Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e34302e302f32322d3332203d3e20313431393935.roa
File: 36322e37322e34302e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: ZddF+a/3Ouk5jV6s51v4NIkKCB+EUH6TL/KfPMArXs8=
Subject key identifier: DF:03:A0:92:A0:96:B0:E0:F4:B5:FE:3E:87:71:5F:E5:3C:35:34:66
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4503BE8BEC28FF6690828F24E729BF5122D5827D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e34302e302f32322d3332203d3e20313431393935.roa
Signing time: Thu 20 Jul 2023 09:19:31 +0000
ROA not before: Thu 20 Jul 2023 09:14:31 +0000
ROA not after: Thu 18 Jul 2024 09:19:31 +0000
asID: 141995
IP address blocks: 62.72.40.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:03:be:8b:ec:28:ff:66:90:82:8f:24:e7:29:bf:51:22:d5:82:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 20 09:14:31 2023 GMT
Not After : Jul 18 09:19:31 2024 GMT
Subject: CN=DF03A092A096B0E0F4B5FE3E87715FE53C353466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:72:8b:dc:4a:40:a8:a9:0a:b1:c3:5d:dd:
b3:36:6a:05:82:f0:b6:97:93:bd:69:70:a1:97:f7:
ce:4b:88:08:7d:0b:0c:50:74:cf:02:13:58:df:0a:
f6:83:54:d6:84:29:83:87:51:c2:82:5f:3e:3d:19:
4d:0d:72:8f:35:51:94:e5:95:1d:79:88:12:43:7e:
8d:48:84:4a:87:56:3c:d7:96:78:7a:05:4a:c8:5d:
18:5d:97:82:61:9b:d6:ed:a8:c9:8b:ca:39:98:87:
9e:e1:d5:2e:c8:f8:55:78:39:7b:31:e3:38:a0:a1:
f8:ed:bc:cd:16:b3:de:88:c4:24:5a:44:80:9b:30:
6c:f2:df:02:38:ed:49:0e:6c:7e:5a:60:ef:96:82:
5c:80:a9:e4:03:0a:91:4a:23:a3:41:9d:09:db:a8:
54:b7:40:c9:29:7b:4c:46:d9:e0:09:71:07:38:86:
c4:fc:9b:75:4c:69:ff:1b:9d:79:01:57:f3:8b:e0:
87:4a:ca:30:ad:6e:3a:72:41:70:b9:07:19:b9:30:
4b:6c:eb:f1:fc:c7:97:3e:52:6f:a8:8b:40:f3:e7:
36:d5:6c:07:56:0b:17:62:b7:2c:ef:5f:4e:25:72:
76:34:35:42:fb:c4:0a:5b:62:19:16:01:d2:3e:da:
fd:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:03:A0:92:A0:96:B0:E0:F4:B5:FE:3E:87:71:5F:E5:3C:35:34:66
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e34302e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.40.0/22
Signature Algorithm: sha256WithRSAEncryption
35:d7:43:f2:6c:b5:6d:e3:44:49:0f:5a:51:c7:fb:0d:08:db:
66:0d:2b:3b:bf:18:e3:01:99:41:dc:cb:96:e5:82:4c:02:5b:
4c:12:17:2a:91:e8:b4:33:79:39:15:5b:a8:69:36:79:b4:dd:
51:4e:cd:c3:bf:9f:af:44:9e:b9:25:05:12:74:2d:3c:2c:29:
2b:b8:34:6b:89:b3:c0:cc:d5:38:8d:1b:93:3a:8c:ae:13:22:
ed:28:83:86:e8:fc:e5:81:fa:8c:98:27:6d:9c:5e:03:90:a3:
c4:54:3f:44:e4:06:10:dd:1e:58:a9:d3:14:cd:16:99:77:58:
ed:d0:db:a0:5b:fd:8c:e6:6e:74:a8:1b:eb:e0:c5:1a:01:e2:
fe:be:d8:a6:7c:82:45:65:f9:50:44:29:b0:5a:f6:2c:69:6b:
a0:78:1a:07:31:2b:25:43:22:13:d2:fb:42:a6:f4:d1:22:84:
5c:20:1c:d2:e3:25:6d:34:1a:67:ec:f7:bd:b1:a7:9e:58:9d:
9a:fd:5a:26:83:24:a4:52:83:52:ed:d4:87:24:61:c8:37:cb:
e7:3b:99:de:72:65:0c:24:f1:8c:bf:c3:9d:6d:14:01:ff:a9:
39:0d:6b:71:c0:b9:f7:1a:24:b0:49:38:22:16:5a:99:22:25:
70:1f:a0:fc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURQO+i+wo/2aQgo8k5ym/USLVgn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MjAwOTE0MzFaFw0yNDA3MTgwOTE5MzFaMDMxMTAvBgNV
BAMTKERGMDNBMDkyQTA5NkIwRTBGNEI1RkUzRTg3NzE1RkU1M0MzNTM0NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+nHKL3EpAqKkKscNd3bM2agWC
8LaXk71pcKGX985LiAh9CwxQdM8CE1jfCvaDVNaEKYOHUcKCXz49GU0Nco81UZTl
lR15iBJDfo1IhEqHVjzXlnh6BUrIXRhdl4Jhm9btqMmLyjmYh57h1S7I+FV4OXsx
4zigofjtvM0Ws96IxCRaRICbMGzy3wI47UkObH5aYO+WglyAqeQDCpFKI6NBnQnb
qFS3QMkpe0xG2eAJcQc4hsT8m3VMaf8bnXkBV/OL4IdKyjCtbjpyQXC5Bxm5MEts
6/H8x5c+Um+oi0Dz5zbVbAdWCxdityzvX04lcnY0NUL7xApbYhkWAdI+2v0dAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU3wOgkqCWsOD0tf4+h3Ff5Tw1NGYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzczMjJlMzQzMDJl
MzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAj5I
KDANBgkqhkiG9w0BAQsFAAOCAQEANddD8my1beNESQ9aUcf7DQjbZg0rO78Y4wGZ
QdzLluWCTAJbTBIXKpHotDN5ORVbqGk2ebTdUU7Nw7+fr0SeuSUFEnQtPCwpK7g0
a4mzwMzVOI0bkzqMrhMi7SiDhuj85YH6jJgnbZxeA5CjxFQ/ROQGEN0eWKnTFM0W
mXdY7dDboFv9jOZudKgb6+DFGgHi/r7YpnyCRWX5UEQpsFr2LGlroHgaBzErJUMi
E9L7Qqb00SKEXCAc0uMlbTQaZ+z3vbGnnlidmv1aJoMkpFKDUu3UhyRhyDfL5zuZ
3nJlDCTxjL/DnW0UAf+pOQ1rccC59xoksEk4IhZamSIlcB+g/A==
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org