$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393966333a3a2f34382d3438203d3e20323134333434.roa File: 326131343a373538313a393966333a3a2f34382d3438203d3e20323134333434.roa (raw, json) Hash identifier: CfKfKnWr6AMoLiLfBVlrhneodY9KAu+Y1wDjsvoRWPk= Subject key identifier: E6:4D:90:94:A0:D3:E7:09:94:C1:76:E9:8A:91:B7:38:3A:D7:F5:6E Certificate issuer: /CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Certificate serial: 2E38EF75535F09C881DBE32EB63FC0932A6D0669 Authority key identifier: 87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393966333a3a2f34382d3438203d3e20323134333434.roa Signing time: Sat 23 Aug 2025 13:13:04 +0000 ROA not before: Sat 23 Aug 2025 13:08:04 +0000 ROA not after: Sat 22 Aug 2026 13:13:04 +0000 asID: 214344 IP address blocks: 2a14:7581:99f3::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 12:25:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:38:ef:75:53:5f:09:c8:81:db:e3:2e:b6:3f:c0:93:2a:6d:06:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4C84D4366DBB15A9090A55AA2DCEBA8723945 Validity Not Before: Aug 23 13:08:04 2025 GMT Not After : Aug 22 13:13:04 2026 GMT Subject: CN=E64D9094A0D3E70994C176E98A91B7383AD7F56E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:09:7d:31:17:2d:51:cd:94:0d:ea:89:10:08: 24:9b:64:52:39:25:7f:5d:d2:30:d0:19:dd:c7:5c: 48:8c:bd:37:2f:3a:9d:26:e1:01:2f:b6:15:44:98: f4:81:05:af:d1:17:b8:4f:7d:b4:55:3f:84:9f:36: c1:95:84:a5:87:b8:b9:3b:84:3f:24:8e:29:44:d9: 8a:55:64:b3:e4:81:17:c0:9f:53:ac:23:bf:ac:3f: fc:d4:a3:d6:e5:b6:c0:fd:1b:ce:79:b1:58:4d:ab: db:a4:a9:28:62:11:6d:ef:d0:58:04:95:bf:ef:aa: 45:39:59:d6:0b:4b:e2:5a:e7:aa:c4:43:af:b1:8f: c6:54:26:80:c8:5c:c0:00:c1:37:cb:75:ac:c4:ba: fc:de:ce:c2:48:a8:85:72:cd:8e:84:f9:c5:fd:18: 14:1f:86:48:72:a0:a0:fa:6d:4b:71:cd:35:70:69: d9:df:43:34:0a:a1:b4:97:32:05:fe:de:64:cf:5c: 3f:f6:7c:e6:e0:23:06:b3:7a:c1:0b:7b:f6:48:18: 95:ad:35:44:f8:7c:f5:b4:d3:ae:29:c5:08:88:ed: 87:5f:6d:56:09:45:1d:69:41:50:1b:a8:4d:82:c5: 80:35:92:a4:e3:2f:1b:88:37:81:dc:a0:e7:75:0c: 34:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:4D:90:94:A0:D3:E7:09:94:C1:76:E9:8A:91:B7:38:3A:D7:F5:6E X509v3 Authority Key Identifier: keyid:87:A4:C8:4D:43:66:DB:B1:5A:90:90:A5:5A:A2:DC:EB:A8:72:39:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/87A4C84D4366DBB15A9090A55AA2DCEBA8723945.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a5d4c00b-d105-4906-b981-1d0343e301da/1/326131343a373538313a393966333a3a2f34382d3438203d3e20323134333434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:99f3::/48 Signature Algorithm: sha256WithRSAEncryption 02:d0:e6:1a:a1:88:ec:f3:ee:32:6f:51:55:9e:75:8e:22:61: 26:20:88:0a:c4:08:bc:e3:0b:dc:47:9c:f0:ae:6f:2b:17:5a: a6:29:e6:58:fa:bc:ab:94:11:12:05:82:d2:a3:49:d9:1c:3e: 03:01:47:b3:fd:db:40:e5:b6:f3:f5:3b:e5:47:83:94:4a:13: b1:22:17:e5:04:91:7a:aa:6a:e6:8b:43:26:de:fd:d9:d0:43: dd:f4:18:c4:f9:70:c6:d5:d5:c1:e1:bc:13:0b:94:85:99:fb: 02:20:72:12:a5:9e:57:a3:bd:1d:50:b1:7a:3c:40:fc:c7:04: dd:0d:fd:b5:75:f9:5c:0f:6d:a5:f8:25:9c:a9:15:4d:6e:6a: 00:9f:d2:04:61:d6:14:95:30:8b:17:fb:4c:32:ab:2a:c3:cb: 05:72:9a:47:3f:ac:75:46:4f:eb:ee:c3:a4:73:74:91:a9:47: 5f:82:68:5a:00:b1:9c:47:30:aa:49:e1:24:f0:71:88:dd:ba: 80:4b:5c:ad:12:65:a5:9a:29:ab:a0:18:f8:08:a6:bb:0f:42: ab:29:f7:62:52:35:fe:88:3a:b1:ff:fe:b2:6b:3d:ad:9a:a9: 98:d6:a1:cc:45:5b:6b:58:d5:67:ad:43:30:45:83:2c:0c:61: be:52:3e:6d -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIULjjvdVNfCciB2+Mutj/AkyptBmkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJB ODcyMzk0NTAeFw0yNTA4MjMxMzA4MDRaFw0yNjA4MjIxMzEzMDRaMDMxMTAvBgNV BAMTKEU2NEQ5MDk0QTBEM0U3MDk5NEMxNzZFOThBOTFCNzM4M0FEN0Y1NkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbCX0xFy1RzZQN6okQCCSbZFI5 JX9d0jDQGd3HXEiMvTcvOp0m4QEvthVEmPSBBa/RF7hPfbRVP4SfNsGVhKWHuLk7 hD8kjilE2YpVZLPkgRfAn1OsI7+sP/zUo9bltsD9G855sVhNq9ukqShiEW3v0FgE lb/vqkU5WdYLS+Ja56rEQ6+xj8ZUJoDIXMAAwTfLdazEuvzezsJIqIVyzY6E+cX9 GBQfhkhyoKD6bUtxzTVwadnfQzQKobSXMgX+3mTPXD/2fObgIwazesELe/ZIGJWt NUT4fPW0064pxQiI7YdfbVYJRR1pQVAbqE2CxYA1kqTjLxuIN4HcoOd1DDS7AgMB AAGjggKFMIICgTAdBgNVHQ4EFgQU5k2QlKDT5wmUwXbpipG3ODrX9W4wHwYDVR0j BBgwFoAUh6TITUNm27FakJClWqLc66hyOUUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTVkNGMwMGItZDEwNS00OTA2LWI5ODEtMWQwMzQzZTMw MWRhLzEvODdBNEM4NEQ0MzY2REJCMTVBOTA5MEE1NUFBMkRDRUJBODcyMzk0NS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84N0E0Qzg0RDQzNjZEQkIxNUE5MDkwQTU1 QUEyRENFQkE4NzIzOTQ1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9hNWQ0YzAwYi1kMTA1LTQ5MDYtYjk4MS0xZDAzNDNlMzAxZGEvMS8zMjYxMzEz NDNhMzczNTM4MzEzYTM5Mzk2NjMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MTM0MzMzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZnzMA0GCSqGSIb3DQEBCwUAA4IBAQAC 0OYaoYjs8+4yb1FVnnWOImEmIIgKxAi84wvcR5zwrm8rF1qmKeZY+ryrlBESBYLS o0nZHD4DAUez/dtA5bbz9TvlR4OUShOxIhflBJF6qmrmi0Mm3v3Z0EPd9BjE+XDG 1dXB4bwTC5SFmfsCIHISpZ5Xo70dULF6PED8xwTdDf21dflcD22l+CWcqRVNbmoA n9IEYdYUlTCLF/tMMqsqw8sFcppHP6x1Rk/r7sOkc3SRqUdfgmhaALGcRzCqSeEk 8HGI3bqAS1ytEmWlmimroBj4CKa7D0KrKfdiUjX+iDqx//6yaz2tmqmY1qHMRVtr WNVnrUMwRYMsDGG+Uj5t -----END CERTIFICATE-----Generated at Sat Aug 23 23:45:44 2025 by rpki-client