Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/36322e332e32302e302f32342d3234203d3e203239383032.roa
File: 36322e332e32302e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: OMCvTIkxKZA7TuEr0st56g/erSyO1XLGxvHXwytzn5A=
Subject key identifier: 5F:E8:1D:99:4A:62:CD:D4:AA:EE:F1:85:D5:BB:AC:2C:1A:68:5E:85
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 11A3EDBD17AA77674E5E6D27811502D28BEED889
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/36322e332e32302e302f32342d3234203d3e203239383032.roa
Signing time: Tue 09 Jan 2024 14:46:31 +0000
ROA not before: Tue 09 Jan 2024 14:41:31 +0000
ROA not after: Tue 07 Jan 2025 14:46:31 +0000
asID: 29802
IP address blocks: 62.3.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:a3:ed:bd:17:aa:77:67:4e:5e:6d:27:81:15:02:d2:8b:ee:d8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 9 14:41:31 2024 GMT
Not After : Jan 7 14:46:31 2025 GMT
Subject: CN=5FE81D994A62CDD4AAEEF185D5BBAC2C1A685E85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ab:9b:a5:92:e8:93:ac:4f:b7:8e:ea:4a:e2:
31:7c:f7:23:ae:14:7f:ba:d5:15:e0:1d:28:0a:77:
f6:18:b0:c5:70:c8:b6:f5:c0:06:98:d8:a6:79:68:
5f:23:b1:eb:a9:aa:91:ff:24:0a:ab:87:fe:32:c5:
6e:94:7f:f2:17:f6:20:4e:2b:9a:06:fb:ac:d4:1f:
25:e0:09:69:bf:c7:fb:01:97:af:3f:44:54:d1:f5:
93:2b:09:b1:58:7b:09:d8:b0:21:05:5b:8f:39:8b:
ff:08:6a:d2:77:52:38:7a:11:4b:bf:a8:e0:a7:57:
b7:e9:ac:9f:64:6a:3f:52:3b:7e:ad:e5:e3:c7:05:
d9:ed:78:63:c8:bd:83:43:d6:89:04:15:1b:e0:0d:
e1:ac:46:b2:02:50:92:40:1f:d4:a7:47:9b:6f:6a:
c5:b6:0a:14:e4:7a:60:be:c0:2c:1e:91:d3:5e:fd:
84:42:f2:4b:6f:1b:d7:3c:93:22:fd:ce:49:ba:9f:
59:31:e3:a6:1f:98:99:c3:03:89:7b:fc:ee:5d:40:
09:ef:9f:51:47:77:38:d6:aa:c6:68:8d:37:17:28:
58:f1:77:6e:c9:41:0d:f8:23:e3:b7:91:f7:2a:3b:
0d:0f:12:b7:64:7f:64:ec:cf:98:ba:d3:e7:e1:86:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E8:1D:99:4A:62:CD:D4:AA:EE:F1:85:D5:BB:AC:2C:1A:68:5E:85
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/36322e332e32302e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.20.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:90:7a:42:de:36:97:27:94:6a:33:1a:87:11:d9:34:29:95:
b1:13:c5:55:38:b4:30:24:d3:59:71:07:ee:f2:84:8e:0e:7a:
fe:93:21:c1:b2:e7:4e:00:01:ab:9c:54:73:a2:a7:37:0e:da:
7b:fa:a4:39:9b:51:9f:d7:aa:86:1a:7f:b2:6b:8c:52:f9:a7:
68:8c:29:b3:ab:b6:05:d7:94:ef:68:4c:62:91:d8:58:82:25:
c4:78:30:29:1b:4b:1b:8f:40:8e:67:3e:25:85:b0:bc:55:03:
6d:52:9f:e1:be:4c:0c:b8:96:b8:f9:6e:d2:8a:2d:94:04:66:
a1:dc:95:f1:b3:54:97:76:e8:cb:85:a9:43:1c:40:cc:b6:09:
20:e1:1e:71:8a:78:60:73:98:ff:99:e9:9d:59:d8:8e:94:7b:
d6:b1:17:35:c5:fc:73:55:4b:dd:df:48:d8:36:cf:2c:45:b9:
a6:5a:f4:85:a4:12:3e:21:8a:24:20:ff:ff:43:72:3d:8e:fe:
2a:22:f5:9a:21:be:3d:39:30:1a:a6:c3:54:a3:aa:f5:be:a6:
50:a8:70:42:65:de:60:36:c1:eb:43:8a:37:f5:30:c6:40:2d:
bb:74:c9:58:fd:35:d8:f2:96:6a:3b:e9:58:c1:33:9b:42:ad:
5a:5e:d8:ab
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUEaPtvReqd2dOXm0ngRUC0ovu2IkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAxMDkxNDQxMzFaFw0yNTAxMDcxNDQ2MzFaMDMxMTAvBgNV
BAMTKDVGRTgxRDk5NEE2MkNERDRBQUVFRjE4NUQ1QkJBQzJDMUE2ODVFODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+q5ulkuiTrE+3jupK4jF89yOu
FH+61RXgHSgKd/YYsMVwyLb1wAaY2KZ5aF8jseupqpH/JAqrh/4yxW6Uf/IX9iBO
K5oG+6zUHyXgCWm/x/sBl68/RFTR9ZMrCbFYewnYsCEFW485i/8IatJ3Ujh6EUu/
qOCnV7fprJ9kaj9SO36t5ePHBdnteGPIvYND1okEFRvgDeGsRrICUJJAH9SnR5tv
asW2ChTkemC+wCwekdNe/YRC8ktvG9c8kyL9zkm6n1kx46YfmJnDA4l7/O5dQAnv
n1FHdzjWqsZojTcXKFjxd27JQQ34I+O3kfcqOw0PErdkf2Tsz5i60+fhhuSFAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUX+gdmUpizdSq7vGF1busLBpoXoUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzYzMjJlMzMyZTMyMzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMUMA0G
CSqGSIb3DQEBCwUAA4IBAQDAkHpC3jaXJ5RqMxqHEdk0KZWxE8VVOLQwJNNZcQfu
8oSODnr+kyHBsudOAAGrnFRzoqc3Dtp7+qQ5m1Gf16qGGn+ya4xS+adojCmzq7YF
15TvaExikdhYgiXEeDApG0sbj0COZz4lhbC8VQNtUp/hvkwMuJa4+W7Sii2UBGah
3JXxs1SXdujLhalDHEDMtgkg4R5xinhgc5j/memdWdiOlHvWsRc1xfxzVUvd30jY
Ns8sRbmmWvSFpBI+IYokIP//Q3I9jv4qIvWaIb49OTAapsNUo6r1vqZQqHBCZd5g
NsHrQ4o39TDGQC27dMlY/TXY8pZqO+lYwTObQq1aXtir
-----END CERTIFICATE-----
Generated at Tue Apr 30 03:42:22 2024 by rpki-client on console-fra.rpki-client.org