$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393930353a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538313a393930353a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: 0tk68iktR4A+Tmx1ow+QCPfURRQdgNg7+hqUgrcV4SU= Subject key identifier: B7:57:37:B1:18:E1:07:D6:A4:E6:FD:89:27:6F:50:F9:30:54:52:DF Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 557C6506CFFE2DBE10420B73D8BB99058B4B1C1F Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393930353a3a2f34382d3438203d3e20323134333434.roa Signing time: Mon 28 Apr 2025 16:23:57 +0000 ROA not before: Mon 28 Apr 2025 16:18:57 +0000 ROA not after: Mon 27 Apr 2026 16:23:57 +0000 asID: 214344 IP address blocks: 2a14:7581:9905::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 May 2025 03:56:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:7c:65:06:cf:fe:2d:be:10:42:0b:73:d8:bb:99:05:8b:4b:1c:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: Apr 28 16:18:57 2025 GMT Not After : Apr 27 16:23:57 2026 GMT Subject: CN=B75737B118E107D6A4E6FD89276F50F9305452DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:d0:e5:c4:1d:e1:ae:f4:f4:64:f5:6e:ae:16: 49:1d:01:38:4b:62:10:ed:ae:77:93:8d:7d:4a:63: be:b1:20:bc:ef:71:87:87:9e:ec:87:41:8f:be:97: 78:75:92:cb:08:d5:8a:4c:78:c1:06:13:fe:df:2c: 3e:ce:82:c0:8b:bc:88:69:9b:96:ff:6d:47:05:43: 02:2c:59:07:23:df:1c:e3:35:c6:c6:95:0a:96:a6: d0:cf:6f:de:58:62:5e:25:83:0f:93:c4:a1:26:b6: 4b:bc:0d:62:ac:1b:66:a0:b1:f3:86:45:91:61:10: 0d:0d:8d:98:fa:87:f8:58:89:34:dc:ce:3e:a0:04: d9:d4:0e:13:41:48:cb:c6:8f:90:52:59:da:51:93: df:7c:00:d6:ac:3c:60:1e:03:bd:b2:06:73:88:bf: 27:00:76:14:dc:fb:70:eb:f7:f5:72:11:3e:ea:1b: c7:a0:a7:44:7a:1b:77:90:fa:40:58:e1:0f:26:83: 37:71:ff:e9:e0:ee:66:dc:6a:e3:64:a8:16:e0:24: 41:e2:92:77:7c:e3:fb:c0:e1:ef:57:2b:b6:cd:65: d7:67:eb:8c:a8:c2:30:79:a1:30:f7:26:31:55:b5: 63:0a:b0:56:a9:81:d6:39:42:b1:67:e9:c2:24:cb: cf:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:57:37:B1:18:E1:07:D6:A4:E6:FD:89:27:6F:50:F9:30:54:52:DF X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393930353a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9905::/48 Signature Algorithm: sha256WithRSAEncryption 2c:8d:75:2d:23:75:16:63:a0:70:14:1e:15:aa:7e:f3:9d:b2: ba:b3:1e:7a:ab:2f:7e:6b:31:7e:4b:7b:7e:99:2c:b9:13:ce: e6:c4:22:a5:59:88:69:93:96:64:de:7a:a6:10:f7:61:99:f9: 68:43:9b:cd:aa:c7:a4:bc:0b:07:0e:b1:9e:b2:06:18:f7:21: 4b:92:73:1a:aa:42:80:23:7e:47:ad:b5:1f:1d:1a:d5:04:06: 18:35:50:2c:93:42:de:b9:8f:ca:84:62:ff:d3:ca:c9:96:2a: e0:e7:5c:d8:aa:94:bc:b9:83:49:76:2b:c6:1e:ab:be:28:27: a9:ab:71:6b:b5:88:71:b2:a1:9c:64:dc:5b:dc:b8:91:7f:63: bc:82:f1:52:34:5d:f0:93:9f:7c:00:8f:9c:7c:c1:e5:6a:4d: b2:7e:fd:32:82:20:5c:79:6e:ab:5a:9b:0d:25:7e:4e:e8:32: 72:c7:0a:eb:dc:04:29:37:7e:28:2c:e2:25:55:83:3e:71:79: 6f:8a:4d:47:ca:c4:7f:0e:1f:3a:1c:ad:5b:fc:d3:d0:87:3a: af:4d:47:01:16:56:aa:b7:6b:4f:9b:0e:6c:7f:3b:59:4b:5c: c4:5e:db:9a:cd:cb:c8:54:24:e6:a2:35:7a:8f:b0:d5:e2:11: 5c:25:44:d5 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUVXxlBs/+Lb4QQgtz2LuZBYtLHB8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA0MjgxNjE4NTdaFw0yNjA0MjcxNjIzNTdaMDMxMTAvBgNV BAMTKEI3NTczN0IxMThFMTA3RDZBNEU2RkQ4OTI3NkY1MEY5MzA1NDUyREYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh0OXEHeGu9PRk9W6uFkkdAThL YhDtrneTjX1KY76xILzvcYeHnuyHQY++l3h1kssI1YpMeMEGE/7fLD7OgsCLvIhp m5b/bUcFQwIsWQcj3xzjNcbGlQqWptDPb95YYl4lgw+TxKEmtku8DWKsG2agsfOG RZFhEA0NjZj6h/hYiTTczj6gBNnUDhNBSMvGj5BSWdpRk998ANasPGAeA72yBnOI vycAdhTc+3Dr9/VyET7qG8egp0R6G3eQ+kBY4Q8mgzdx/+ng7mbcauNkqBbgJEHi knd84/vA4e9XK7bNZddn64yowjB5oTD3JjFVtWMKsFapgdY5QrFn6cIky8+tAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUt1c3sRjhB9ak5v2JJ29Q+TBUUt8wHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzkzMDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZkFMA0GCSqGSIb3DQEBCwUAA4IBAQAs jXUtI3UWY6BwFB4Vqn7znbK6sx56qy9+azF+S3t+mSy5E87mxCKlWYhpk5Zk3nqm EPdhmfloQ5vNqsekvAsHDrGesgYY9yFLknMaqkKAI35HrbUfHRrVBAYYNVAsk0Le uY/KhGL/08rJlirg51zYqpS8uYNJdivGHqu+KCepq3FrtYhxsqGcZNxb3LiRf2O8 gvFSNF3wk598AI+cfMHlak2yfv0ygiBceW6rWpsNJX5O6DJyxwrr3AQpN34oLOIl VYM+cXlvik1HysR/Dh86HK1b/NPQhzqvTUcBFlaqt2tPmw5sfztZS1zEXtuazcvI VCTmojV6j7DV4hFcJUTV -----END CERTIFICATE-----Generated at Tue May 6 21:00:13 2025 by rpki-client