NJbvksPhzLePbj80OOhjzgDFpV9nAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUmRTvvZeyGnGpd/h/G6N6pYk5jq0wHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzkzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZkBMA0GCSqGSIb3DQEBCwUAA4IBAQAg VCiDUeruXThk6HoWvZ7kV6UnXrrjCaUEBjkemAgz4MaUmRvgQ/9FHWvJDXMlL/3B +v2LgBLKepMlbhrX0nYGE5rV4xsUKkLHnEUydL8bQceFB8msnrgTz9f9wO5aLZ0N snse7UljfDQxPwh7a6JX9hcmTpQz5qGpOMzychwwgoXqLbJtav2airJ+vWlUMEkl 7WB2jkQSwerX3D5ANXpWaQRUDs2fUSWb3nlCyhSUfXSSqWgRsqLmCHtc//Kb6Gc2 U6t40T35JmSrDB8JXR+dxYqASc2PmSla3S8tWtghDR4U7Sd7kXGNh/XkwOzH8kg8 E7y/55QwJTfVslhWKQ92 -----END CERTIFICATE-----Generated at Thu May 8 08:52:42 2025 by rpki-client