$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c6fd4ea1-a266-4dea-b48a-15da35452109/1/326131343a373538303a6330303a3a2f34302d3438203d3e20313531313934.roa File: 326131343a373538303a6330303a3a2f34302d3438203d3e20313531313934.roa (raw, json) Hash identifier: IcJMioVXTHIBW9dWRoa7QtI8OxLl1FTCXI6aJvTPxUg= Subject key identifier: 89:C7:8A:22:18:FA:91:C9:3B:6F:E5:AF:05:67:8E:EC:21:F9:F5:5B Certificate issuer: /CN=B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749 Certificate serial: 04E879C13235D2E550938711F19944EEF3BA9DE9 Authority key identifier: B7:D2:E8:6F:D3:DA:15:BD:13:4C:A2:15:5C:3A:9F:DA:71:8B:37:49 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c6fd4ea1-a266-4dea-b48a-15da35452109/1/326131343a373538303a6330303a3a2f34302d3438203d3e20313531313934.roa Signing time: Sun 04 May 2025 11:21:01 +0000 ROA not before: Sun 04 May 2025 11:16:01 +0000 ROA not after: Sun 03 May 2026 11:21:01 +0000 asID: 151194 IP address blocks: 2a14:7580:c00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c6fd4ea1-a266-4dea-b48a-15da35452109/1/B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749.crl rsync://rsync.paas.rpki.ripe.net/repository/c6fd4ea1-a266-4dea-b48a-15da35452109/1/B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 May 2025 02:06:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:e8:79:c1:32:35:d2:e5:50:93:87:11:f1:99:44:ee:f3:ba:9d:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749 Validity Not Before: May 4 11:16:01 2025 GMT Not After : May 3 11:21:01 2026 GMT Subject: CN=89C78A2218FA91C93B6FE5AF05678EEC21F9F55B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:39:13:4b:e0:c0:ab:6f:ae:d2:cc:cf:82:74: 07:02:3b:0b:f5:86:23:e6:94:05:a9:6c:91:27:70: d5:5e:7b:6f:01:b1:8c:24:ef:ff:69:74:83:50:fd: 08:61:59:fc:1a:80:48:39:c2:36:9c:21:d9:1d:9f: 39:6e:2a:31:06:c2:a5:95:c8:27:fb:1f:90:3e:49: b2:cb:fa:cb:81:5c:c5:f5:04:b9:28:15:a2:0d:fc: 5f:53:26:22:9c:0a:d2:7d:9b:ea:3f:43:fb:54:8a: 19:90:01:e6:1c:8c:bd:0a:1d:f3:52:b0:c5:0c:f0: 90:95:02:49:80:13:8d:b5:bb:73:7b:ad:87:15:84: 47:58:14:c5:eb:72:9d:84:f3:0e:e9:e6:b3:0f:f5: 43:76:3a:99:32:1b:81:64:47:eb:40:81:30:e2:92: 7f:dc:91:4e:ee:50:69:36:ec:e5:ba:6d:a8:f3:65: 2b:ff:60:3f:82:34:27:7e:e9:da:ce:44:16:e9:d1: c4:44:65:e0:7a:c4:1b:85:18:da:34:2e:6b:63:d0: 98:91:68:03:82:eb:86:1a:be:f9:f4:df:16:80:a0: cb:74:29:e8:16:07:f3:7c:90:21:a6:4f:ca:1e:83: 8b:3e:c7:8a:8f:32:42:59:be:8d:31:cb:67:3c:15: 98:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C7:8A:22:18:FA:91:C9:3B:6F:E5:AF:05:67:8E:EC:21:F9:F5:5B X509v3 Authority Key Identifier: keyid:B7:D2:E8:6F:D3:DA:15:BD:13:4C:A2:15:5C:3A:9F:DA:71:8B:37:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c6fd4ea1-a266-4dea-b48a-15da35452109/1/B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/B7D2E86FD3DA15BD134CA2155C3A9FDA718B3749.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c6fd4ea1-a266-4dea-b48a-15da35452109/1/326131343a373538303a6330303a3a2f34302d3438203d3e20313531313934.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:c00::/40 Signature Algorithm: sha256WithRSAEncryption cc:ae:c8:e9:52:c5:41:f4:8f:bd:2a:be:72:6f:bd:cb:00:da: 01:e4:97:1d:b4:0a:6b:f6:a9:da:5c:7c:73:9c:93:88:6a:20: 8d:d0:2f:cf:f8:96:74:b4:12:30:c7:b8:9e:f2:3e:91:86:96: fe:72:63:3a:5c:65:30:80:06:60:85:c3:ed:cd:fc:58:b3:98: 2f:ee:6f:4d:9c:e8:ff:59:5e:8c:e0:1b:28:0b:41:d2:b8:01: 14:0c:1b:2d:38:d9:c9:2c:49:0e:e3:5f:91:fa:af:90:d3:be: 15:36:1f:3a:00:f9:37:c7:fc:62:b4:b3:d3:91:26:9d:39:50: 5f:09:4b:e3:db:39:05:a4:4e:a5:c3:11:ee:c0:48:3f:35:c5: 74:91:e9:79:6e:6c:df:75:92:07:70:ca:69:0e:6d:06:6a:ab: 98:f2:b8:30:a4:28:e3:8a:be:34:5d:20:c8:e5:12:5c:69:32: 63:b4:86:9b:d6:89:47:2a:19:08:de:7b:32:ac:0e:ea:49:76: 53:cf:d0:0c:15:25:1a:94:39:3c:54:5c:1d:bb:f5:89:eb:18: 49:0f:88:6e:af:4e:83:26:d3:04:32:9e:1d:09:cd:3b:49:f5: 19:2c:28:a3:17:b3:b6:ff:91:7b:35:6f:4c:af:76:0c:b5:12: 18:d2:28:6e -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUBOh5wTI10uVQk4cR8ZlE7vO6nekwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjdEMkU4NkZEM0RBMTVCRDEzNENBMjE1NUMzQTlGREE3 MThCMzc0OTAeFw0yNTA1MDQxMTE2MDFaFw0yNjA1MDMxMTIxMDFaMDMxMTAvBgNV BAMTKDg5Qzc4QTIyMThGQTkxQzkzQjZGRTVBRjA1Njc4RUVDMjFGOUY1NUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEORNL4MCrb67SzM+CdAcCOwv1 hiPmlAWpbJEncNVee28BsYwk7/9pdINQ/QhhWfwagEg5wjacIdkdnzluKjEGwqWV yCf7H5A+SbLL+suBXMX1BLkoFaIN/F9TJiKcCtJ9m+o/Q/tUihmQAeYcjL0KHfNS sMUM8JCVAkmAE421u3N7rYcVhEdYFMXrcp2E8w7p5rMP9UN2OpkyG4FkR+tAgTDi kn/ckU7uUGk27OW6bajzZSv/YD+CNCd+6drORBbp0cREZeB6xBuFGNo0Lmtj0JiR aAOC64Yavvn03xaAoMt0KegWB/N8kCGmT8oeg4s+x4qPMkJZvo0xy2c8FZhtAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUiceKIhj6kck7b+WvBWeO7CH59VswHwYDVR0j BBgwFoAUt9Lob9PaFb0TTKIVXDqf2nGLN0kwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzZmZDRlYTEtYTI2Ni00ZGVhLWI0OGEtMTVkYTM1NDUy MTA5LzEvQjdEMkU4NkZEM0RBMTVCRDEzNENBMjE1NUMzQTlGREE3MThCMzc0OS5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9CN0QyRTg2RkQzREExNUJEMTM0Q0EyMTU1 QzNBOUZEQTcxOEIzNzQ5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9jNmZkNGVhMS1hMjY2LTRkZWEtYjQ4YS0xNWRhMzU0NTIxMDkvMS8zMjYxMzEz NDNhMzczNTM4MzAzYTYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzUz MTMxMzkzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB BwEB/wQSMBAwDgQCAAIwCAMGACoUdYAMMA0GCSqGSIb3DQEBCwUAA4IBAQDMrsjp UsVB9I+9Kr5yb73LANoB5JcdtApr9qnaXHxznJOIaiCN0C/P+JZ0tBIwx7ie8j6R hpb+cmM6XGUwgAZghcPtzfxYs5gv7m9NnOj/WV6M4BsoC0HSuAEUDBstONnJLEkO 41+R+q+Q074VNh86APk3x/xitLPTkSadOVBfCUvj2zkFpE6lwxHuwEg/NcV0kel5 bmzfdZIHcMppDm0GaquY8rgwpCjjir40XSDI5RJcaTJjtIab1olHKhkI3nsyrA7q SXZTz9AMFSUalDk8VFwdu/WJ6xhJD4hur06DJtMEMp4dCc07SfUZLCijF7O2/5F7 NW9Mr3YMtRIY0ihu -----END CERTIFICATE-----Generated at Fri May 9 13:50:17 2025 by rpki-client