Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e332e31382e302f32342d3234203d3e20323136323931.roa
File: 36322e332e31382e302f32342d3234203d3e20323136323931.roa (raw, json)
Hash identifier: QsHqhMAAOg+yN2UuD09cpqBIOAloLRGtRUoj918Rt9U=
Subject key identifier: 3E:76:2A:84:D6:AE:7A:2D:38:7E:A8:66:AA:F4:C0:0C:72:96:8D:35
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 4AA0ACD574D9B21B06D9002B1FA1D03CB8002A03
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e332e31382e302f32342d3234203d3e20323136323931.roa
Signing time: Wed 06 Dec 2023 07:32:28 +0000
ROA not before: Wed 06 Dec 2023 07:27:28 +0000
ROA not after: Wed 04 Dec 2024 07:32:28 +0000
asID: 216291
IP address blocks: 62.3.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:a0:ac:d5:74:d9:b2:1b:06:d9:00:2b:1f:a1:d0:3c:b8:00:2a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Dec 6 07:27:28 2023 GMT
Not After : Dec 4 07:32:28 2024 GMT
Subject: CN=3E762A84D6AE7A2D387EA866AAF4C00C72968D35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:50:d8:03:6b:47:97:8f:d6:aa:18:09:25:
04:40:78:fd:78:9f:83:5a:f5:ad:80:c3:0e:8c:e7:
ad:3a:5f:72:04:a2:42:7e:08:d6:01:97:ac:a7:d7:
89:d6:b7:97:28:88:d0:91:2b:41:ce:96:8f:7b:1b:
48:98:04:49:ab:97:ca:15:5c:04:8b:94:bb:66:7c:
f9:60:12:40:43:bd:d0:b1:24:ae:28:55:48:bc:31:
2c:d7:59:07:b2:c4:fe:47:c0:79:3d:2a:9d:9e:79:
ee:d7:a7:b5:9b:99:22:0e:44:ae:1a:d1:62:5b:d7:
a0:e3:ea:2d:56:f7:1c:4a:6f:c1:49:70:15:7e:e7:
fe:12:d3:59:82:91:11:d1:6b:98:67:86:90:31:f5:
7e:b2:3c:61:f6:a4:d9:8e:ba:87:ac:78:0e:8f:8f:
48:53:24:6e:9f:2e:e7:97:fe:f8:04:af:4f:4f:9e:
75:45:cf:1f:fc:72:ad:f6:0e:c5:e5:b7:d4:f0:c3:
21:c3:9a:cf:30:89:ae:d0:28:0f:36:8b:4c:bf:38:
3f:7f:60:c2:3e:e4:59:d7:2c:67:43:55:ed:b7:eb:
b2:d9:1a:8b:f6:40:e1:1d:07:5d:9e:7a:0f:c5:6e:
39:ed:00:48:db:98:a0:40:15:c5:c0:50:c4:3b:32:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:76:2A:84:D6:AE:7A:2D:38:7E:A8:66:AA:F4:C0:0C:72:96:8D:35
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e332e31382e302f32342d3234203d3e20323136323931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.18.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:d7:24:f1:3b:d3:02:7c:88:ac:25:55:fa:10:f2:6c:62:12:
b1:0e:b8:83:03:06:31:5f:79:06:16:27:2c:de:2c:7a:c8:a7:
da:54:47:14:4d:e3:b4:48:af:fd:de:26:50:cb:da:ac:d6:40:
ee:fb:7c:47:9a:82:58:c2:64:ad:7c:84:d2:b0:30:5a:e1:7d:
82:38:f3:87:33:62:e8:6f:61:6b:d5:af:de:87:61:93:9a:c1:
29:ac:65:a4:c6:fd:30:b1:c6:4b:86:a5:7c:93:ea:5f:07:ab:
d1:19:8f:8a:e8:70:09:15:bf:f3:a3:75:b8:e6:e1:63:25:85:
17:05:63:6c:60:8a:0b:06:f7:a1:f4:0a:42:a9:ac:0a:ad:89:
ef:17:31:7c:6d:09:b2:a9:a0:d5:ec:fd:a0:d0:4b:75:ce:38:
f7:c0:0f:e4:c2:59:96:76:17:69:77:2e:26:a5:73:e6:2a:f1:
62:ed:0b:1e:de:9b:bb:6a:b0:4c:27:60:21:39:0a:41:a4:d5:
36:fc:cf:7c:a2:01:b2:b7:8d:22:27:eb:bc:b4:7d:3c:ac:91:
31:2b:45:79:21:f4:af:34:6f:3c:af:52:6f:29:d2:e1:a6:89:
60:ab:02:47:d5:a4:66:9f:d1:0f:e7:f9:ca:91:68:65:ae:9d:
96:58:b1:cf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSqCs1XTZshsG2QArH6HQPLgAKgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzEyMDYwNzI3MjhaFw0yNDEyMDQwNzMyMjhaMDMxMTAvBgNV
BAMTKDNFNzYyQTg0RDZBRTdBMkQzODdFQTg2NkFBRjRDMDBDNzI5NjhEMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB0lDYA2tHl4/WqhgJJQRAeP14
n4Na9a2Aww6M5606X3IEokJ+CNYBl6yn14nWt5coiNCRK0HOlo97G0iYBEmrl8oV
XASLlLtmfPlgEkBDvdCxJK4oVUi8MSzXWQeyxP5HwHk9Kp2eee7Xp7WbmSIORK4a
0WJb16Dj6i1W9xxKb8FJcBV+5/4S01mCkRHRa5hnhpAx9X6yPGH2pNmOuoeseA6P
j0hTJG6fLueX/vgEr09PnnVFzx/8cq32DsXlt9TwwyHDms8wia7QKA82i0y/OD9/
YMI+5FnXLGdDVe2367LZGov2QOEdB12eeg/FbjntAEjbmKBAFcXAUMQ7MmeHAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUPnYqhNauei04fqhmqvTADHKWjTUwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzYzMjJlMzMyZTMxMzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMjM5MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA+AxIw
DQYJKoZIhvcNAQELBQADggEBALTXJPE70wJ8iKwlVfoQ8mxiErEOuIMDBjFfeQYW
JyzeLHrIp9pURxRN47RIr/3eJlDL2qzWQO77fEeagljCZK18hNKwMFrhfYI484cz
YuhvYWvVr96HYZOawSmsZaTG/TCxxkuGpXyT6l8Hq9EZj4rocAkVv/Ojdbjm4WMl
hRcFY2xgigsG96H0CkKprAqtie8XMXxtCbKpoNXs/aDQS3XOOPfAD+TCWZZ2F2l3
Lialc+Yq8WLtCx7em7tqsEwnYCE5CkGk1Tb8z3yiAbK3jSIn67y0fTyskTErRXkh
9K80bzyvUm8p0uGmiWCrAkfVpGaf0Q/n+cqRaGWunZZYsc8=
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:19:45 2024 by rpki-client on console-fra.rpki-client.org