Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3136342e3230382e302f32302d3332203d3e203531313637.roa
File: 36322e3136342e3230382e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: x3EIrUIUiLkyV4sBjISXKlFWNymz16EWwhxj/ySqpeA=
Subject key identifier: B7:16:58:B8:73:E2:AA:5D:6F:C6:4D:80:23:BB:5C:FD:C4:BD:BC:B5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7CBED86C5F9733E48C05819310FFAC0FD9FEE26D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3136342e3230382e302f32302d3332203d3e203531313637.roa
Signing time: Wed 09 Oct 2024 11:48:00 +0000
ROA not before: Wed 09 Oct 2024 11:43:00 +0000
ROA not after: Wed 08 Oct 2025 11:48:00 +0000
asID: 51167
IP address blocks: 62.164.208.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:be:d8:6c:5f:97:33:e4:8c:05:81:93:10:ff:ac:0f:d9:fe:e2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 11:43:00 2024 GMT
Not After : Oct 8 11:48:00 2025 GMT
Subject: CN=B71658B873E2AA5D6FC64D8023BB5CFDC4BDBCB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0a:e2:16:c4:07:58:7c:5b:25:b6:5b:5c:d4:
90:f1:96:4e:13:43:0e:7f:0e:e7:47:0e:09:1a:33:
87:07:16:50:c8:43:1e:56:44:2d:a5:9e:a4:ec:46:
b7:2e:72:b5:9a:bd:4a:07:fc:15:fd:93:7e:c9:7a:
b8:41:90:20:b8:5a:f9:24:fb:31:0f:53:dc:0b:89:
b6:16:61:b4:64:cf:a8:b2:22:61:f0:a0:d5:da:a5:
12:91:0a:84:e6:aa:07:0e:f0:39:51:03:8f:9d:0b:
c8:b0:28:ca:df:3f:77:83:f4:91:c0:cb:bc:21:62:
f0:c5:92:ee:30:d3:25:ee:e8:df:57:8e:4a:0f:47:
6f:58:a8:a6:66:4e:35:71:c8:d5:e2:62:fa:d2:2a:
53:38:a8:70:50:48:80:d3:e4:d6:88:f8:17:96:67:
05:0b:25:12:cb:e3:6a:ed:55:e8:85:b3:a6:cb:7d:
31:67:47:b3:19:4e:50:66:d1:0b:79:a3:0c:c0:c7:
d6:9d:ef:ce:da:0c:95:74:d5:3f:9b:c1:d8:a5:36:
9e:10:0d:d0:09:9c:5b:c1:85:e0:fe:f1:c3:09:ad:
e4:be:55:9e:f6:a7:31:13:16:03:01:98:bc:1d:8a:
65:1e:af:ad:bf:09:6d:ea:91:f3:43:80:79:e9:76:
37:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:16:58:B8:73:E2:AA:5D:6F:C6:4D:80:23:BB:5C:FD:C4:BD:BC:B5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3136342e3230382e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.208.0/20
Signature Algorithm: sha256WithRSAEncryption
07:bd:4e:3a:4c:40:d4:31:f1:74:bd:a0:22:d5:c8:38:96:ef:
30:5a:60:a9:ca:9c:f6:a3:f1:ef:34:d2:fc:7f:72:ea:46:22:
3b:a3:83:34:8f:64:ce:d7:6a:4d:6f:e1:df:09:d1:5d:98:0d:
16:19:34:62:fe:da:0b:96:dc:e8:4f:04:1b:66:33:77:6f:85:
10:c9:ce:d6:6f:2f:35:06:5a:30:91:47:6d:a8:ce:d8:6c:f6:
9b:de:c2:ef:6c:1a:5c:1a:6e:32:79:46:7e:48:c2:93:e7:09:
10:2f:5f:52:a8:1c:37:41:ad:6c:2d:4c:a9:e5:bc:18:fd:af:
2e:09:5a:ce:de:11:42:bc:eb:e5:54:25:b1:60:30:f0:94:cc:
2d:92:a5:bd:e3:5b:09:f3:d2:7d:9a:a7:4c:ba:e2:69:2f:70:
71:88:71:8d:d6:5c:18:0d:92:76:14:d2:18:39:9c:0b:df:f1:
2f:24:19:63:a3:8b:1f:1c:c7:62:df:51:04:78:23:97:da:d3:
55:0f:7a:58:84:a1:c1:49:a5:92:2a:08:4f:4c:4c:20:d4:64:
1d:ed:50:46:9b:45:68:c3:80:dc:8f:e0:9c:04:5b:7a:da:8b:
a1:f4:81:b6:e5:da:10:e7:39:2c:f0:01:09:8d:85:2b:b9:a3:
6a:28:0c:a0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfL7YbF+XM+SMBYGTEP+sD9n+4m0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMDkxMTQzMDBaFw0yNTEwMDgxMTQ4MDBaMDMxMTAvBgNV
BAMTKEI3MTY1OEI4NzNFMkFBNUQ2RkM2NEQ4MDIzQkI1Q0ZEQzRCREJDQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgCuIWxAdYfFsltltc1JDxlk4T
Qw5/DudHDgkaM4cHFlDIQx5WRC2lnqTsRrcucrWavUoH/BX9k37JerhBkCC4Wvkk
+zEPU9wLibYWYbRkz6iyImHwoNXapRKRCoTmqgcO8DlRA4+dC8iwKMrfP3eD9JHA
y7whYvDFku4w0yXu6N9XjkoPR29YqKZmTjVxyNXiYvrSKlM4qHBQSIDT5NaI+BeW
ZwULJRLL42rtVeiFs6bLfTFnR7MZTlBm0Qt5owzAx9ad787aDJV01T+bwdilNp4Q
DdAJnFvBheD+8cMJreS+VZ72pzETFgMBmLwdimUer62/CW3qkfNDgHnpdjd/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtxZYuHPiql1vxk2AI7tc/cS9vLUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzEzNjM0MmUzMjMw
MzgyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
PqTQMA0GCSqGSIb3DQEBCwUAA4IBAQAHvU46TEDUMfF0vaAi1cg4lu8wWmCpypz2
o/HvNNL8f3LqRiI7o4M0j2TO12pNb+HfCdFdmA0WGTRi/toLltzoTwQbZjN3b4UQ
yc7Wby81BlowkUdtqM7YbPab3sLvbBpcGm4yeUZ+SMKT5wkQL19SqBw3Qa1sLUyp
5bwY/a8uCVrO3hFCvOvlVCWxYDDwlMwtkqW941sJ89J9mqdMuuJpL3BxiHGN1lwY
DZJ2FNIYOZwL3/EvJBljo4sfHMdi31EEeCOX2tNVD3pYhKHBSaWSKghPTEwg1GQd
7VBGm0Vow4Dcj+CcBFt62ouh9IG25doQ5zks8AEJjYUruaNqKAyg
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:58 2024 by rpki-client on console-fra.rpki-client.org