Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa
File: 36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa (raw, json)
Hash identifier: Tp7LlP4Rbu7TUKWkLQ+15DAzWX8eZ9FEovPOBTHg+qQ=
Subject key identifier: 4D:33:D9:86:68:E5:7D:DF:7C:F4:C5:A2:04:D4:DE:21:B4:AC:61:20
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1AD48AAA7F0B3DC5881CA510A08CDCED527ABC3A
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:45 +0000
ROA not before: Mon 26 Feb 2024 08:47:45 +0000
ROA not after: Mon 24 Feb 2025 08:52:45 +0000
asID: 203061
IP address blocks: 62.192.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d4:8a:aa:7f:0b:3d:c5:88:1c:a5:10:a0:8c:dc:ed:52:7a:bc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:45 2024 GMT
Not After : Feb 24 08:52:45 2025 GMT
Subject: CN=4D33D98668E57DDF7CF4C5A204D4DE21B4AC6120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:20:d0:9e:4b:29:f2:7f:69:7f:6f:43:aa:23:
5f:2c:67:65:35:49:b2:60:37:d1:8d:62:05:b2:a6:
5b:cc:ae:92:3e:b0:9f:6d:0b:1a:af:fd:8a:80:7e:
df:6b:73:af:0d:74:ac:38:08:52:d6:1b:e1:1e:51:
d0:e0:5f:d5:01:d2:a0:f2:ab:41:09:30:29:ab:d2:
cb:a7:d1:b8:50:98:a3:1a:23:2e:af:68:e2:45:c4:
70:24:da:53:b5:dd:87:d8:bc:31:50:e4:14:6f:ad:
57:1b:85:21:a7:87:55:c8:36:2e:9c:88:96:52:cf:
d5:69:97:69:36:ec:a7:84:39:b5:11:7a:b5:19:45:
66:b5:d8:7b:50:ad:07:e1:f3:c3:38:c7:6c:2c:84:
e1:02:3d:01:c6:f3:ce:66:56:c4:ee:e7:df:b3:6c:
08:64:af:10:83:a5:52:38:d0:86:41:10:5c:92:0d:
22:a7:52:df:36:92:b3:53:72:08:56:a5:ff:38:32:
a0:0d:0a:14:ad:db:eb:a7:78:77:5d:32:d8:01:47:
d4:af:c0:7f:20:8a:05:c3:34:f0:e6:21:99:6e:31:
20:d4:ab:6f:39:ab:fd:d9:ff:d6:7e:e1:2f:9f:6d:
b6:fe:81:fa:45:5e:88:c3:be:43:f0:28:c1:c4:23:
ec:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:33:D9:86:68:E5:7D:DF:7C:F4:C5:A2:04:D4:DE:21:B4:AC:61:20
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/36322e3139322e3137362e302f32322d3232203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.176.0/22
Signature Algorithm: sha256WithRSAEncryption
81:8c:a5:0c:72:4f:f9:52:5d:a4:14:f2:6f:1b:c4:c7:ca:68:
bb:e7:e5:42:00:4c:0d:db:6d:71:4e:78:1e:32:77:ed:67:5c:
3c:32:34:73:eb:bf:40:17:f6:b2:9f:2c:a5:e6:15:b9:97:fc:
1e:50:7f:bc:3e:b0:ff:44:94:fc:bc:e0:dd:d8:9c:73:78:99:
2c:9e:59:c5:2a:ef:da:df:ec:8b:14:92:9e:d7:b7:a9:42:74:
ff:39:d5:80:0e:2a:3b:b8:eb:6d:ac:97:23:d9:7a:dc:14:8a:
15:2c:b8:a0:79:82:6e:98:e0:99:17:52:fd:75:4e:bb:37:8f:
3f:3c:97:df:59:78:0f:70:a6:92:4b:de:7b:bb:dc:6f:dc:20:
75:b8:95:7b:b4:36:6c:9e:88:cc:de:f7:5d:a4:7e:d5:0a:1c:
27:cb:88:55:5b:e6:d1:52:aa:d4:6a:31:b4:6f:01:da:ba:96:
c5:be:1e:16:46:04:4b:e4:93:65:99:ed:f9:83:4b:f2:e3:28:
63:24:19:b1:a3:e3:12:82:76:ff:a4:1e:dd:7c:a4:a6:e1:78:
73:6e:f5:a7:0b:33:ab:d9:76:d7:7c:67:ca:a8:4c:1a:e0:f9:
3e:b2:3e:4f:44:71:7f:8e:d4:c5:d3:59:d3:1a:45:14:14:dd:
ca:eb:0d:45
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGtSKqn8LPcWIHKUQoIzc7VJ6vDowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDVaFw0yNTAyMjQwODUyNDVaMDMxMTAvBgNV
BAMTKDREMzNEOTg2NjhFNTdEREY3Q0Y0QzVBMjA0RDRERTIxQjRBQzYxMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6INCeSynyf2l/b0OqI18sZ2U1
SbJgN9GNYgWyplvMrpI+sJ9tCxqv/YqAft9rc68NdKw4CFLWG+EeUdDgX9UB0qDy
q0EJMCmr0sun0bhQmKMaIy6vaOJFxHAk2lO13YfYvDFQ5BRvrVcbhSGnh1XINi6c
iJZSz9Vpl2k27KeEObURerUZRWa12HtQrQfh88M4x2wshOECPQHG885mVsTu59+z
bAhkrxCDpVI40IZBEFySDSKnUt82krNTcghWpf84MqANChSt2+uneHddMtgBR9Sv
wH8gigXDNPDmIZluMSDUq285q/3Z/9Z+4S+fbbb+gfpFXojDvkPwKMHEI+xNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTTPZhmjlfd989MWiBNTeIbSsYSAwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzYzMjJlMzEzOTMyMmUzMTM3
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAI+wLAwDQYJKoZIhvcNAQELBQADggEBAIGMpQxyT/lSXaQU8m8bxMfKaLvn5UIA
TA3bbXFOeB4yd+1nXDwyNHPrv0AX9rKfLKXmFbmX/B5Qf7w+sP9ElPy84N3YnHN4
mSyeWcUq79rf7IsUkp7Xt6lCdP851YAOKju4622slyPZetwUihUsuKB5gm6Y4JkX
Uv11Trs3jz88l99ZeA9wppJL3nu73G/cIHW4lXu0NmyeiMze912kftUKHCfLiFVb
5tFSqtRqMbRvAdq6lsW+HhZGBEvkk2WZ7fmDS/LjKGMkGbGj4xKCdv+kHt18pKbh
eHNu9acLM6vZdtd8Z8qoTBrg+T6yPk9EcX+O1MXTWdMaRRQU3crrDUU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org