$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393939393a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538313a393939393a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: gWNOGizaCWeT+eChfA6O1CcYgC4CppF3JVd8ZgY0qsY= Subject key identifier: 03:29:DA:BF:64:A8:3F:37:69:76:BC:A3:24:79:40:AC:C8:BF:B9:35 Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 23F37BDE60DEDE2E282F0535A4686B0F32AB63E4 Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393939393a3a2f34382d3438203d3e20323134333434.roa Signing time: Mon 28 Apr 2025 16:24:06 +0000 ROA not before: Mon 28 Apr 2025 16:19:06 +0000 ROA not after: Mon 27 Apr 2026 16:24:06 +0000 asID: 214344 IP address blocks: 2a14:7581:9999::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 May 2025 16:14:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f3:7b:de:60:de:de:2e:28:2f:05:35:a4:68:6b:0f:32:ab:63:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: Apr 28 16:19:06 2025 GMT Not After : Apr 27 16:24:06 2026 GMT Subject: CN=0329DABF64A83F376976BCA3247940ACC8BFB935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:04:3b:ee:9c:fb:d6:cf:f3:bf:5f:81:2d:e1: 73:7b:04:ea:8a:3d:f7:bd:20:6f:81:71:dd:f8:05: d8:71:14:45:6b:20:c5:4e:26:b4:bb:63:31:fa:32: b5:98:f8:40:63:84:ae:23:13:20:10:46:c2:4a:54: 55:0a:dc:b6:ef:be:c1:27:f7:a2:da:65:af:cf:06: 93:1d:ca:e7:c7:11:29:c3:82:41:fa:3e:75:73:5d: eb:b2:69:8d:55:b9:84:71:04:92:e3:84:76:e8:ba: 5d:09:89:74:ea:9f:5b:c6:e3:5f:13:10:70:4c:54: 15:8f:39:52:d3:64:65:65:35:9c:92:15:ed:da:c0: cb:65:5e:88:ad:93:3f:e9:85:98:2d:26:cb:8e:a4: f3:4f:9c:5f:cb:e0:9c:fe:0f:7d:1b:78:01:41:d8: 3a:79:65:b1:a4:4f:ab:05:48:47:55:3f:0f:a7:08: 0a:e9:f3:fb:23:34:ae:93:ee:0c:78:0f:35:dc:33: 6a:8e:e6:44:60:7d:b7:89:35:e2:8d:81:55:59:00: d9:01:88:56:7c:0a:30:56:f5:8f:7e:e0:bb:ac:5e: fd:3b:fd:c2:24:33:70:0d:4f:70:ad:c9:26:d3:0b: 67:f6:03:57:93:e9:9b:9d:37:ff:4c:9b:a5:73:3c: c2:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:29:DA:BF:64:A8:3F:37:69:76:BC:A3:24:79:40:AC:C8:BF:B9:35 X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393939393a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9999::/48 Signature Algorithm: sha256WithRSAEncryption 28:1a:a2:fd:0a:b9:b7:cf:67:8c:e7:fe:15:81:dc:1e:6c:a2: d7:83:8d:c1:78:27:c8:ce:38:ef:5f:b6:25:16:c5:1b:9a:af: 61:dc:73:80:90:f8:a8:11:c8:4c:cd:8e:21:23:aa:db:5f:d1: 6c:11:10:57:89:9c:44:95:bb:ec:47:10:00:75:e2:b2:6f:72: f8:c8:d1:ac:b5:1e:ad:94:00:6a:08:e0:29:9f:64:11:5f:63: 0a:ac:fd:dd:9e:f8:99:c5:70:59:e4:47:3a:e5:db:f3:2e:6c: 45:fe:e0:da:a1:11:0c:df:9f:dd:c5:1b:4f:98:90:7f:a1:3b: 9b:cd:a5:c5:09:62:d7:9e:3f:85:93:16:de:14:dc:85:f4:ee: 84:f3:68:69:e6:ac:ec:6c:76:6c:dc:20:ce:ca:1e:87:95:a9: 2b:6f:b0:20:64:1b:4c:60:8f:1a:10:ae:ea:8b:47:79:9f:72: dd:bd:ab:5b:34:db:73:a0:a6:d7:2f:ed:2f:f1:f6:50:22:4c: c0:35:f6:76:55:fb:1e:16:d6:54:b1:ae:92:36:b0:f1:ce:45: 0f:5a:25:cb:42:21:41:98:6b:67:14:9d:c1:45:d8:7c:18:f1: b6:de:79:51:38:78:17:d7:b0:eb:6b:f6:be:58:28:7b:34:5c: 4e:aa:b5:c3 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUI/N73mDe3i4oLwU1pGhrDzKrY+QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA0MjgxNjE5MDZaFw0yNjA0MjcxNjI0MDZaMDMxMTAvBgNV BAMTKDAzMjlEQUJGNjRBODNGMzc2OTc2QkNBMzI0Nzk0MEFDQzhCRkI5MzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYBDvunPvWz/O/X4Et4XN7BOqK Pfe9IG+Bcd34BdhxFEVrIMVOJrS7YzH6MrWY+EBjhK4jEyAQRsJKVFUK3LbvvsEn 96LaZa/PBpMdyufHESnDgkH6PnVzXeuyaY1VuYRxBJLjhHboul0JiXTqn1vG418T EHBMVBWPOVLTZGVlNZySFe3awMtlXoitkz/phZgtJsuOpPNPnF/L4Jz+D30beAFB 2Dp5ZbGkT6sFSEdVPw+nCArp8/sjNK6T7gx4DzXcM2qO5kRgfbeJNeKNgVVZANkB iFZ8CjBW9Y9+4LusXv07/cIkM3ANT3CtySbTC2f2A1eT6ZudN/9Mm6VzPMI1AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUAynav2SoPzdpdryjJHlArMi/uTUwHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM5MzkzOTM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZmZMA0GCSqGSIb3DQEBCwUAA4IBAQAo GqL9Crm3z2eM5/4VgdwebKLXg43BeCfIzjjvX7YlFsUbmq9h3HOAkPioEchMzY4h I6rbX9FsERBXiZxElbvsRxAAdeKyb3L4yNGstR6tlABqCOApn2QRX2MKrP3dnviZ xXBZ5Ec65dvzLmxF/uDaoREM35/dxRtPmJB/oTubzaXFCWLXnj+FkxbeFNyF9O6E 82hp5qzsbHZs3CDOyh6Hlakrb7AgZBtMYI8aEK7qi0d5n3LdvatbNNtzoKbXL+0v 8fZQIkzANfZ2VfseFtZUsa6SNrDxzkUPWiXLQiFBmGtnFJ3BRdh8GPG23nlROHgX 17Dra/a+WCh7NFxOqrXD -----END CERTIFICATE-----Generated at Wed May 7 01:50:13 2025 by rpki-client