Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
File: 36322e3130362e37322e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: CkUNwTg/dqcEA9sAzKqS8ZK/vHockVNmLXzYB1yO+H4=
Subject key identifier: C9:87:7D:7C:C5:96:B1:76:E3:6C:97:7B:2D:F1:35:B1:80:E2:FB:5E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5B8139A1F42F48BBDBDEFD18ED396F4B4334A912
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 21 Nov 2024 16:44:20 +0000
ROA not before: Thu 21 Nov 2024 16:39:20 +0000
ROA not after: Thu 20 Nov 2025 16:44:20 +0000
asID: 201341
IP address blocks: 62.106.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:81:39:a1:f4:2f:48:bb:db:de:fd:18:ed:39:6f:4b:43:34:a9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 16:39:20 2024 GMT
Not After : Nov 20 16:44:20 2025 GMT
Subject: CN=C9877D7CC596B176E36C977B2DF135B180E2FB5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:be:a2:51:20:66:eb:eb:25:c7:1d:72:0b:d0:
65:35:1d:19:31:dd:a4:17:7b:6c:c7:b2:45:34:34:
cb:e3:a3:d9:b8:9c:ea:c0:ae:57:50:df:89:d9:42:
88:e7:9d:76:12:58:75:98:8e:5f:a3:f9:5d:52:8f:
31:bc:6a:ee:08:5c:4f:08:8a:a5:67:cb:f4:c4:ec:
6e:ce:66:b5:bc:f1:ed:31:47:80:7b:72:20:8e:36:
01:0a:e0:4b:59:99:c1:14:62:dc:2a:e6:32:7f:47:
67:d0:6f:56:f8:02:de:0f:0a:0e:42:94:6a:ad:09:
03:5d:1e:cf:c9:dc:e6:ac:88:eb:26:4f:00:22:71:
39:d5:45:35:c1:22:39:e7:f8:06:44:20:35:7c:17:
60:28:81:5f:75:0d:6a:91:61:50:c6:68:ca:76:d9:
77:5b:12:73:56:b4:05:88:77:67:eb:6d:59:a2:45:
fb:20:0c:1c:4a:b7:a5:2c:3c:2e:e5:da:ac:a3:c9:
54:1c:de:96:9f:e3:3f:53:4f:65:23:cd:51:c9:04:
37:04:dd:ba:7b:9c:91:c4:30:8d:36:ba:5c:83:84:
a5:19:a1:2f:a8:24:34:69:f8:b4:5c:fc:9e:ed:9c:
ee:2c:c1:d4:70:17:73:ab:81:96:b8:68:77:3f:56:
d9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:87:7D:7C:C5:96:B1:76:E3:6C:97:7B:2D:F1:35:B1:80:E2:FB:5E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:14:f0:3f:9f:fd:e2:2f:d3:1a:c7:2a:13:96:ce:a2:c1:c7:
d1:37:44:9b:6b:da:fa:6c:3a:95:fe:a6:96:8f:37:0b:d0:9e:
0d:3f:61:a5:c5:d8:be:2e:d0:6b:eb:f5:8e:90:81:f9:b6:84:
ab:a7:e8:17:a6:06:0e:6c:9b:41:66:af:ba:4e:d6:a4:fc:f0:
d6:77:07:3c:e8:ef:cf:8b:d7:db:52:f0:9c:30:ae:bf:83:66:
9a:8f:85:c1:54:90:95:b2:7b:36:9c:e9:84:9e:7e:bb:2c:64:
84:f4:20:22:bf:d4:d5:5c:2d:77:7d:a3:b9:2d:8f:4c:82:aa:
54:fc:f2:9d:ba:a4:9f:6e:cb:24:79:db:df:5c:d0:0c:77:87:
9c:e0:77:66:20:cd:07:d9:ed:1e:2b:90:f5:e9:3d:1b:d3:9a:
f3:ee:1b:48:5f:86:1d:41:33:17:d6:fd:ce:e9:29:cd:49:87:
46:0f:3a:d1:59:75:03:a9:dc:30:dd:45:80:0b:cc:7e:4b:85:
7f:5e:2f:c5:d7:10:78:b9:ae:b5:8c:62:6e:c1:d1:68:98:4b:
31:d9:8e:44:03:23:13:a4:c2:59:ae:a0:0b:7c:c8:5f:4e:c0:
37:1b:c0:23:c2:f1:6a:29:a5:2f:ed:e0:22:4f:11:3d:05:96:
c8:b4:67:53
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUW4E5ofQvSLvb3v0Y7TlvS0M0qRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNjM5MjBaFw0yNTExMjAxNjQ0MjBaMDMxMTAvBgNV
BAMTKEM5ODc3RDdDQzU5NkIxNzZFMzZDOTc3QjJERjEzNUIxODBFMkZCNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAvqJRIGbr6yXHHXIL0GU1HRkx
3aQXe2zHskU0NMvjo9m4nOrArldQ34nZQojnnXYSWHWYjl+j+V1SjzG8au4IXE8I
iqVny/TE7G7OZrW88e0xR4B7ciCONgEK4EtZmcEUYtwq5jJ/R2fQb1b4At4PCg5C
lGqtCQNdHs/J3OasiOsmTwAicTnVRTXBIjnn+AZEIDV8F2AogV91DWqRYVDGaMp2
2XdbEnNWtAWId2frbVmiRfsgDBxKt6UsPC7l2qyjyVQc3paf4z9TT2UjzVHJBDcE
3bp7nJHEMI02ulyDhKUZoS+oJDRp+LRc/J7tnO4swdRwF3OrgZa4aHc/VtnjAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUyYd9fMWWsXbjbJd7LfE1sYDi+14wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNjMyMmUzMTMwMzYy
ZTM3MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA+akgwDQYJKoZIhvcNAQELBQADggEBAKYU8D+f/eIv0xrHKhOWzqLBx9E3
RJtr2vpsOpX+ppaPNwvQng0/YaXF2L4u0Gvr9Y6Qgfm2hKun6BemBg5sm0Fmr7pO
1qT88NZ3Bzzo78+L19tS8Jwwrr+DZpqPhcFUkJWyezac6YSefrssZIT0ICK/1NVc
LXd9o7ktj0yCqlT88p26pJ9uyyR5299c0Ax3h5zgd2YgzQfZ7R4rkPXpPRvTmvPu
G0hfhh1BMxfW/c7pKc1Jh0YPOtFZdQOp3DDdRYALzH5LhX9eL8XXEHi5rrWMYm7B
0WiYSzHZjkQDIxOkwlmuoAt8yF9OwDcbwCPC8WoppS/t4CJPET0Flsi0Z1M=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:21 2024 by rpki-client on console-ams.rpki-client.org