$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fadebb9d-33cc-429b-aa35-10634a8b1dd4/0/326131343a373538313a323830303a3a2f34302d3438203d3e20323039313039.roa File: 326131343a373538313a323830303a3a2f34302d3438203d3e20323039313039.roa (raw, json) Hash identifier: U1r4ZvjM4KXIBEm7hpH6+0Qd/LSsHMlknATpB6yDZ90= Subject key identifier: DD:34:A3:AD:01:95:61:A0:D4:F2:43:06:CD:2E:1D:B8:DA:07:97:E0 Certificate issuer: /CN=35B52EF20A5730A6261D6D1916C6B747FF3C2852 Certificate serial: 3C0E6A410F02D3E9738CC55D3256D82C141252DC Authority key identifier: 35:B5:2E:F2:0A:57:30:A6:26:1D:6D:19:16:C6:B7:47:FF:3C:28:52 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/35B52EF20A5730A6261D6D1916C6B747FF3C2852.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fadebb9d-33cc-429b-aa35-10634a8b1dd4/0/326131343a373538313a323830303a3a2f34302d3438203d3e20323039313039.roa Signing time: Sat 16 Aug 2025 17:28:53 +0000 ROA not before: Sat 16 Aug 2025 17:23:53 +0000 ROA not after: Sat 15 Aug 2026 17:28:53 +0000 asID: 209109 IP address blocks: 2a14:7581:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fadebb9d-33cc-429b-aa35-10634a8b1dd4/0/35B52EF20A5730A6261D6D1916C6B747FF3C2852.crl rsync://rsync.paas.rpki.ripe.net/repository/fadebb9d-33cc-429b-aa35-10634a8b1dd4/0/35B52EF20A5730A6261D6D1916C6B747FF3C2852.mft rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/35B52EF20A5730A6261D6D1916C6B747FF3C2852.cer rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 16:50:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:0e:6a:41:0f:02:d3:e9:73:8c:c5:5d:32:56:d8:2c:14:12:52:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35B52EF20A5730A6261D6D1916C6B747FF3C2852 Validity Not Before: Aug 16 17:23:53 2025 GMT Not After : Aug 15 17:28:53 2026 GMT Subject: CN=DD34A3AD019561A0D4F24306CD2E1DB8DA0797E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:ac:ec:d5:a5:18:df:60:0d:41:9f:41:3c:66: fc:5c:ee:ae:31:b5:db:db:5f:38:dc:b2:ca:eb:d5: 6f:d4:13:59:f0:30:90:f7:6b:fb:dc:69:e0:cc:d4: c8:9e:2f:96:3c:8b:36:5c:74:69:2f:1f:6a:5a:5b: cb:5d:42:8e:87:cc:ad:d3:79:60:15:02:24:e3:c1: cb:56:ed:ad:d0:53:bb:e7:db:ed:b4:86:18:3a:22: 18:66:23:de:c3:37:a8:6d:c1:2b:80:53:92:c8:5e: 76:bd:f9:67:2f:55:66:59:b4:4b:d1:c9:76:ef:f6: e8:32:e8:69:e5:68:32:40:a8:64:f5:46:3e:d3:1d: 27:a4:2e:89:0b:3a:02:46:ed:26:bb:d3:42:08:ec: 24:7d:bc:fc:49:6a:34:7a:16:6c:7a:9e:f6:e4:e7: 16:04:df:8e:ab:54:0a:2f:5b:d6:ab:2f:18:d4:29: df:f4:01:35:02:56:be:c1:3a:7e:9f:f8:21:d6:9e: 44:f9:59:7f:7c:02:7b:d2:c9:d6:33:30:55:97:7e: 5a:2e:2b:a7:63:88:a9:07:4f:7e:57:dd:bd:b4:fb: b5:78:b3:51:fe:f5:77:a4:2b:75:31:7e:cc:fe:f4: 21:98:59:75:60:31:38:3b:4b:d0:e5:28:50:83:95: d4:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:34:A3:AD:01:95:61:A0:D4:F2:43:06:CD:2E:1D:B8:DA:07:97:E0 X509v3 Authority Key Identifier: keyid:35:B5:2E:F2:0A:57:30:A6:26:1D:6D:19:16:C6:B7:47:FF:3C:28:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fadebb9d-33cc-429b-aa35-10634a8b1dd4/0/35B52EF20A5730A6261D6D1916C6B747FF3C2852.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/35B52EF20A5730A6261D6D1916C6B747FF3C2852.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fadebb9d-33cc-429b-aa35-10634a8b1dd4/0/326131343a373538313a323830303a3a2f34302d3438203d3e20323039313039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:2800::/40 Signature Algorithm: sha256WithRSAEncryption 7e:24:48:e8:bd:3d:84:d5:78:6e:4f:44:5a:ab:b0:22:87:8a: 0c:79:1c:f6:8d:32:63:90:ba:fc:a4:0c:db:f4:fd:d3:e8:1f: c7:08:c2:7f:85:1a:40:44:bc:d8:ef:93:f6:36:b1:e4:d1:c9: 26:e9:54:e5:18:be:cf:9a:23:84:9c:1c:66:c8:a8:ca:a2:d3: 84:63:db:43:44:8a:95:c2:79:9d:2b:61:bd:6a:9b:1d:43:53: e9:2e:fb:19:78:c7:b8:b1:a6:74:98:23:4d:d6:72:9d:7e:77: 92:af:7e:cb:ca:ec:5a:96:0d:1a:40:e5:57:13:7a:c6:7f:52: 19:b7:b1:e0:8e:b1:45:fb:3c:4b:2b:35:f0:9f:1a:a7:46:75: 7a:f9:4d:cd:2a:5f:6c:e5:9f:e1:d9:3f:86:78:d1:b9:04:c8: 90:79:3c:ed:2a:66:f1:16:59:a6:3e:5b:84:ae:96:cd:ed:88: 89:15:92:ca:8d:f8:b5:06:ac:39:e3:31:90:99:a5:4f:71:fe: d4:57:5a:a7:aa:85:22:c9:4c:78:a9:45:f1:d3:97:27:34:e3: 1c:fe:e7:3e:20:10:97:c8:bc:76:d2:c6:32:1d:1c:fa:e7:39: 3e:27:72:c1:46:66:86:e6:e4:48:a4:82:a3:29:ea:1c:48:b6: fb:9a:50:f9 -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgIUPA5qQQ8C0+lzjMVdMlbYLBQSUtwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzVCNTJFRjIwQTU3MzBBNjI2MUQ2RDE5MTZDNkI3NDdG RjNDMjg1MjAeFw0yNTA4MTYxNzIzNTNaFw0yNjA4MTUxNzI4NTNaMDMxMTAvBgNV BAMTKEREMzRBM0FEMDE5NTYxQTBENEYyNDMwNkNEMkUxREI4REEwNzk3RTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0rOzVpRjfYA1Bn0E8Zvxc7q4x tdvbXzjcssrr1W/UE1nwMJD3a/vcaeDM1MieL5Y8izZcdGkvH2paW8tdQo6HzK3T eWAVAiTjwctW7a3QU7vn2+20hhg6IhhmI97DN6htwSuAU5LIXna9+WcvVWZZtEvR yXbv9ugy6GnlaDJAqGT1Rj7THSekLokLOgJG7Sa700II7CR9vPxJajR6Fmx6nvbk 5xYE346rVAovW9arLxjUKd/0ATUCVr7BOn6f+CHWnkT5WX98AnvSydYzMFWXflou K6djiKkHT35X3b20+7V4s1H+9XekK3Uxfsz+9CGYWXVgMTg7S9DlKFCDldRbAgMB AAGjggKEMIICgDAdBgNVHQ4EFgQU3TSjrQGVYaDU8kMGzS4duNoHl+AwHwYDVR0j BBgwFoAUNbUu8gpXMKYmHW0ZFsa3R/88KFIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmFkZWJiOWQtMzNjYy00MjliLWFhMzUtMTA2MzRhOGIx ZGQ0LzAvMzVCNTJFRjIwQTU3MzBBNjI2MUQ2RDE5MTZDNkI3NDdGRjNDMjg1Mi5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zNUI1MkVGMjBBNTczMEE2MjYxRDZEMTkx NkM2Qjc0N0ZGM0MyODUyLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9mYWRlYmI5ZC0zM2NjLTQyOWItYWEzNS0xMDYzNGE4YjFkZDQvMC8zMjYxMzEz NDNhMzczNTM4MzEzYTMyMzgzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz MDM5MzEzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1gSgwDQYJKoZIhvcNAQELBQADggEBAH4k SOi9PYTVeG5PRFqrsCKHigx5HPaNMmOQuvykDNv0/dPoH8cIwn+FGkBEvNjvk/Y2 seTRySbpVOUYvs+aI4ScHGbIqMqi04Rj20NEipXCeZ0rYb1qmx1DU+ku+xl4x7ix pnSYI03Wcp1+d5KvfsvK7FqWDRpA5VcTesZ/Uhm3seCOsUX7PEsrNfCfGqdGdXr5 Tc0qX2zln+HZP4Z40bkEyJB5PO0qZvEWWaY+W4Suls3tiIkVksqN+LUGrDnjMZCZ pU9x/tRXWqeqhSLJTHipRfHTlyc04xz+5z4gEJfIvHbSxjIdHPrnOT4ncsFGZobm 5EikgqMp6hxItvuaUPk= -----END CERTIFICATE-----Generated at Sun Aug 24 02:53:50 2025 by rpki-client