$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214930.roa File: AS214930.roa (raw, json) Hash identifier: 8z+uOfH6Jkk77lIcACB4aPe1YwBxpZBieJa+kDEV67A= Subject key identifier: 90:A1:83:13:58:F3:17:99:96:2B:C4:BF:CF:2B:4E:89:A8:5C:4D:46 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 74D728DBC56FDE3646D1BB81E18339C7B52AA6D4 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214930.roa Signing time: Wed 30 Apr 2025 17:16:43 +0000 ROA not before: Wed 30 Apr 2025 17:11:43 +0000 ROA not after: Wed 29 Apr 2026 17:16:43 +0000 asID: 214930 IP address blocks: 2a07:54c1:c400::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 May 2025 12:03:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:d7:28:db:c5:6f:de:36:46:d1:bb:81:e1:83:39:c7:b5:2a:a6:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Apr 30 17:11:43 2025 GMT Not After : Apr 29 17:16:43 2026 GMT Subject: CN=90A1831358F31799962BC4BFCF2B4E89A85C4D46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:8f:6b:02:01:2d:e8:7c:40:ed:10:eb:99:e5: a2:79:6a:65:38:db:c0:4a:cd:b7:34:6f:96:3d:e2: 3e:5b:42:70:72:4a:12:51:f9:1b:c6:61:cd:0b:b3: 45:7f:5e:2d:5b:26:53:b2:ed:8b:05:b4:9b:e5:76: 13:e4:9c:b5:5b:0b:6d:3b:c4:cd:67:b7:8a:e1:ca: cb:14:e4:f1:38:85:53:e4:7d:6c:80:e6:bb:1e:97: c1:45:40:ad:14:48:17:26:d1:f7:39:4b:e9:0a:ac: e1:64:39:2c:cb:57:91:89:4f:be:0e:72:26:2c:e9: a1:78:8d:89:ba:eb:ca:9a:06:6d:41:b1:ec:2c:38: d8:18:86:10:db:31:45:07:f0:05:c8:21:a4:86:fa: fb:f3:38:f1:66:4a:ea:e0:26:88:1b:c0:f2:2d:e9: a5:50:2b:a9:b1:a7:d6:dc:10:fa:b7:77:21:bf:0b: a1:f2:db:3a:c0:03:7e:8e:72:e7:b3:ed:d1:58:53: a1:b3:13:5c:2a:06:f5:04:aa:b9:57:20:a3:cc:2f: 40:36:d7:09:1b:5a:25:d4:b7:38:74:85:5f:39:3f: 6c:c2:53:cd:fd:01:e0:d4:cb:25:7e:2c:05:64:30: 79:1f:80:0c:1f:5f:fc:1f:05:8c:7b:16:2a:75:80: f2:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:A1:83:13:58:F3:17:99:96:2B:C4:BF:CF:2B:4E:89:A8:5C:4D:46 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214930.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:c400::/40 Signature Algorithm: sha256WithRSAEncryption 03:fc:8b:2a:26:72:6d:8a:be:fe:62:40:23:de:c9:cd:23:89: fb:9a:7c:fa:9d:37:ca:96:99:ed:e2:5c:11:b4:7f:cc:7b:5b: b6:fb:ed:c3:75:3f:ff:f7:18:76:c6:39:de:2f:d3:4f:7d:89: bf:4b:e5:05:ff:09:1a:3a:6b:6b:b1:44:df:4f:d0:36:80:86: e7:52:27:ac:b5:75:52:7f:4e:53:72:24:14:f6:94:36:cd:e3: c0:af:c1:f2:54:32:34:4e:56:39:5b:55:91:fc:84:80:a2:9e: 9f:e3:cb:13:74:0a:5b:aa:d5:ae:7f:37:4a:22:cd:20:b5:de: a4:6b:13:d7:76:70:82:dc:a3:26:35:0c:5f:d2:2f:5a:ac:93: da:03:2f:e2:88:56:cd:8c:5d:52:c3:35:4c:15:54:09:22:58: df:18:44:77:a5:a2:08:32:d1:1e:92:a0:50:1d:64:69:4a:5b: ec:f1:02:50:b1:b7:2c:ff:9c:16:e1:e7:f9:5f:ba:31:a7:3f: c8:0f:82:ef:c9:4b:b9:16:3b:7d:d1:82:0e:9b:b8:c2:dc:05: 51:ae:45:96:ef:e3:76:f5:d2:00:38:5b:28:eb:63:c6:38:69: 88:32:9e:ba:7f:8b:d6:d7:b9:a4:f4:e2:e9:52:d2:e9:e1:87: 18:af:2c:de -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdNco28Vv3jZG0buB4YM5x7UqptQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA0MzAxNzExNDNaFw0yNjA0MjkxNzE2NDNaMDMxMTAvBgNV BAMTKDkwQTE4MzEzNThGMzE3OTk5NjJCQzRCRkNGMkI0RTg5QTg1QzRENDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMj2sCAS3ofEDtEOuZ5aJ5amU4 28BKzbc0b5Y94j5bQnByShJR+RvGYc0Ls0V/Xi1bJlOy7YsFtJvldhPknLVbC207 xM1nt4rhyssU5PE4hVPkfWyA5rsel8FFQK0USBcm0fc5S+kKrOFkOSzLV5GJT74O ciYs6aF4jYm668qaBm1BsewsONgYhhDbMUUH8AXIIaSG+vvzOPFmSurgJogbwPIt 6aVQK6mxp9bcEPq3dyG/C6Hy2zrAA36Ocuez7dFYU6GzE1wqBvUEqrlXIKPML0A2 1wkbWiXUtzh0hV85P2zCU839AeDUyyV+LAVkMHkfgAwfX/wfBYx7Fip1gPLhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUkKGDE1jzF5mWK8S/zytOiahcTUYwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE0OTMwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU wcQwDQYJKoZIhvcNAQELBQADggEBAAP8iyomcm2Kvv5iQCPeyc0jifuafPqdN8qW me3iXBG0f8x7W7b77cN1P//3GHbGOd4v0099ib9L5QX/CRo6a2uxRN9P0DaAhudS J6y1dVJ/TlNyJBT2lDbN48CvwfJUMjROVjlbVZH8hICinp/jyxN0Cluq1a5/N0oi zSC13qRrE9d2cILcoyY1DF/SL1qsk9oDL+KIVs2MXVLDNUwVVAkiWN8YRHeloggy 0R6SoFAdZGlKW+zxAlCxtyz/nBbh5/lfujGnP8gPgu/JS7kWO33Rgg6buMLcBVGu RZbv43b10gA4WyjrY8Y4aYgynrp/i9bXuaT04ulS0unhhxivLN4= -----END CERTIFICATE-----Generated at Wed May 7 19:49:23 2025 by rpki-client