$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393966313a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538313a393966313a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: eBRv+uDGLUqSp7a6GG/a9BPTN3/sPy8oPhg1ivi/5ik= Subject key identifier: AB:48:A8:BD:3E:FC:BD:05:4E:0C:6E:22:3C:BA:DD:E5:E6:BC:EC:23 Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 64B5F1124C937AE0E446889762A9986D53724609 Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393966313a3a2f34382d3438203d3e20323134333434.roa Signing time: Sat 23 Aug 2025 13:12:22 +0000 ROA not before: Sat 23 Aug 2025 13:07:22 +0000 ROA not after: Sat 22 Aug 2026 13:12:22 +0000 asID: 214344 IP address blocks: 2a14:7581:99f1::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 12:25:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:b5:f1:12:4c:93:7a:e0:e4:46:88:97:62:a9:98:6d:53:72:46:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: Aug 23 13:07:22 2025 GMT Not After : Aug 22 13:12:22 2026 GMT Subject: CN=AB48A8BD3EFCBD054E0C6E223CBADDE5E6BCEC23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b6:a2:6b:e9:a3:ed:c4:b5:e1:c7:63:10:4b: 0f:e6:cd:05:d5:04:ee:6e:cb:c3:fa:8a:1c:f1:31: 3a:4c:69:76:0c:24:e0:cc:46:b6:d8:fc:67:78:d5: 02:96:f5:09:42:af:41:df:36:1e:90:45:6d:82:58: dd:f2:1f:85:71:6b:4f:6b:33:b8:8d:ce:fd:70:8b: a1:11:30:e4:8a:45:2b:3e:37:ba:fe:f4:6d:0f:53: 3c:de:5b:60:2b:fe:d9:0b:f8:d9:1b:d1:a7:25:31: 1f:c0:65:b9:1b:27:dd:f7:21:37:62:b4:6e:3b:a0: 47:3d:4c:62:5f:b5:95:13:f1:5c:77:a5:7c:17:a6: 1a:2b:20:cb:57:42:f3:fd:d8:15:d1:e0:21:e2:67: 03:b2:78:33:1a:71:f7:6b:50:ce:14:47:5a:61:23: 6c:ff:cf:2a:14:c1:c9:36:2d:c7:06:c8:9d:10:b3: 9b:83:b6:be:2c:fb:92:81:a1:20:96:3d:ad:de:19: 46:63:ff:37:44:95:ad:d5:de:c0:f7:b0:a8:ee:d7: d5:d0:55:3f:85:7c:f2:74:37:0f:7e:2d:fe:b2:a2: c9:54:d1:dd:15:12:51:da:0e:dd:83:07:77:1e:41: 29:41:6b:ab:49:0c:43:2a:19:69:73:28:44:d1:16: e8:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:48:A8:BD:3E:FC:BD:05:4E:0C:6E:22:3C:BA:DD:E5:E6:BC:EC:23 X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393966313a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:99f1::/48 Signature Algorithm: sha256WithRSAEncryption 27:61:fd:ce:f1:02:6b:62:90:c4:b8:63:1d:96:47:7a:e0:01: ca:1a:de:dd:5c:83:d6:d2:6a:5f:c8:e8:73:6d:95:61:d7:53: a8:8c:e5:a6:bc:a6:ce:b7:cc:69:fc:c6:3d:9b:d1:37:7c:9f: 56:34:a3:c2:c7:e0:76:29:d0:34:59:7f:09:73:f0:d4:86:2f: 5f:ca:34:9f:3e:0e:d5:f4:46:12:d1:1a:e5:92:32:25:3a:20: 64:75:68:ff:b4:7c:c0:76:41:06:b3:1c:78:9e:68:dc:14:e2: 7a:d5:56:f3:8c:84:70:10:57:61:47:b3:72:df:0a:76:19:ec: d7:09:92:c9:24:2a:80:94:41:b3:4a:7f:83:29:f4:8d:a4:c2: ad:6e:60:eb:fb:f4:6d:ea:28:c2:4a:6b:2f:39:4e:f0:7c:72: e6:90:79:9e:a9:21:72:8c:d4:62:12:79:97:c9:f4:32:6f:e9: dc:a4:34:69:64:f9:0a:4d:4d:44:c4:4b:ac:3d:4f:6d:37:3b: 7b:91:84:e1:86:9a:a1:9e:ad:78:b4:9f:c5:11:bb:75:bf:72: 1e:49:0b:8a:1f:6b:12:d5:ae:db:43:9b:02:08:c4:d7:30:18: 1e:c9:73:d6:50:0e:b0:8a:9c:09:59:8a:64:84:a1:f4:93:d4: 57:0d:23:42 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUZLXxEkyTeuDkRoiXYqmYbVNyRgkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA4MjMxMzA3MjJaFw0yNjA4MjIxMzEyMjJaMDMxMTAvBgNV BAMTKEFCNDhBOEJEM0VGQ0JEMDU0RTBDNkUyMjNDQkFEREU1RTZCQ0VDMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZtqJr6aPtxLXhx2MQSw/mzQXV BO5uy8P6ihzxMTpMaXYMJODMRrbY/Gd41QKW9QlCr0HfNh6QRW2CWN3yH4Vxa09r M7iNzv1wi6ERMOSKRSs+N7r+9G0PUzzeW2Ar/tkL+Nkb0aclMR/AZbkbJ933ITdi tG47oEc9TGJftZUT8Vx3pXwXphorIMtXQvP92BXR4CHiZwOyeDMacfdrUM4UR1ph I2z/zyoUwck2LccGyJ0Qs5uDtr4s+5KBoSCWPa3eGUZj/zdEla3V3sD3sKju19XQ VT+FfPJ0Nw9+Lf6yoslU0d0VElHaDt2DB3ceQSlBa6tJDEMqGWlzKETRFuiLAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUq0iovT78vQVODG4iPLrd5ea87CMwHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM5Mzk2NjMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZnxMA0GCSqGSIb3DQEBCwUAA4IBAQAn Yf3O8QJrYpDEuGMdlkd64AHKGt7dXIPW0mpfyOhzbZVh11OojOWmvKbOt8xp/MY9 m9E3fJ9WNKPCx+B2KdA0WX8Jc/DUhi9fyjSfPg7V9EYS0RrlkjIlOiBkdWj/tHzA dkEGsxx4nmjcFOJ61VbzjIRwEFdhR7Ny3wp2GezXCZLJJCqAlEGzSn+DKfSNpMKt bmDr+/Rt6ijCSmsvOU7wfHLmkHmeqSFyjNRiEnmXyfQyb+ncpDRpZPkKTU1ExEus PU9tNzt7kYThhpqhnq14tJ/FEbt1v3IeSQuKH2sS1a7bQ5sCCMTXMBgeyXPWUA6w ipwJWYpkhKH0k9RXDSNC -----END CERTIFICATE-----Generated at Sat Aug 23 23:45:57 2025 by rpki-client