$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766333a3a2f34382d3438203d3e20323035343633.roa File: 326130663a383563313a3766333a3a2f34382d3438203d3e20323035343633.roa (raw, json) Hash identifier: q6pUV6zyLgy5iz4rBp0u/JDvv3Mq/ssZO9Kfj4UGPPc= Subject key identifier: B2:A7:15:F9:40:1C:7D:75:A3:2A:37:78:CE:67:8C:82:12:FA:53:E7 Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Certificate serial: 0A550A5451EA7641E9D23728B406B801A875763F Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766333a3a2f34382d3438203d3e20323035343633.roa Signing time: Wed 25 Mar 2026 18:51:10 +0000 ROA not before: Wed 25 Mar 2026 18:46:10 +0000 ROA not after: Wed 24 Mar 2027 18:51:10 +0000 asID: 205463 IP address blocks: 2a0f:85c1:7f3::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 21:33:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:55:0a:54:51:ea:76:41:e9:d2:37:28:b4:06:b8:01:a8:75:76:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377 Validity Not Before: Mar 25 18:46:10 2026 GMT Not After : Mar 24 18:51:10 2027 GMT Subject: CN=B2A715F9401C7D75A32A3778CE678C8212FA53E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:51:72:25:80:cd:46:ee:56:e2:ae:80:a2:17: e2:45:e5:f7:0f:f5:63:e9:08:d2:8b:43:e4:2a:56: 14:a2:c6:62:1e:2b:07:7b:d9:54:d2:58:08:05:d7: db:ea:1c:09:61:75:60:49:af:da:6d:ed:13:37:a8: 46:68:48:1a:e9:bf:ed:a7:d7:d2:54:73:b5:53:a6: c8:e0:0e:c2:df:94:36:48:49:2a:03:23:a2:56:de: 9e:d2:7d:3b:91:3c:28:4f:dc:86:41:c9:3c:e2:8f: a5:0b:ab:52:0b:fa:8a:35:41:0b:0f:d2:f1:9d:98: 4c:b5:2a:79:20:93:ec:a0:67:db:8b:35:da:00:61: 01:8f:94:1d:9a:84:97:1a:7e:24:e9:7b:12:e0:7a: e5:36:61:98:7d:d5:62:b5:6d:e1:90:e1:44:53:fb: 47:77:0b:dd:be:b2:69:94:a5:9b:3c:bd:30:38:be: 5f:69:be:a0:08:8b:7b:c4:10:9b:e5:7c:3e:7f:e5: 07:cc:62:65:e4:30:ea:1d:90:db:3c:20:ea:d7:fb: c0:2f:60:30:54:e9:00:22:f3:e1:ac:71:e8:f1:fb: 49:0d:23:c9:ed:1f:e4:73:03:e4:70:4a:63:0f:95: 26:b3:24:61:a3:f7:85:7a:9d:6f:17:a2:23:3f:27: 37:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A7:15:F9:40:1C:7D:75:A3:2A:37:78:CE:67:8C:82:12:FA:53:E7 X509v3 Authority Key Identifier: keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766333a3a2f34382d3438203d3e20323035343633.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:7f3::/48 Signature Algorithm: sha256WithRSAEncryption 39:37:69:cb:2d:03:17:a6:30:29:40:ff:bb:7f:70:75:ae:48: 6c:e7:d6:4b:21:d0:73:28:2c:3a:37:eb:5f:5d:00:97:25:c0: c4:11:06:17:0a:1d:9f:f8:ac:fd:ba:37:b4:af:7b:a4:0e:f2: 3a:02:e9:a6:dc:93:d7:ec:4c:e5:cb:c7:ea:73:5f:5b:6b:2a: c4:d9:2c:6f:8b:81:f5:79:2d:93:25:91:b4:64:e6:54:46:e3: 98:61:cb:1d:cd:d3:72:9e:a1:93:84:1b:aa:22:0d:61:98:23: 87:8a:6d:bd:41:36:9e:a3:40:85:12:f1:6d:fe:ae:27:50:20: f4:09:56:94:5c:1f:9a:f4:72:27:bd:3c:12:97:84:f3:76:04: 26:c4:7d:f2:f5:df:79:0f:7f:26:c2:8f:33:0a:80:27:d6:8d: be:d2:e4:a3:97:d6:7e:40:cb:9d:45:0c:0e:2a:f4:24:e4:1e: b3:f4:0e:03:d3:ef:c3:07:cd:fe:25:32:64:d4:dc:6c:df:77: c5:15:b3:ed:a7:ed:be:ed:34:c1:a8:8f:5c:b3:84:b2:e8:f8: 6a:bd:6e:76:65:b6:47:3f:b7:c0:a4:12:d9:c3:e8:1e:16:e7: 92:a4:d6:36:bd:1d:4f:36:3f:9f:f4:4f:6e:0c:43:0a:f3:66: f0:60:e5:2f -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIUClUKVFHqdkHp0jcotAa4Aah1dj8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0 OUMxODM3NzAeFw0yNjAzMjUxODQ2MTBaFw0yNzAzMjQxODUxMTBaMDMxMTAvBgNV BAMTKEIyQTcxNUY5NDAxQzdENzVBMzJBMzc3OENFNjc4QzgyMTJGQTUzRTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGUXIlgM1G7lbiroCiF+JF5fcP 9WPpCNKLQ+QqVhSixmIeKwd72VTSWAgF19vqHAlhdWBJr9pt7RM3qEZoSBrpv+2n 19JUc7VTpsjgDsLflDZISSoDI6JW3p7SfTuRPChP3IZByTzij6ULq1IL+oo1QQsP 0vGdmEy1Knkgk+ygZ9uLNdoAYQGPlB2ahJcafiTpexLgeuU2YZh91WK1beGQ4URT +0d3C92+smmUpZs8vTA4vl9pvqAIi3vEEJvlfD5/5QfMYmXkMOodkNs8IOrX+8Av YDBU6QAi8+Gscejx+0kNI8ntH+RzA+RwSmMPlSazJGGj94V6nW8XoiM/Jzc5AgMB AAGjggKDMIICfzAdBgNVHQ4EFgQUsqcV+UAcfXWjKjd4zmeMghL6U+cwHwYDVR0j BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0 MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3 MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2 NjNhMzgzNTYzMzEzYTM3NjYzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz NTM0MzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8zANBgkqhkiG9w0BAQsFAAOCAQEAOTdp yy0DF6YwKUD/u39wda5IbOfWSyHQcygsOjfrX10AlyXAxBEGFwodn/is/bo3tK97 pA7yOgLpptyT1+xM5cvH6nNfW2sqxNksb4uB9XktkyWRtGTmVEbjmGHLHc3Tcp6h k4QbqiINYZgjh4ptvUE2nqNAhRLxbf6uJ1Ag9AlWlFwfmvRyJ708EpeE83YEJsR9 8vXfeQ9/JsKPMwqAJ9aNvtLko5fWfkDLnUUMDir0JOQes/QOA9PvwwfN/iUyZNTc bN93xRWz7aftvu00waiPXLOEsuj4ar1udmW2Rz+3wKQS2cPoHhbnkqTWNr0dTzY/ n/RPbgxDCvNm8GDlLw== -----END CERTIFICATE-----Generated at Thu Mar 26 05:41:53 2026 by rpki-client