Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa
File: 36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa (raw, json)
Hash identifier: ujOzcUFn73GlYynt8yef9LZrmhEywDFvXOhmuSoBoLw=
Subject key identifier: EF:7E:6A:4F:C7:1D:52:2C:46:D2:76:0E:9D:07:56:60:D5:F6:03:AA
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 3C61A099E672C093E076636028E8E06026031400
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa
Signing time: Tue 16 Jul 2024 14:01:15 +0000
ROA not before: Tue 16 Jul 2024 13:56:15 +0000
ROA not after: Tue 15 Jul 2025 14:01:15 +0000
asID: 138997
IP address blocks: 62.112.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:61:a0:99:e6:72:c0:93:e0:76:63:60:28:e8:e0:60:26:03:14:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Jul 16 13:56:15 2024 GMT
Not After : Jul 15 14:01:15 2025 GMT
Subject: CN=EF7E6A4FC71D522C46D2760E9D075660D5F603AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f4:e7:d1:0f:56:0b:c6:71:6a:5f:c5:24:2a:
89:c0:5f:3d:a9:8d:a2:f0:45:6d:7f:f4:73:cb:60:
bf:6e:d9:40:f8:5b:31:4b:b5:94:fc:44:3e:27:39:
8c:ef:77:51:3f:56:6d:c7:66:4b:71:ec:db:da:dc:
95:5e:e9:c7:23:e7:93:1c:d8:ed:1e:1c:ad:c3:91:
9c:7f:79:1e:e6:47:f4:55:ff:dd:70:cc:ed:e2:50:
58:52:33:80:22:36:b6:95:31:b8:35:15:37:1a:95:
b9:3e:9b:57:ac:af:58:2e:46:3f:39:14:60:42:0d:
fe:c2:c6:e2:fc:e8:d3:fe:1a:2b:38:67:95:e1:ae:
cb:83:f8:d2:1f:9b:d0:ce:81:b4:de:38:1d:63:a7:
ac:12:06:a8:98:0b:cf:47:ed:c5:26:32:ef:d8:d5:
91:d4:75:de:32:4d:f6:06:3e:9b:0c:f4:ac:4e:c5:
0b:93:98:73:ea:82:c7:aa:35:81:e9:00:d8:c4:bc:
f4:14:70:8f:eb:83:04:10:70:1c:4b:92:83:76:6b:
cb:d0:d6:00:bf:e2:d1:d8:b6:94:c5:36:d5:8e:b5:
dd:c2:27:a0:1a:a9:07:94:3f:c2:3e:bd:14:29:31:
4f:82:78:7b:b3:a1:b8:81:5f:8f:09:42:5b:db:33:
e3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7E:6A:4F:C7:1D:52:2C:46:D2:76:0E:9D:07:56:60:D5:F6:03:AA
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.128.0/20
Signature Algorithm: sha256WithRSAEncryption
60:01:c5:f3:94:21:f8:0e:44:7a:30:93:f1:56:9b:1c:b3:ff:
f7:e4:a4:6b:4e:ac:74:f3:40:7b:d3:c0:53:0f:60:2d:4d:ea:
1e:1c:da:28:e5:ac:7f:01:fe:32:72:7e:af:f8:cf:53:51:70:
4b:51:b9:cd:a3:b3:b8:f1:d7:b6:aa:d8:09:96:7b:0b:69:8c:
4f:46:bc:94:47:b4:8b:b1:54:3d:93:52:42:29:3a:6f:f0:fc:
94:4b:a1:8c:1f:13:92:c9:46:f9:32:28:84:61:31:8a:c0:e5:
f3:d5:25:77:15:92:47:dd:b1:fe:b9:26:d2:6f:88:a0:58:69:
10:de:9c:50:04:34:78:37:06:c4:54:3f:83:0b:e4:93:63:9a:
74:26:dd:0b:79:d0:27:cb:8b:bb:35:17:3b:5d:8f:a6:82:6d:
af:50:33:c6:43:b3:1c:a0:02:a6:34:63:df:90:dc:a7:77:1a:
6d:e0:e0:8c:34:f9:85:c7:7f:13:14:ac:44:c7:3f:48:5f:21:
ff:a6:69:64:39:0d:3b:a0:6c:91:92:3d:54:bf:2b:b1:6a:c9:
17:72:3e:06:90:19:ce:16:fd:7e:0a:79:9f:3e:e6:d1:d9:07:
7e:cd:4b:22:ab:f3:40:e4:57:94:6b:a6:2e:39:91:18:0d:ea:
3e:6d:40:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPGGgmeZywJPgdmNgKOjgYCYDFAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDA3MTYxMzU2MTVaFw0yNTA3MTUxNDAxMTVaMDMxMTAvBgNV
BAMTKEVGN0U2QTRGQzcxRDUyMkM0NkQyNzYwRTlEMDc1NjYwRDVGNjAzQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf9OfRD1YLxnFqX8UkKonAXz2p
jaLwRW1/9HPLYL9u2UD4WzFLtZT8RD4nOYzvd1E/Vm3HZktx7Nva3JVe6ccj55Mc
2O0eHK3DkZx/eR7mR/RV/91wzO3iUFhSM4AiNraVMbg1FTcalbk+m1esr1guRj85
FGBCDf7CxuL86NP+Gis4Z5XhrsuD+NIfm9DOgbTeOB1jp6wSBqiYC89H7cUmMu/Y
1ZHUdd4yTfYGPpsM9KxOxQuTmHPqgseqNYHpANjEvPQUcI/rgwQQcBxLkoN2a8vQ
1gC/4tHYtpTFNtWOtd3CJ6AaqQeUP8I+vRQpMU+CeHuzobiBX48JQlvbM+OfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU735qT8cdUixG0nYOnQdWYNX2A6owHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzYzMjJlMzEzMTMyMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTMzMzgzOTM5Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQ+cIAwDQYJKoZIhvcNAQELBQADggEBAGABxfOUIfgORHowk/FWmxyz//fkpGtO
rHTzQHvTwFMPYC1N6h4c2ijlrH8B/jJyfq/4z1NRcEtRuc2js7jx17aq2AmWewtp
jE9GvJRHtIuxVD2TUkIpOm/w/JRLoYwfE5LJRvkyKIRhMYrA5fPVJXcVkkfdsf65
JtJviKBYaRDenFAENHg3BsRUP4ML5JNjmnQm3Qt50CfLi7s1Fztdj6aCba9QM8ZD
sxygAqY0Y9+Q3Kd3Gm3g4Iw0+YXHfxMUrETHP0hfIf+maWQ5DTugbJGSPVS/K7Fq
yRdyPgaQGc4W/X4KeZ8+5tHZB37NSyKr80DkV5Rrpi45kRgN6j5tQN0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org