Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
File: 36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa (raw, json)
Hash identifier: yHuc6hkl8kJZ1Q4Kq8/vGQ+ttjQnfZvI1todeXtkvr8=
Subject key identifier: 26:86:BF:33:51:39:61:F8:B1:BC:69:CF:4D:AD:D6:F1:47:6B:FF:B9
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 548182A6078B493F96E69DFE84AD065DD88A08A3
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
Signing time: Tue 28 Nov 2023 11:21:00 +0000
ROA not before: Tue 28 Nov 2023 11:16:00 +0000
ROA not after: Tue 26 Nov 2024 11:21:00 +0000
asID: 210542
IP address blocks: 62.112.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 17:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:81:82:a6:07:8b:49:3f:96:e6:9d:fe:84:ad:06:5d:d8:8a:08:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Nov 28 11:16:00 2023 GMT
Not After : Nov 26 11:21:00 2024 GMT
Subject: CN=2686BF33513961F8B1BC69CF4DADD6F1476BFFB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:86:56:2b:03:98:3d:5d:2b:ea:0a:5c:7d:5b:
16:89:cd:f5:15:6d:41:0e:d7:2b:94:14:e8:06:5e:
ba:8a:7e:27:f7:0e:ba:27:c9:8d:60:1a:58:91:2a:
5b:79:60:1e:51:46:82:e8:7c:78:78:3e:20:ef:f1:
ec:27:86:89:dc:aa:e2:23:f5:f6:48:06:5c:9a:c9:
12:5b:d6:32:1f:7b:36:e3:2b:c8:b7:1f:09:b1:d4:
4e:92:3f:be:78:fc:07:dc:0d:b2:45:b9:b3:a2:3c:
d3:00:7f:e1:7f:f1:4d:df:14:cd:bd:e9:a9:9b:ae:
f1:f9:82:2b:69:81:3f:cf:1d:d3:6f:e3:4e:cc:3c:
84:73:42:74:80:ea:13:34:e3:73:f6:66:b0:09:16:
52:91:63:c7:ab:8e:c3:7a:24:88:eb:d2:6b:21:11:
13:f1:05:53:f7:ae:2e:7d:cc:f9:a5:12:d7:b7:6e:
c9:98:0f:c0:b5:c9:bc:52:18:f1:a5:55:a8:99:b4:
a7:0d:75:bc:b9:9d:5c:fd:cd:d4:40:ea:44:3f:3e:
e3:3e:44:f7:a8:31:42:49:60:d7:bb:3b:cf:b0:9d:
8e:11:9e:9a:a3:54:b0:dc:68:61:44:e4:b3:e0:34:
e8:f0:bd:62:d4:03:6e:23:76:fd:62:2a:3a:55:93:
1b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:86:BF:33:51:39:61:F8:B1:BC:69:CF:4D:AD:D6:F1:47:6B:FF:B9
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.128.0/20
Signature Algorithm: sha256WithRSAEncryption
66:3e:c4:56:fc:74:23:50:a2:55:b8:34:bd:a0:24:1f:f5:34:
2a:e0:ed:a1:62:a9:3d:7a:89:a5:05:b7:45:30:68:bd:02:44:
6e:1f:6e:04:2e:b9:7a:ec:53:d8:02:a2:b0:5b:75:4e:a1:1d:
89:8d:30:a8:6d:34:50:3f:55:b6:ee:74:de:64:9b:98:0a:f9:
80:71:15:ae:9a:76:cd:80:1d:a6:96:1b:9a:12:24:e2:6b:b4:
0a:de:f6:d4:7a:44:1b:4b:47:91:b7:63:fd:c5:bc:9f:95:01:
67:c2:8e:9f:22:fb:b3:f2:02:e8:38:bb:f3:17:e2:ab:07:a5:
c2:25:47:e3:0f:d9:2b:dd:80:68:91:66:40:94:ce:4a:b3:d5:
a3:61:86:27:f1:e8:e7:e7:f6:b6:6f:bf:69:49:21:8a:cf:61:
5c:d1:50:39:c6:86:cd:c0:66:90:3f:e9:28:2a:65:a7:93:cd:
c2:23:b5:91:ca:9d:ab:58:07:a0:c0:eb:21:df:22:eb:e8:a8:
b8:eb:f8:97:19:d4:2d:50:ff:7a:75:51:2e:77:ec:ce:70:80:
60:12:7c:47:5b:fb:c3:cb:cc:ec:11:39:76:07:fe:2c:95:28:
a8:6c:3e:40:16:00:a9:25:ce:35:85:94:50:af:73:8f:9c:31:
d4:20:d9:e5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVIGCpgeLST+W5p3+hK0GXdiKCKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yMzExMjgxMTE2MDBaFw0yNDExMjYxMTIxMDBaMDMxMTAvBgNV
BAMTKDI2ODZCRjMzNTEzOTYxRjhCMUJDNjlDRjREQURENkYxNDc2QkZGQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0hlYrA5g9XSvqClx9WxaJzfUV
bUEO1yuUFOgGXrqKfif3DronyY1gGliRKlt5YB5RRoLofHh4PiDv8ewnhoncquIj
9fZIBlyayRJb1jIfezbjK8i3Hwmx1E6SP754/AfcDbJFubOiPNMAf+F/8U3fFM29
6ambrvH5gitpgT/PHdNv407MPIRzQnSA6hM043P2ZrAJFlKRY8erjsN6JIjr0msh
ERPxBVP3ri59zPmlEte3bsmYD8C1ybxSGPGlVaiZtKcNdby5nVz9zdRA6kQ/PuM+
RPeoMUJJYNe7O8+wnY4RnpqjVLDcaGFE5LPgNOjwvWLUA24jdv1iKjpVkxtHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJoa/M1E5YfixvGnPTa3W8Udr/7kwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzYzMjJlMzEzMTMyMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjMxMzAzNTM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQ+cIAwDQYJKoZIhvcNAQELBQADggEBAGY+xFb8dCNQolW4NL2gJB/1NCrg7aFi
qT16iaUFt0UwaL0CRG4fbgQuuXrsU9gCorBbdU6hHYmNMKhtNFA/VbbudN5km5gK
+YBxFa6ads2AHaaWG5oSJOJrtAre9tR6RBtLR5G3Y/3FvJ+VAWfCjp8i+7PyAug4
u/MX4qsHpcIlR+MP2SvdgGiRZkCUzkqz1aNhhifx6Ofn9rZvv2lJIYrPYVzRUDnG
hs3AZpA/6SgqZaeTzcIjtZHKnatYB6DA6yHfIuvoqLjr+JcZ1C1Q/3p1US537M5w
gGASfEdb+8PLzOwROXYH/iyVKKhsPkAWAKklzjWFlFCvc4+cMdQg2eU=
-----END CERTIFICATE-----
Generated at Thu May 30 01:04:02 2024 by rpki-client on console-fra.rpki-client.org