Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa
File: 36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa (raw, json)
Hash identifier: esCNwrdwcAF66HA9YOh4YMNBZEm26ofYH/4Yw8nhedc=
Subject key identifier: FC:97:FA:77:41:73:25:4A:F5:25:45:BA:E6:14:39:9F:E7:91:76:3D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 18781CEFAA129C45DF8D0F099A9272E94F4E9447
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:48 +0000
ROA not before: Mon 27 Jan 2025 09:39:48 +0000
ROA not after: Mon 26 Jan 2026 09:44:48 +0000
asID: 203061
IP address blocks: 62.192.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:78:1c:ef:aa:12:9c:45:df:8d:0f:09:9a:92:72:e9:4f:4e:94:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:48 2025 GMT
Not After : Jan 26 09:44:48 2026 GMT
Subject: CN=FC97FA774173254AF52545BAE614399FE791763D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:44:90:22:b1:8b:14:3a:1d:46:1e:2d:cb:
80:c8:cc:8f:05:09:58:4c:c1:24:a9:8c:7c:41:04:
d5:7b:c7:7a:dc:55:64:c6:c8:09:e7:40:cf:32:65:
3e:02:00:60:a6:01:4b:04:0f:36:71:b8:9e:88:98:
4b:40:97:dc:89:27:bf:df:d0:78:c5:14:5d:6d:6e:
84:5f:01:99:33:79:2e:13:76:cc:c3:b8:73:ae:33:
95:b6:f0:f9:13:14:28:80:aa:96:0f:6c:9f:76:f1:
30:20:89:5b:49:59:02:dd:31:99:03:c6:a0:37:db:
ef:3f:b9:a0:8a:e1:e7:3f:38:1b:50:b8:ac:a5:81:
9d:c9:4e:3f:a6:c0:96:c5:f3:2f:cc:72:9d:bc:81:
ae:cd:b5:96:51:3c:ca:98:90:75:cb:68:5d:e6:f6:
d3:33:c2:de:2f:0b:d2:35:f9:40:0e:fc:e6:76:d6:
bd:bf:5f:2c:4b:38:79:e8:b8:da:62:eb:1f:8b:3b:
56:7c:1e:b3:3b:c7:19:93:63:2f:eb:cd:70:86:9c:
a0:a9:49:58:79:56:9d:b7:f0:50:3a:fb:6b:7f:bb:
77:a0:b8:3b:98:88:25:b8:e5:22:b0:6b:40:72:fc:
4a:c9:12:13:21:5a:58:ad:1d:0a:05:06:97:73:8d:
ed:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:97:FA:77:41:73:25:4A:F5:25:45:BA:E6:14:39:9F:E7:91:76:3D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.176.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:4f:72:77:e1:39:5d:3e:af:13:ba:57:66:e1:98:3a:4b:68:
b8:93:69:30:46:23:95:2d:01:78:c8:cf:2e:e1:a9:38:89:3d:
95:45:4e:21:3a:d2:75:35:6f:b1:3e:3b:b1:74:10:17:d7:ae:
9c:98:09:9b:f5:1b:78:db:15:f0:3a:7e:1d:54:38:a1:61:7f:
3c:45:69:45:b9:e1:d3:5b:17:62:3c:71:d2:4b:1a:c7:81:4b:
56:b4:35:53:fe:aa:49:dd:65:aa:af:f9:8f:70:03:31:2c:0d:
09:df:e9:2b:50:48:5e:82:de:55:72:cc:9e:2d:24:fe:06:1e:
f2:fa:30:56:04:fe:b4:e9:5b:ac:7e:86:41:38:01:92:50:e7:
2d:de:ff:65:3e:cb:b5:9b:89:67:31:21:09:7e:db:76:05:c2:
db:03:28:23:94:91:98:11:3b:06:ac:a8:ec:c7:8d:24:e1:5c:
e0:78:65:11:f2:60:30:ba:20:c2:1b:cf:f7:ca:f0:20:cb:67:
09:b5:d1:11:f1:93:ed:85:52:79:01:03:dd:b1:31:00:b2:a4:
f2:56:10:d4:3a:7d:4d:0a:f7:db:e6:42:f5:2a:4c:09:56:d1:
1c:33:5b:0f:92:a9:d5:2e:f7:ec:c0:a1:73:a6:1c:df:a9:b9:
26:b4:63:ef
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGHgc76oSnEXfjQ8JmpJy6U9OlEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDhaFw0yNjAxMjYwOTQ0NDhaMDMxMTAvBgNV
BAMTKEZDOTdGQTc3NDE3MzI1NEFGNTI1NDVCQUU2MTQzOTlGRTc5MTc2M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9S0SQIrGLFDodRh4ty4DIzI8F
CVhMwSSpjHxBBNV7x3rcVWTGyAnnQM8yZT4CAGCmAUsEDzZxuJ6ImEtAl9yJJ7/f
0HjFFF1tboRfAZkzeS4TdszDuHOuM5W28PkTFCiAqpYPbJ928TAgiVtJWQLdMZkD
xqA32+8/uaCK4ec/OBtQuKylgZ3JTj+mwJbF8y/Mcp28ga7NtZZRPMqYkHXLaF3m
9tMzwt4vC9I1+UAO/OZ21r2/XyxLOHnouNpi6x+LO1Z8HrM7xxmTYy/rzXCGnKCp
SVh5Vp238FA6+2t/u3eguDuYiCW45SKwa0By/ErJEhMhWlitHQoFBpdzje1BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/Jf6d0FzJUr1JUW65hQ5n+eRdj0wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzYzMjJlMzEzOTMyMmUzMTM3
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAI+wLAwDQYJKoZIhvcNAQELBQADggEBAKVPcnfhOV0+rxO6V2bhmDpLaLiTaTBG
I5UtAXjIzy7hqTiJPZVFTiE60nU1b7E+O7F0EBfXrpyYCZv1G3jbFfA6fh1UOKFh
fzxFaUW54dNbF2I8cdJLGseBS1a0NVP+qkndZaqv+Y9wAzEsDQnf6StQSF6C3lVy
zJ4tJP4GHvL6MFYE/rTpW6x+hkE4AZJQ5y3e/2U+y7WbiWcxIQl+23YFwtsDKCOU
kZgROwasqOzHjSThXOB4ZRHyYDC6IMIbz/fK8CDLZwm10RHxk+2FUnkBA92xMQCy
pPJWENQ6fU0K99vmQvUqTAlW0RwzWw+SqdUu9+zAoXOmHN+puSa0Y+8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:31 2025 by rpki-client