$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS214206.roa File: AS214206.roa (raw, json) Hash identifier: GZmqzUnIQO6G1lv4RQ1ZK5EiRI+Q/YETIK12txsLXAg= Subject key identifier: 31:67:13:6B:C1:02:BB:7E:3D:96:6F:F1:76:68:15:DA:33:FB:36:21 Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36 Certificate serial: 689400507FC5FB66F266443A116206DD903A0890 Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS214206.roa Signing time: Mon 30 Jun 2025 14:59:43 +0000 ROA not before: Mon 30 Jun 2025 14:54:43 +0000 ROA not after: Mon 29 Jun 2026 14:59:43 +0000 asID: 214206 IP address blocks: 2a05:dfc3:fd70::/44 maxlen: 52 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 01 Jul 2025 14:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:94:00:50:7f:c5:fb:66:f2:66:44:3a:11:62:06:dd:90:3a:08:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36 Validity Not Before: Jun 30 14:54:43 2025 GMT Not After : Jun 29 14:59:43 2026 GMT Subject: CN=3167136BC102BB7E3D966FF1766815DA33FB3621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4b:46:ff:3e:a3:16:ff:1d:55:35:35:6e:67: d3:92:98:da:23:0f:0d:19:61:b3:0f:97:ae:fa:e3: 88:a2:7f:d5:1c:fc:7b:f6:5b:d2:af:8e:70:d2:44: 5b:fb:76:58:b9:4c:c1:64:42:77:d9:a8:cc:a6:52: b9:dc:21:21:9b:8b:d4:0c:84:fb:d1:c5:ab:5a:dc: 0a:f1:f1:3b:c1:6e:4b:e0:d0:26:23:bc:9e:35:d7: fe:8a:fe:4b:c8:7a:dc:be:2d:45:cc:c5:c0:c1:16: 67:66:c6:71:62:4e:41:22:c2:b8:58:e2:3b:ee:52: 0b:9c:47:b5:c1:c7:81:8d:bb:cf:f5:4f:ab:3e:d3: d5:a6:19:50:7b:12:ce:b7:c7:ea:45:27:85:fa:31: 91:59:78:53:04:cb:1b:ad:24:bb:79:89:c3:1e:16: af:c9:da:a2:b1:34:c5:b8:49:1f:ab:46:90:30:84: de:50:3e:dd:7a:69:d8:b2:00:f1:d4:c5:d7:15:1c: 99:49:85:43:83:51:72:6c:b3:cc:25:8e:fb:29:14: a8:fb:8b:d4:48:ad:28:f8:96:23:c1:21:72:70:19: 43:55:2b:af:d4:c4:57:24:c8:1e:b1:aa:65:95:22: 2e:6e:c8:3b:e3:7e:b1:4a:f6:55:a1:a5:31:9e:89: d4:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:67:13:6B:C1:02:BB:7E:3D:96:6F:F1:76:68:15:DA:33:FB:36:21 X509v3 Authority Key Identifier: keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS214206.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:fd70::/44 Signature Algorithm: sha256WithRSAEncryption 23:9b:87:f3:9a:09:e0:2f:c1:05:5b:8c:cc:c0:bc:8d:42:e9: 89:f5:68:40:f4:4b:51:59:ab:ce:97:b6:fd:c2:9b:56:69:95: e2:90:df:4f:48:3a:e4:32:e7:27:4a:62:c2:80:e0:46:d1:1a: 4d:e1:33:de:25:07:39:92:26:de:4b:58:9f:03:35:3d:cb:7e: e0:71:81:fb:42:f9:19:14:2a:d0:d5:d5:6d:4e:00:91:10:82: 3c:59:0b:ae:b4:be:9f:d1:2e:7f:8d:5c:1b:6e:a5:4a:0c:c7: 21:b0:8b:49:a1:f7:01:97:0e:95:5d:17:67:7b:3e:55:72:46: 8d:3f:eb:e8:ad:a9:c4:e5:de:02:90:92:f2:a5:72:a9:d4:a0: 28:5f:b5:4b:c8:a7:2e:a0:01:25:67:e7:88:38:5b:2d:98:d4: 1e:b9:f6:8b:2d:06:b7:29:b4:af:d8:04:59:14:f8:e7:ce:b6: 59:01:2e:4e:91:35:49:c2:6d:ff:08:13:7a:75:5a:38:a8:19: ba:19:a0:72:60:26:4d:2b:02:46:d1:46:0a:46:bf:d6:08:10: 02:e3:25:32:f5:de:6d:b3:b6:48:6a:63:2c:76:a7:74:0d:49: d7:c6:4a:0d:c1:14:3a:46:14:a0:03:c5:b2:14:52:86:9c:03: ed:13:18:db -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUaJQAUH/F+2byZkQ6EWIG3ZA6CJAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx OEMyM0IzNjAeFw0yNTA2MzAxNDU0NDNaFw0yNjA2MjkxNDU5NDNaMDMxMTAvBgNV BAMTKDMxNjcxMzZCQzEwMkJCN0UzRDk2NkZGMTc2NjgxNURBMzNGQjM2MjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3S0b/PqMW/x1VNTVuZ9OSmNoj Dw0ZYbMPl67644iif9Uc/Hv2W9KvjnDSRFv7dli5TMFkQnfZqMymUrncISGbi9QM hPvRxata3Arx8TvBbkvg0CYjvJ411/6K/kvIety+LUXMxcDBFmdmxnFiTkEiwrhY 4jvuUgucR7XBx4GNu8/1T6s+09WmGVB7Es63x+pFJ4X6MZFZeFMEyxutJLt5icMe Fq/J2qKxNMW4SR+rRpAwhN5QPt16adiyAPHUxdcVHJlJhUODUXJss8wljvspFKj7 i9RIrSj4liPBIXJwGUNVK6/UxFckyB6xqmWVIi5uyDvjfrFK9lWhpTGeidQnAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUMWcTa8ECu349lm/xdmgV2jP7NiEwHwYDVR0j BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5 OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy M0IzNi5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y3OTQ4NzM4LTMyNTUt NDlmOS05YjZjLTljOWYzODk4OTk1ZC8zL0FTMjE0MjA2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgXf w/1wMA0GCSqGSIb3DQEBCwUAA4IBAQAjm4fzmgngL8EFW4zMwLyNQumJ9WhA9EtR WavOl7b9wptWaZXikN9PSDrkMucnSmLCgOBG0RpN4TPeJQc5kibeS1ifAzU9y37g cYH7QvkZFCrQ1dVtTgCREII8WQuutL6f0S5/jVwbbqVKDMchsItJofcBlw6VXRdn ez5VckaNP+voranE5d4CkJLypXKp1KAoX7VLyKcuoAElZ+eIOFstmNQeufaLLQa3 KbSv2ARZFPjnzrZZAS5OkTVJwm3/CBN6dVo4qBm6GaByYCZNKwJG0UYKRr/WCBAC 4yUy9d5ts7ZIamMsdqd0DUnXxkoNwRQ6RhSgA8WyFFKGnAPtExjb -----END CERTIFICATE-----Generated at Mon Jun 30 21:54:28 2025 by rpki-client