$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656431383a3a2f34362d3438203d3e20323135393536.roa File: 326131343a373538303a656431383a3a2f34362d3438203d3e20323135393536.roa (raw, json) Hash identifier: uXTTq85aLk1Ck3+Vq0EonEJau7jzij3/EE3a2vfmdBs= Subject key identifier: C6:89:68:BF:20:86:81:16:19:D8:45:FD:6A:84:7E:87:7B:6C:22:E4 Certificate issuer: /CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B Certificate serial: 587A378AAB7DC4AEDA5A44606CB7DA121F9F1F6E Authority key identifier: 9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656431383a3a2f34362d3438203d3e20323135393536.roa Signing time: Fri 10 Oct 2025 19:13:19 +0000 ROA not before: Fri 10 Oct 2025 19:08:19 +0000 ROA not after: Fri 09 Oct 2026 19:13:19 +0000 asID: 215956 IP address blocks: 2a14:7580:ed18::/46 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 23:24:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:7a:37:8a:ab:7d:c4:ae:da:5a:44:60:6c:b7:da:12:1f:9f:1f:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B Validity Not Before: Oct 10 19:08:19 2025 GMT Not After : Oct 9 19:13:19 2026 GMT Subject: CN=C68968BF2086811619D845FD6A847E877B6C22E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ee:bd:66:72:31:ba:bf:e4:ce:c7:a8:f4:78: 5d:25:a0:62:6d:7e:ab:30:3a:4b:d9:78:5a:fe:b0: 06:ef:36:73:f3:84:8e:b5:e8:8e:36:b7:73:52:22: c0:5b:69:bf:95:49:4a:9b:6a:c3:83:ad:bf:5a:52: 9d:34:e7:53:1d:bc:80:01:28:79:3a:42:65:39:c2: 91:3e:c1:61:ca:48:60:37:58:f2:3c:9b:41:62:6e: f0:b6:6d:9b:59:ef:e2:a1:0a:a8:fb:71:57:63:99: e5:2e:89:27:7a:4a:28:c8:fb:eb:92:2a:15:a2:2a: 89:19:20:0d:c3:c5:da:72:53:5c:86:66:f3:5d:63: b2:27:5f:cd:ad:c5:5f:09:41:cd:37:10:84:0a:75: 3a:68:36:89:58:a9:1e:99:76:83:40:69:52:28:78: ce:29:4e:6f:eb:8e:ee:2a:83:eb:d3:13:c1:ec:c3: 32:db:97:20:a4:9c:d6:ba:0d:b7:89:5e:86:ad:e4: 9c:01:54:d6:80:ee:47:91:bb:f8:87:fe:3f:a7:c6: 16:3c:5c:06:da:e3:7e:80:37:b6:af:d5:c7:df:b3: 60:0f:cb:c1:e8:11:d9:1a:32:04:52:84:10:9a:d9: 80:96:b7:06:83:52:90:2b:5c:78:ee:35:e4:94:8c: b6:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:89:68:BF:20:86:81:16:19:D8:45:FD:6A:84:7E:87:7B:6C:22:E4 X509v3 Authority Key Identifier: keyid:9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656431383a3a2f34362d3438203d3e20323135393536.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ed18::/46 Signature Algorithm: sha256WithRSAEncryption 83:b8:57:11:96:0d:71:12:63:b8:3b:8c:14:13:0b:c5:11:85: 2e:a7:2f:75:9d:b1:c9:46:93:ba:29:d5:7a:80:f8:d1:0c:40: 4a:7e:3b:8a:d5:d8:11:51:3a:c0:03:b2:68:f5:fd:9e:54:02: fc:45:56:af:b2:35:fa:93:74:b2:8d:b9:39:dc:ce:38:5e:2f: da:f0:8e:4f:01:25:bc:73:84:90:77:f5:91:84:42:6f:bd:92: 14:38:e7:fa:ef:f1:66:3f:0b:6a:e4:aa:e5:f1:df:26:71:b4: d4:03:05:f6:71:93:4e:51:32:f5:01:cc:e6:65:47:26:9d:36: b7:0e:8b:5a:87:ba:b7:3c:bd:37:4e:41:2a:a6:42:7e:6f:d2: c1:41:01:78:e1:fa:f6:f7:a1:57:9f:85:89:94:45:f0:e8:a6: 03:95:43:86:9c:bb:a7:a9:52:50:1e:7e:77:d1:ab:cf:23:11: 95:ab:0f:1c:35:ec:ec:a1:a6:41:23:7a:bb:83:a4:1e:42:49: f9:f9:6c:06:cd:a0:5b:aa:59:b9:67:9e:46:5b:e7:9e:66:33: 83:c2:33:de:a7:01:a9:33:8f:d3:57:9c:5c:3c:9c:eb:a1:ef: 5f:11:79:1c:c0:35:2d:d4:eb:09:4f:fc:2a:12:e4:a2:06:50: 30:35:c1:75 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUWHo3iqt9xK7aWkRgbLfaEh+fH24wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5 QjhEOTAyQjAeFw0yNTEwMTAxOTA4MTlaFw0yNjEwMDkxOTEzMTlaMDMxMTAvBgNV BAMTKEM2ODk2OEJGMjA4NjgxMTYxOUQ4NDVGRDZBODQ3RTg3N0I2QzIyRTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL7r1mcjG6v+TOx6j0eF0loGJt fqswOkvZeFr+sAbvNnPzhI616I42t3NSIsBbab+VSUqbasODrb9aUp0051MdvIAB KHk6QmU5wpE+wWHKSGA3WPI8m0FibvC2bZtZ7+KhCqj7cVdjmeUuiSd6SijI++uS KhWiKokZIA3DxdpyU1yGZvNdY7InX82txV8JQc03EIQKdTpoNolYqR6ZdoNAaVIo eM4pTm/rju4qg+vTE8HswzLblyCknNa6DbeJXoat5JwBVNaA7keRu/iH/j+nxhY8 XAba436AN7av1cffs2APy8HoEdkaMgRShBCa2YCWtwaDUpArXHjuNeSUjLYZAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUxolovyCGgRYZ2EX9aoR+h3tsIuQwHwYDVR0j BBgwFoAUnIISxdHd6EtVc+/HPauELZuNkCswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj OTEyLzMvOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5QjhEOTAyQi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85QzgyMTJDNUQxRERFODRCNTU3M0VGQzcz REFCODQyRDlCOEQ5MDJCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9lYmYwNGM3Yy1mODJkLTQ3MWQtODVhZC05OGM2NWRlMWM5MTIvMy8zMjYxMzEz NDNhMzczNTM4MzAzYTY1NjQzMTM4M2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzIz MTM1MzkzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcCKhR1gO0YMA0GCSqGSIb3DQEBCwUAA4IBAQCD uFcRlg1xEmO4O4wUEwvFEYUupy91nbHJRpO6KdV6gPjRDEBKfjuK1dgRUTrAA7Jo 9f2eVAL8RVavsjX6k3Syjbk53M44Xi/a8I5PASW8c4SQd/WRhEJvvZIUOOf67/Fm Pwtq5Krl8d8mcbTUAwX2cZNOUTL1AczmZUcmnTa3Dotah7q3PL03TkEqpkJ+b9LB QQF44fr296FXn4WJlEXw6KYDlUOGnLunqVJQHn530avPIxGVqw8cNezsoaZBI3q7 g6QeQkn5+WwGzaBbqlm5Z55GW+eeZjODwjPepwGpM4/TV5xcPJzroe9fEXkcwDUt 1OsJT/wqEuSiBlAwNcF1 -----END CERTIFICATE-----Generated at Mon Oct 20 13:29:26 2025 by rpki-client