Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313532313739.roa
File: 36322e3131322e3132382e302f32302d3234203d3e20313532313739.roa (raw, json)
Hash identifier: cwrS6A/oM7uVoRnag/rHPBb4Qk8hZAq3bZyA0gVPCzk=
Subject key identifier: B3:28:18:7A:A9:A6:58:5D:BC:0E:BE:45:BA:F0:62:35:93:CC:07:69
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 270E3A79ED8ABB45994C1E960E24C4B8E9860423
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313532313739.roa
Signing time: Tue 16 Jul 2024 14:01:15 +0000
ROA not before: Tue 16 Jul 2024 13:56:15 +0000
ROA not after: Tue 15 Jul 2025 14:01:15 +0000
asID: 152179
IP address blocks: 62.112.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 10:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:0e:3a:79:ed:8a:bb:45:99:4c:1e:96:0e:24:c4:b8:e9:86:04:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Jul 16 13:56:15 2024 GMT
Not After : Jul 15 14:01:15 2025 GMT
Subject: CN=B328187AA9A6585DBC0EBE45BAF0623593CC0769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ae:a6:e9:32:43:88:4d:86:c2:03:9b:24:75:
fe:1f:76:00:9f:c7:0e:46:b6:64:86:24:a4:5d:25:
5d:86:c0:3e:7d:59:2d:4e:26:6b:3c:cd:48:cc:7c:
84:62:e4:74:0b:3e:99:33:37:9d:4f:03:d8:77:00:
01:13:1c:d8:d1:85:cd:d9:c8:0b:03:f7:7a:05:b0:
cc:02:34:6a:18:46:05:9b:6f:58:76:e4:f4:7b:fa:
71:f2:59:7f:1d:90:99:de:af:f6:70:59:f7:8f:06:
66:69:90:1c:96:f7:f8:7c:6d:20:9e:f0:16:30:13:
3a:81:e0:e3:c3:70:02:8c:cf:7a:f1:4e:d4:02:8c:
48:b6:6c:56:d0:2c:bc:5b:da:e4:7f:7e:50:5f:0c:
45:3f:e3:d3:a7:82:b2:68:c1:06:30:d4:f3:47:2e:
6d:54:2a:9b:19:8f:a8:a9:32:87:3e:af:38:fb:7d:
7a:bd:96:cc:80:13:2c:84:6f:bd:d9:c9:45:03:af:
76:f1:87:25:87:d4:65:0d:ae:d3:4c:33:8c:f8:ab:
f1:18:3a:66:df:c6:db:b3:7e:33:ad:c7:58:51:94:
47:d4:a0:94:32:7b:67:fd:d5:c7:eb:ce:a8:5e:ae:
b7:95:7e:a9:a5:1f:90:ce:b4:53:0a:d5:a9:6e:ce:
40:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:28:18:7A:A9:A6:58:5D:BC:0E:BE:45:BA:F0:62:35:93:CC:07:69
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313532313739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.128.0/20
Signature Algorithm: sha256WithRSAEncryption
37:40:e1:2b:bb:d0:7a:a7:94:e5:35:0c:38:75:1f:02:e5:6c:
5c:00:c7:a7:9f:26:fd:b3:15:f9:63:1e:34:97:f9:f0:fe:3f:
40:e1:fb:1b:1c:90:82:15:c2:c1:30:f0:f2:27:8b:4d:0a:9f:
9b:8c:9e:f0:43:67:6c:e8:aa:dc:15:d6:6f:c5:e8:35:bf:21:
ac:5e:df:c4:28:b9:39:8a:41:68:77:88:8b:69:e8:f9:94:d2:
eb:69:37:ba:70:f1:32:86:70:2e:ed:32:2b:fb:48:29:60:be:
53:23:0a:6d:79:bd:34:93:38:bc:fd:ae:2b:a8:65:0a:df:fa:
5f:85:5c:59:96:3c:1b:de:34:77:bf:29:d0:cb:e0:eb:63:64:
b0:fe:f7:99:7f:7c:5d:89:a3:2a:46:b6:64:83:f2:c5:21:92:
82:15:4a:77:d4:0c:cf:d2:6c:e9:dc:ef:e9:e1:5e:f1:c9:34:
0a:7e:51:d4:56:0a:25:d4:fb:ba:aa:1c:b3:aa:b1:40:ad:ea:
8a:06:8a:8a:f1:45:8c:83:0f:91:36:61:f9:21:e8:4e:fd:bc:
74:1f:69:35:21:cb:96:94:ad:6e:28:d1:ff:9f:fa:d0:a0:8a:
33:ba:c5:de:91:30:b8:d2:3e:8d:bd:ee:59:ce:24:55:5f:98:
b6:66:90:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJw46ee2Ku0WZTB6WDiTEuOmGBCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDA3MTYxMzU2MTVaFw0yNTA3MTUxNDAxMTVaMDMxMTAvBgNV
BAMTKEIzMjgxODdBQTlBNjU4NURCQzBFQkU0NUJBRjA2MjM1OTNDQzA3NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0rqbpMkOITYbCA5skdf4fdgCf
xw5GtmSGJKRdJV2GwD59WS1OJms8zUjMfIRi5HQLPpkzN51PA9h3AAETHNjRhc3Z
yAsD93oFsMwCNGoYRgWbb1h25PR7+nHyWX8dkJner/ZwWfePBmZpkByW9/h8bSCe
8BYwEzqB4OPDcAKMz3rxTtQCjEi2bFbQLLxb2uR/flBfDEU/49OngrJowQYw1PNH
Lm1UKpsZj6ipMoc+rzj7fXq9lsyAEyyEb73ZyUUDr3bxhyWH1GUNrtNMM4z4q/EY
OmbfxtuzfjOtx1hRlEfUoJQye2f91cfrzqherreVfqmlH5DOtFMK1aluzkAvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsygYeqmmWF28Dr5FuvBiNZPMB2kwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzYzMjJlMzEzMTMyMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTM1MzIzMTM3Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQ+cIAwDQYJKoZIhvcNAQELBQADggEBADdA4Su70HqnlOU1DDh1HwLlbFwAx6ef
Jv2zFfljHjSX+fD+P0Dh+xsckIIVwsEw8PIni00Kn5uMnvBDZ2zoqtwV1m/F6DW/
Iaxe38QouTmKQWh3iItp6PmU0utpN7pw8TKGcC7tMiv7SClgvlMjCm15vTSTOLz9
riuoZQrf+l+FXFmWPBveNHe/KdDL4OtjZLD+95l/fF2JoypGtmSD8sUhkoIVSnfU
DM/SbOnc7+nhXvHJNAp+UdRWCiXU+7qqHLOqsUCt6ooGiorxRYyDD5E2Yfkh6E79
vHQfaTUhy5aUrW4o0f+f+tCgijO6xd6RMLjSPo297lnOJFVfmLZmkHY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:02:29 2025 by rpki-client