Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e332e392e302f32342d3234203d3e20323031333431.roa
File: 36322e332e392e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: o/iOPlsnz1tXohF+thN1BVTrzUg6L9rgHGgR9KFR1cI=
Subject key identifier: 7D:D7:C0:94:AA:C7:20:A5:DC:8B:89:F8:D7:96:5E:1E:66:52:99:E0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1C184AC82AD66E4132C20696CC041B3324B85A73
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e332e392e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 01 Aug 2024 12:04:30 +0000
ROA not before: Thu 01 Aug 2024 11:59:30 +0000
ROA not after: Thu 31 Jul 2025 12:04:30 +0000
asID: 201341
IP address blocks: 62.3.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:18:4a:c8:2a:d6:6e:41:32:c2:06:96:cc:04:1b:33:24:b8:5a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 1 11:59:30 2024 GMT
Not After : Jul 31 12:04:30 2025 GMT
Subject: CN=7DD7C094AAC720A5DC8B89F8D7965E1E665299E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:59:8d:76:f7:ee:cb:ab:c3:39:d0:88:6e:a1:
6b:aa:35:4f:56:d4:a7:6c:e1:0d:f2:85:ff:ae:a4:
8b:be:77:1f:b1:dc:0c:c9:4b:e2:4c:bc:b9:ab:c3:
43:52:63:26:ba:07:1b:5b:f4:2b:cc:be:b2:e3:d4:
0f:b0:8d:e3:bb:49:65:94:2a:d8:f2:5f:0f:85:06:
be:4c:a4:25:49:92:64:41:5e:d4:45:a5:d1:78:65:
5e:5f:c0:ba:2a:58:dc:56:37:76:98:e2:a2:3f:55:
9b:7d:52:ac:5b:50:9a:a2:d9:c2:a1:0b:e5:d4:6c:
5e:62:cf:18:13:c3:84:24:25:fd:e8:29:b6:44:78:
c5:96:60:ad:90:03:74:f6:ac:0a:93:51:38:ab:b6:
6f:bf:de:bb:3d:c3:89:46:f7:84:54:42:a5:55:c9:
d9:03:e3:94:81:1f:69:9a:c3:fc:57:21:3b:29:38:
d2:0b:9d:7c:40:fb:2b:79:64:0c:e0:b6:67:45:7a:
50:3d:f9:a1:64:55:73:c3:3d:48:be:e2:56:36:48:
81:12:92:f4:f7:a8:99:47:93:32:ba:f2:7e:8a:95:
34:6d:81:28:8c:10:a2:45:68:2b:d4:f1:c9:81:44:
32:a0:74:4b:5d:03:ef:41:b0:67:1b:03:b1:12:96:
ae:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D7:C0:94:AA:C7:20:A5:DC:8B:89:F8:D7:96:5E:1E:66:52:99:E0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e332e392e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:97:a5:5b:84:c3:4b:cf:a1:1d:a3:63:dc:0c:73:0c:5f:bb:
0b:de:dc:70:ba:92:7b:74:0a:80:88:91:19:78:ee:fc:49:b9:
a7:3a:08:9f:e0:d9:d8:ba:16:85:09:0e:51:05:02:91:8f:0e:
0b:ef:aa:7b:89:50:f1:78:99:e1:cc:b2:63:9c:e2:86:90:c6:
80:6f:6b:e4:84:37:0d:6a:a7:13:71:77:39:49:2d:d6:04:74:
a8:4d:98:3d:47:5e:e7:25:34:fe:d4:a8:cb:cc:36:51:e4:ba:
f7:8f:0a:2e:3a:5b:1d:98:4d:8f:4a:55:89:e3:f2:e2:a1:83:
2e:38:81:c7:34:f7:c6:15:5c:89:46:cc:71:be:40:b7:b3:ef:
f9:c5:ca:b2:40:6a:0b:f3:1b:95:1f:82:de:3b:07:46:5b:f8:
fc:9a:f4:e4:96:9f:92:23:df:7d:e7:8a:3a:60:c0:12:e6:dd:
4d:ec:b4:2f:3c:4e:0a:91:44:31:9d:f1:64:63:df:f3:0a:31:
ce:1b:6a:1d:3a:22:0f:c6:78:4f:2a:45:28:6a:d3:fa:5a:df:
df:77:1d:0b:25:e4:15:16:39:e4:b2:26:d7:05:10:15:ad:3e:
f7:0e:55:0a:01:a8:db:16:e5:61:83:64:a4:7c:73:3b:25:6e:
6c:da:5d:e1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUHBhKyCrWbkEywgaWzAQbMyS4WnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MDExMTU5MzBaFw0yNTA3MzExMjA0MzBaMDMxMTAvBgNV
BAMTKDdERDdDMDk0QUFDNzIwQTVEQzhCODlGOEQ3OTY1RTFFNjY1Mjk5RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwWY129+7Lq8M50IhuoWuqNU9W
1Kds4Q3yhf+upIu+dx+x3AzJS+JMvLmrw0NSYya6Bxtb9CvMvrLj1A+wjeO7SWWU
KtjyXw+FBr5MpCVJkmRBXtRFpdF4ZV5fwLoqWNxWN3aY4qI/VZt9UqxbUJqi2cKh
C+XUbF5izxgTw4QkJf3oKbZEeMWWYK2QA3T2rAqTUTirtm+/3rs9w4lG94RUQqVV
ydkD45SBH2maw/xXITspONILnXxA+yt5ZAzgtmdFelA9+aFkVXPDPUi+4lY2SIES
kvT3qJlHkzK68n6KlTRtgSiMEKJFaCvU8cmBRDKgdEtdA+9BsGcbA7ESlq4dAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUfdfAlKrHIKXci4n415ZeHmZSmeAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzMyZTM5MmUzMDJm
MzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMJMA0G
CSqGSIb3DQEBCwUAA4IBAQBLl6VbhMNLz6Edo2PcDHMMX7sL3txwupJ7dAqAiJEZ
eO78SbmnOgif4NnYuhaFCQ5RBQKRjw4L76p7iVDxeJnhzLJjnOKGkMaAb2vkhDcN
aqcTcXc5SS3WBHSoTZg9R17nJTT+1KjLzDZR5Lr3jwouOlsdmE2PSlWJ4/LioYMu
OIHHNPfGFVyJRsxxvkC3s+/5xcqyQGoL8xuVH4LeOwdGW/j8mvTklp+SI99954o6
YMAS5t1N7LQvPE4KkUQxnfFkY9/zCjHOG2odOiIPxnhPKkUoatP6Wt/fdx0LJeQV
FjnksibXBRAVrT73DlUKAajbFuVhg2SkfHM7JW5s2l3h
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:16 2024 by rpki-client on console-fra.rpki-client.org