$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130303a3a2f34382d3438203d3e20323034323131.roa File: 326131343a373538363a363130303a3a2f34382d3438203d3e20323034323131.roa (raw, json) Hash identifier: i8FxewYN5kk5O+OQO1ECyW70BJ7pMmYObv0lFKAtrXI= Subject key identifier: 28:DC:AE:3E:EF:AD:F2:3C:69:5B:29:36:72:6C:5F:2E:57:CB:BE:9C Certificate issuer: /CN=20914720382A1F52B950212C138E5E1E81BA69B7 Certificate serial: 7386213EA494B0F14C5E6497EDF254FC690DA15B Authority key identifier: 20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130303a3a2f34382d3438203d3e20323034323131.roa Signing time: Thu 19 Mar 2026 02:55:50 +0000 ROA not before: Thu 19 Mar 2026 02:50:50 +0000 ROA not after: Thu 18 Mar 2027 02:55:50 +0000 asID: 204211 IP address blocks: 2a14:7586:6100::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.crl rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 12:24:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:86:21:3e:a4:94:b0:f1:4c:5e:64:97:ed:f2:54:fc:69:0d:a1:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20914720382A1F52B950212C138E5E1E81BA69B7 Validity Not Before: Mar 19 02:50:50 2026 GMT Not After : Mar 18 02:55:50 2027 GMT Subject: CN=28DCAE3EEFADF23C695B2936726C5F2E57CBBE9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:87:69:92:44:e1:4a:53:1f:0d:6f:85:68:07: b4:7b:af:fd:d0:86:02:10:b8:95:34:02:d8:0d:88: e4:f3:84:c1:39:76:69:fe:b6:21:3f:a2:43:21:81: 6a:bf:68:a8:f7:4f:b8:57:38:68:ff:93:a9:9b:e7: c9:28:2c:bf:30:4b:23:f9:04:5b:95:59:ad:24:68: b3:c3:ee:ad:b6:d7:86:d5:e3:e1:16:a0:c0:56:de: d9:fd:19:88:42:74:a4:5d:a3:21:22:a8:ec:7c:5b: 5b:50:bc:b4:7d:e5:b5:5a:1a:80:36:3e:48:f1:9e: 33:a7:83:c3:28:5b:04:b8:62:f0:ca:03:4a:e1:4c: 36:13:51:72:3e:bb:31:2d:44:ee:93:15:dd:ae:e0: 09:ff:66:59:67:ea:32:3b:44:ca:0f:ba:41:c6:ca: 83:86:43:37:76:1f:bc:50:1e:b8:d8:c8:90:12:6f: 3c:d5:86:44:87:8a:5d:7d:f6:47:01:57:78:f0:4d: 92:6e:4a:9d:28:03:11:a4:6c:91:0e:92:6b:90:fb: 55:f4:29:1b:93:db:ca:b8:bb:b7:c1:a5:ea:d8:55: f5:a6:c3:db:96:19:5f:35:88:37:aa:39:06:f1:42: 35:0b:c4:13:63:bf:78:91:35:4d:69:3b:43:52:37: d9:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:DC:AE:3E:EF:AD:F2:3C:69:5B:29:36:72:6C:5F:2E:57:CB:BE:9C X509v3 Authority Key Identifier: keyid:20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130303a3a2f34382d3438203d3e20323034323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7586:6100::/48 Signature Algorithm: sha256WithRSAEncryption 72:11:5c:2b:44:ac:78:45:c5:24:ea:d4:91:1a:06:13:28:c2: 6b:f7:52:27:61:af:5d:ab:8d:e3:27:08:ab:ff:c4:e6:b2:d0: d4:62:1d:96:fd:64:94:7e:50:aa:0c:2b:b7:62:c2:9d:28:d2: 35:60:35:08:52:ec:28:8f:12:99:2f:49:2c:e5:e6:94:69:26: 69:6e:36:09:a5:53:19:7b:38:1d:c2:8d:8d:87:dc:d4:2b:a0: 1d:c2:7f:db:d1:df:80:40:33:53:7e:3e:00:09:54:21:7d:90: 99:48:c3:83:d8:7c:b7:65:1a:6f:a4:31:ac:36:38:6a:3f:06: 25:bc:5e:7a:36:bf:15:b7:27:eb:44:3c:7a:a0:57:f0:02:90: b9:c8:2d:61:9c:51:5b:ad:0e:c7:e2:d2:13:f2:3e:50:d2:30: 3b:f8:86:6d:69:70:d3:5f:81:5b:38:e3:19:e7:85:c3:79:6f: a4:88:28:11:e8:87:12:ce:81:5b:00:24:4d:54:3f:39:2c:25: 47:79:8e:c4:27:72:75:1f:79:8c:00:0f:c9:1c:0c:fd:48:8b: 69:c3:21:8a:76:05:ec:1c:b3:63:9e:87:7c:24:a0:0e:c9:94: da:81:0e:6d:0e:24:36:7a:0a:18:2b:20:96:04:2c:6c:be:7e: 16:c6:30:90 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUc4YhPqSUsPFMXmSX7fJU/GkNoVswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjA5MTQ3MjAzODJBMUY1MkI5NTAyMTJDMTM4RTVFMUU4 MUJBNjlCNzAeFw0yNjAzMTkwMjUwNTBaFw0yNzAzMTgwMjU1NTBaMDMxMTAvBgNV BAMTKDI4RENBRTNFRUZBREYyM0M2OTVCMjkzNjcyNkM1RjJFNTdDQkJFOUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUh2mSROFKUx8Nb4VoB7R7r/3Q hgIQuJU0AtgNiOTzhME5dmn+tiE/okMhgWq/aKj3T7hXOGj/k6mb58koLL8wSyP5 BFuVWa0kaLPD7q2214bV4+EWoMBW3tn9GYhCdKRdoyEiqOx8W1tQvLR95bVaGoA2 PkjxnjOng8MoWwS4YvDKA0rhTDYTUXI+uzEtRO6TFd2u4An/Zlln6jI7RMoPukHG yoOGQzd2H7xQHrjYyJASbzzVhkSHil199kcBV3jwTZJuSp0oAxGkbJEOkmuQ+1X0 KRuT28q4u7fBperYVfWmw9uWGV81iDeqOQbxQjULxBNjv3iRNU1pO0NSN9njAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQUKNyuPu+t8jxpWyk2cmxfLlfLvpwwHwYDVR0j BBgwFoAUIJFHIDgqH1K5UCEsE45eHoG6abcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjUzMmI5ZWItMmZhZS00OGE4LTk3OTMtMzNlZWMwNjdj ZTM5LzMvMjA5MTQ3MjAzODJBMUY1MkI5NTAyMTJDMTM4RTVFMUU4MUJBNjlCNy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMDkxNDcyMDM4MkExRjUyQjk1MDIxMkMx MzhFNUUxRTgxQkE2OUI3LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mNTMyYjllYi0yZmFlLTQ4YTgtOTc5My0zM2VlYzA2N2NlMzkvMy8zMjYxMzEz NDNhMzczNTM4MzYzYTM2MzEzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1hmEAMA0GCSqGSIb3DQEBCwUAA4IBAQBy EVwrRKx4RcUk6tSRGgYTKMJr91InYa9dq43jJwir/8TmstDUYh2W/WSUflCqDCu3 YsKdKNI1YDUIUuwojxKZL0ks5eaUaSZpbjYJpVMZezgdwo2Nh9zUK6Adwn/b0d+A QDNTfj4ACVQhfZCZSMOD2Hy3ZRpvpDGsNjhqPwYlvF56Nr8VtyfrRDx6oFfwApC5 yC1hnFFbrQ7H4tIT8j5Q0jA7+IZtaXDTX4FbOOMZ54XDeW+kiCgR6IcSzoFbACRN VD85LCVHeY7EJ3J1H3mMAA/JHAz9SItpwyGKdgXsHLNjnod8JKAOyZTagQ5tDiQ2 egoYKyCWBCxsvn4WxjCQ -----END CERTIFICATE-----Generated at Wed Mar 25 23:26:03 2026 by rpki-client