$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130383a3a2f34382d3438203d3e20323036303639.roa File: 326131343a373538363a363130383a3a2f34382d3438203d3e20323036303639.roa (raw, json) Hash identifier: YcX2njhT0h6sqLfQ++klkVsJcPGnxKOwp/btnzs91NI= Subject key identifier: 2E:B4:5D:32:86:78:1F:B9:90:59:81:59:0F:02:BC:4E:86:3F:57:71 Certificate issuer: /CN=20914720382A1F52B950212C138E5E1E81BA69B7 Certificate serial: 60EECE2FB5CA72BCDEA49EEC6FF6CB3BDD48B485 Authority key identifier: 20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130383a3a2f34382d3438203d3e20323036303639.roa Signing time: Sun 08 Mar 2026 14:46:44 +0000 ROA not before: Sun 08 Mar 2026 14:41:44 +0000 ROA not after: Sun 07 Mar 2027 14:46:44 +0000 asID: 206069 IP address blocks: 2a14:7586:6108::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.crl rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 00:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:ee:ce:2f:b5:ca:72:bc:de:a4:9e:ec:6f:f6:cb:3b:dd:48:b4:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20914720382A1F52B950212C138E5E1E81BA69B7 Validity Not Before: Mar 8 14:41:44 2026 GMT Not After : Mar 7 14:46:44 2027 GMT Subject: CN=2EB45D3286781FB9905981590F02BC4E863F5771 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:9a:3a:9a:c1:8f:a3:c1:fa:ed:85:2b:42:f0: ad:d0:7f:90:8c:1d:43:33:f2:75:0a:13:a4:2e:4c: 56:ac:79:a2:ae:c6:ac:61:0f:d7:5a:b5:54:1b:63: 6d:41:e3:bb:15:af:e8:47:67:88:4c:7c:33:fc:8a: 5d:83:83:8a:4a:94:51:0a:c2:68:3a:98:bb:cd:8e: 8a:da:1f:0d:62:41:86:1f:aa:b3:c5:71:68:68:67: f9:03:a7:09:45:9e:fa:3c:03:86:7e:f0:f2:2f:84: 8b:aa:44:ee:6f:8a:a7:a6:5a:6b:cd:b5:44:5d:d1: 3b:66:11:34:58:e7:ad:04:cb:24:6c:b2:a2:75:a0: 5a:f8:af:d4:ac:6e:8f:46:6e:8c:82:fe:46:1c:33: 34:53:1a:cf:c8:97:f4:27:d3:41:c7:03:ec:ef:86: d0:6f:e7:69:47:97:65:6d:09:f3:ad:0c:6f:73:09: 98:0f:f1:f9:31:1a:1e:be:82:ab:75:73:49:aa:e6: 51:12:5d:30:14:49:51:4b:ae:d5:4b:1f:af:16:0a: dd:60:b8:b3:42:d4:3d:d6:c7:0a:ad:e2:e6:5f:d4: 65:d7:91:7d:0e:b0:29:60:53:d3:b9:fb:0a:86:c6: db:33:fd:20:1b:aa:f3:11:ee:71:29:ee:c6:a6:ad: 5a:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:B4:5D:32:86:78:1F:B9:90:59:81:59:0F:02:BC:4E:86:3F:57:71 X509v3 Authority Key Identifier: keyid:20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/326131343a373538363a363130383a3a2f34382d3438203d3e20323036303639.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7586:6108::/48 Signature Algorithm: sha256WithRSAEncryption 7f:e1:d9:bf:40:a2:40:91:3c:d3:41:b2:26:84:61:36:89:3e: 21:e9:e2:1f:d3:a8:a2:5a:b9:08:0a:af:c0:80:ef:64:06:2a: bd:5c:bb:3f:46:41:05:1b:64:35:ad:d7:03:1b:37:21:19:b5: 1b:ff:16:ef:4c:3d:46:1f:c1:e8:00:35:56:ac:94:8a:93:af: 8e:e9:c7:80:62:27:d5:21:da:93:9a:ae:30:3f:15:1a:22:7e: 18:6d:eb:31:98:92:6b:15:d0:db:fc:56:be:f8:e8:49:56:1e: 3c:17:65:6c:bf:91:0f:ae:e3:8f:8c:b7:63:01:ac:a6:3e:a0: cf:e5:5f:bb:ee:f1:b3:a4:fa:77:7a:77:13:68:40:a4:38:ed: 0f:00:fd:c7:fd:b3:8d:0e:b3:e3:ec:67:c4:f6:e0:91:6a:df: 8a:50:05:ac:8f:0f:de:fe:fc:2f:07:7f:cc:d9:1d:d0:87:ba: 80:64:86:1b:2e:b5:68:b8:1b:73:9b:f2:84:40:b9:bb:40:b5: 56:33:25:0d:a0:69:d8:2e:32:02:a3:65:8a:66:a0:46:86:96: 8d:67:a3:96:03:68:94:b9:d6:68:76:ba:d3:03:4d:77:e8:7e: 24:2b:6d:d9:72:48:79:d8:76:85:48:96:c8:0d:3e:2a:95:93: ab:2b:44:9a -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIUYO7OL7XKcrzepJ7sb/bLO91ItIUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjA5MTQ3MjAzODJBMUY1MkI5NTAyMTJDMTM4RTVFMUU4 MUJBNjlCNzAeFw0yNjAzMDgxNDQxNDRaFw0yNzAzMDcxNDQ2NDRaMDMxMTAvBgNV BAMTKDJFQjQ1RDMyODY3ODFGQjk5MDU5ODE1OTBGMDJCQzRFODYzRjU3NzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZmjqawY+jwfrthStC8K3Qf5CM HUMz8nUKE6QuTFaseaKuxqxhD9datVQbY21B47sVr+hHZ4hMfDP8il2Dg4pKlFEK wmg6mLvNjoraHw1iQYYfqrPFcWhoZ/kDpwlFnvo8A4Z+8PIvhIuqRO5viqemWmvN tURd0TtmETRY560EyyRssqJ1oFr4r9Ssbo9GboyC/kYcMzRTGs/Il/Qn00HHA+zv htBv52lHl2VtCfOtDG9zCZgP8fkxGh6+gqt1c0mq5lESXTAUSVFLrtVLH68WCt1g uLNC1D3Wxwqt4uZf1GXXkX0OsClgU9O5+wqGxtsz/SAbqvMR7nEp7samrVojAgMB AAGjggKFMIICgTAdBgNVHQ4EFgQULrRdMoZ4H7mQWYFZDwK8ToY/V3EwHwYDVR0j BBgwFoAUIJFHIDgqH1K5UCEsE45eHoG6abcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjUzMmI5ZWItMmZhZS00OGE4LTk3OTMtMzNlZWMwNjdj ZTM5LzMvMjA5MTQ3MjAzODJBMUY1MkI5NTAyMTJDMTM4RTVFMUU4MUJBNjlCNy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMDkxNDcyMDM4MkExRjUyQjk1MDIxMkMx MzhFNUUxRTgxQkE2OUI3LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mNTMyYjllYi0yZmFlLTQ4YTgtOTc5My0zM2VlYzA2N2NlMzkvMy8zMjYxMzEz NDNhMzczNTM4MzYzYTM2MzEzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz MDM2MzAzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1hmEIMA0GCSqGSIb3DQEBCwUAA4IBAQB/ 4dm/QKJAkTzTQbImhGE2iT4h6eIf06iiWrkICq/AgO9kBiq9XLs/RkEFG2Q1rdcD GzchGbUb/xbvTD1GH8HoADVWrJSKk6+O6ceAYifVIdqTmq4wPxUaIn4YbesxmJJr FdDb/Fa++OhJVh48F2Vsv5EPruOPjLdjAaymPqDP5V+77vGzpPp3encTaECkOO0P AP3H/bONDrPj7GfE9uCRat+KUAWsjw/e/vwvB3/M2R3Qh7qAZIYbLrVouBtzm/KE QLm7QLVWMyUNoGnYLjICo2WKZqBGhpaNZ6OWA2iUudZodrrTA0136H4kK23Zckh5 2HaFSJbIDT4qlZOrK0Sa -----END CERTIFICATE-----Generated at Thu Mar 26 11:47:09 2026 by rpki-client