Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
File: 36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa (raw, json)
Hash identifier: LBMUHWugPGnJtw9mI4PuIshgxiedjcAOS8XKlWg3eYE=
Subject key identifier: 10:69:CE:47:E7:C3:E3:8D:94:A7:74:65:53:B5:6C:5E:EE:B1:54:4E
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 7B1663033120A249840066D2271A9C438DB286A0
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
Signing time: Tue 16 Jul 2024 14:01:15 +0000
ROA not before: Tue 16 Jul 2024 13:56:15 +0000
ROA not after: Tue 15 Jul 2025 14:01:15 +0000
asID: 210542
IP address blocks: 62.112.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:16:63:03:31:20:a2:49:84:00:66:d2:27:1a:9c:43:8d:b2:86:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Jul 16 13:56:15 2024 GMT
Not After : Jul 15 14:01:15 2025 GMT
Subject: CN=1069CE47E7C3E38D94A7746553B56C5EEEB1544E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:da:d1:c6:3d:6d:a5:cc:c6:d8:bd:8d:5c:8d:
a6:f1:ff:6f:31:38:a9:a7:3a:31:0d:f6:91:11:d6:
c4:ba:dc:c8:d0:78:30:3a:f3:de:e5:a7:20:4f:08:
90:8d:fa:71:31:1d:65:85:31:5d:b9:61:76:7c:7b:
b0:bf:58:2a:25:06:8c:73:fd:93:89:14:67:7a:e8:
3b:29:47:15:60:e1:95:7e:7b:37:53:1e:e4:a2:6c:
fa:ae:3b:83:65:7a:a0:b6:06:6f:2d:ec:65:5a:43:
2c:5a:04:72:2e:0c:a5:12:5b:b5:43:f0:f5:06:af:
16:f4:1f:59:c0:52:d3:e9:ad:89:22:0e:78:ca:30:
08:ca:93:9a:b6:e0:c3:6e:59:26:fd:30:f0:e2:93:
cc:35:b1:67:e4:15:22:71:0c:62:bb:a7:dd:0d:6a:
26:fb:ca:54:a6:d1:12:1f:e1:09:1a:4c:e1:0d:1c:
5e:50:41:11:2e:4d:d5:c5:1c:6d:23:04:e5:87:1c:
1c:83:ae:1d:5a:71:23:21:9a:cd:93:2d:e2:a3:45:
73:26:c3:3d:13:3c:4a:5f:0b:bc:44:44:72:a1:20:
81:db:42:67:40:a3:42:0c:78:68:2d:ca:2f:98:a6:
e8:1c:ad:70:39:2d:1b:44:d5:7a:c6:32:74:b6:f0:
01:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:69:CE:47:E7:C3:E3:8D:94:A7:74:65:53:B5:6C:5E:EE:B1:54:4E
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.128.0/20
Signature Algorithm: sha256WithRSAEncryption
62:3f:51:72:0f:4a:bd:53:10:c6:06:2f:6e:65:40:48:d3:af:
a3:e1:91:e5:70:2d:c5:f8:b3:ca:dc:35:69:81:57:02:3e:ab:
84:db:15:ff:2a:22:47:27:e7:15:32:cb:69:93:4d:39:09:73:
83:24:10:cd:79:0a:e2:d8:9f:e5:57:71:90:f9:e5:5a:1a:4a:
82:40:d8:69:76:47:32:da:cc:14:24:8c:c1:01:44:a2:76:fd:
0d:b4:0c:aa:7e:34:c6:2c:e6:b6:3b:9c:cd:ea:2f:5c:10:65:
af:b0:fa:00:0b:1e:b8:d5:71:19:3b:0f:21:bd:72:df:b0:10:
33:1e:d1:6e:09:e6:e6:82:52:84:10:fa:76:93:21:de:ee:4b:
21:fa:d9:22:9d:e8:4e:7a:a1:7f:7d:4f:51:95:a6:a3:18:85:
eb:92:9a:50:62:9e:37:06:c0:01:42:80:d6:a6:a1:1c:18:f6:
71:40:28:77:ba:8f:52:2e:82:e1:db:7b:35:53:17:56:ce:12:
0e:89:44:25:df:00:b9:52:7c:fa:c4:a1:bf:ec:9c:cc:f5:d9:
5e:ac:8b:73:8e:2b:cb:07:7e:e3:d6:f3:bd:53:7f:9b:cf:a8:
c9:ab:b1:48:de:8f:18:1d:db:7e:ef:77:75:ca:4b:82:8b:61:
48:a5:6b:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUexZjAzEgokmEAGbSJxqcQ42yhqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDA3MTYxMzU2MTVaFw0yNTA3MTUxNDAxMTVaMDMxMTAvBgNV
BAMTKDEwNjlDRTQ3RTdDM0UzOEQ5NEE3NzQ2NTUzQjU2QzVFRUVCMTU0NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu2tHGPW2lzMbYvY1cjabx/28x
OKmnOjEN9pER1sS63MjQeDA6897lpyBPCJCN+nExHWWFMV25YXZ8e7C/WColBoxz
/ZOJFGd66DspRxVg4ZV+ezdTHuSibPquO4NleqC2Bm8t7GVaQyxaBHIuDKUSW7VD
8PUGrxb0H1nAUtPprYkiDnjKMAjKk5q24MNuWSb9MPDik8w1sWfkFSJxDGK7p90N
aib7ylSm0RIf4QkaTOENHF5QQREuTdXFHG0jBOWHHByDrh1acSMhms2TLeKjRXMm
wz0TPEpfC7xERHKhIIHbQmdAo0IMeGgtyi+YpugcrXA5LRtE1XrGMnS28AFbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEGnOR+fD442Up3RlU7VsXu6xVE4wHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzYzMjJlMzEzMTMyMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjMxMzAzNTM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQ+cIAwDQYJKoZIhvcNAQELBQADggEBAGI/UXIPSr1TEMYGL25lQEjTr6PhkeVw
LcX4s8rcNWmBVwI+q4TbFf8qIkcn5xUyy2mTTTkJc4MkEM15CuLYn+VXcZD55Voa
SoJA2Gl2RzLazBQkjMEBRKJ2/Q20DKp+NMYs5rY7nM3qL1wQZa+w+gALHrjVcRk7
DyG9ct+wEDMe0W4J5uaCUoQQ+naTId7uSyH62SKd6E56oX99T1GVpqMYheuSmlBi
njcGwAFCgNamoRwY9nFAKHe6j1IuguHbezVTF1bOEg6JRCXfALlSfPrEob/snMz1
2V6si3OOK8sHfuPW871Tf5vPqMmrsUjejxgd237vd3XKS4KLYUila+s=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org