Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/36322e3138322e3139322e302f32312d3234203d3e203432353332.roa
File: 36322e3138322e3139322e302f32312d3234203d3e203432353332.roa (raw, json)
Hash identifier: 3uX+IJtCK1auUN/owB303ntI6bBy0+b5ouSYztCnTmQ=
Subject key identifier: 10:0A:0C:B9:73:A7:87:8C:FF:EB:33:43:DD:64:FD:6A:79:E4:B5:59
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 5B4068D91936F3BE96C4E820C5F045499AD89311
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/36322e3138322e3139322e302f32312d3234203d3e203432353332.roa
Signing time: Mon 05 May 2025 18:35:50 +0000
ROA not before: Mon 05 May 2025 18:30:50 +0000
ROA not after: Mon 04 May 2026 18:35:50 +0000
asID: 42532
IP address blocks: 62.182.192.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:40:68:d9:19:36:f3:be:96:c4:e8:20:c5:f0:45:49:9a:d8:93:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: May 5 18:30:50 2025 GMT
Not After : May 4 18:35:50 2026 GMT
Subject: CN=100A0CB973A7878CFFEB3343DD64FD6A79E4B559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:e3:1e:91:25:c1:8f:e7:68:10:15:ee:97:
9a:ba:35:ed:87:95:bd:86:ad:de:50:e1:44:0e:7f:
3b:0b:47:60:60:03:b6:f5:cb:e5:55:12:ab:d3:c5:
5b:59:48:6e:8d:7e:71:c5:ce:6c:08:bd:d7:7b:af:
66:95:b8:4c:cc:b5:ab:db:2a:ad:ae:62:14:2b:dc:
61:b8:b0:0e:3f:c4:7d:53:82:f8:da:b0:37:c9:71:
52:8f:14:e2:f1:9d:c8:f9:ab:20:f5:f2:4d:81:b5:
f3:35:82:97:60:74:e3:d2:c5:0c:bc:b6:75:eb:1b:
d6:59:88:1f:8a:6b:2f:d4:69:28:67:31:f1:1d:4a:
0a:7f:22:aa:27:2f:1b:3a:db:e0:a5:e8:e9:f2:4d:
19:32:65:b3:50:58:5a:28:7e:be:70:9f:16:db:3d:
7d:d4:3c:6d:02:80:59:98:aa:71:75:51:b2:f9:38:
3c:02:b0:af:63:1d:4c:3d:eb:02:37:99:07:77:e7:
45:db:a9:1c:5c:de:05:3f:9b:92:fa:f7:f3:7e:ae:
66:3c:4e:5c:af:7f:ab:e5:80:2f:66:55:1f:b0:af:
6c:74:91:37:ba:80:1a:fe:2d:83:42:f6:34:e6:36:
ea:3d:b4:78:f7:0d:2e:9b:ba:a6:28:26:6a:9e:46:
cc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0A:0C:B9:73:A7:87:8C:FF:EB:33:43:DD:64:FD:6A:79:E4:B5:59
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/36322e3138322e3139322e302f32312d3234203d3e203432353332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.192.0/21
Signature Algorithm: sha256WithRSAEncryption
21:d2:7f:0e:53:8c:ec:a1:ff:21:a2:11:72:89:1f:bf:c0:62:
6e:79:05:71:56:f9:12:03:cb:63:10:92:9c:2a:43:73:4d:de:
0a:1b:d0:b4:26:cd:be:d2:07:d9:a8:f7:fe:93:2e:4e:cd:a8:
1e:94:b8:35:78:cb:e7:17:b2:32:7b:89:80:1b:0d:80:22:2d:
6b:44:89:b3:73:b5:f7:b3:7a:a1:3b:8b:4b:61:5e:8d:f2:36:
cf:cf:79:e1:11:ef:9c:bf:51:eb:03:cc:f9:95:01:8d:10:10:
f6:ce:78:cf:6e:f2:99:83:04:04:43:e3:b6:2b:40:d5:2d:2c:
b5:ea:d0:e4:bc:3b:c5:f1:92:b2:43:5a:e4:d9:92:e7:0c:ae:
b5:90:b1:11:99:b9:65:43:aa:37:f0:f1:74:16:2e:61:bc:94:
45:30:3b:9e:a4:42:98:2a:e5:9f:b4:c8:8c:62:4d:ba:9d:e7:
8c:54:26:87:1e:e9:58:40:dc:2e:1f:d1:44:e1:48:a8:51:06:
8c:c6:d4:d9:78:81:ff:7d:fd:be:21:f3:35:37:02:74:b0:84:
d6:91:be:55:64:fd:84:1c:52:0f:e6:d8:57:d1:0f:a0:ce:69:
19:c2:88:09:ad:e0:cf:9a:30:2d:fa:87:2f:92:f5:33:ab:4b:
b3:ca:89:f2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUW0Bo2Rk2876WxOggxfBFSZrYkxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNTA1MDUxODMwNTBaFw0yNjA1MDQxODM1NTBaMDMxMTAvBgNV
BAMTKDEwMEEwQ0I5NzNBNzg3OENGRkVCMzM0M0RENjRGRDZBNzlFNEI1NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi1+MekSXBj+doEBXul5q6Ne2H
lb2Grd5Q4UQOfzsLR2BgA7b1y+VVEqvTxVtZSG6NfnHFzmwIvdd7r2aVuEzMtavb
Kq2uYhQr3GG4sA4/xH1TgvjasDfJcVKPFOLxncj5qyD18k2BtfM1gpdgdOPSxQy8
tnXrG9ZZiB+Kay/UaShnMfEdSgp/IqonLxs62+Cl6OnyTRkyZbNQWFoofr5wnxbb
PX3UPG0CgFmYqnF1UbL5ODwCsK9jHUw96wI3mQd350XbqRxc3gU/m5L69/N+rmY8
Tlyvf6vlgC9mVR+wr2x0kTe6gBr+LYNC9jTmNuo9tHj3DS6buqYoJmqeRsyvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEAoMuXOnh4z/6zND3WT9annktVkwHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzYzMjJlMzEzODMyMmUzMTM5
MzIyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDMyMzUzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
PrbAMA0GCSqGSIb3DQEBCwUAA4IBAQAh0n8OU4zsof8hohFyiR+/wGJueQVxVvkS
A8tjEJKcKkNzTd4KG9C0Js2+0gfZqPf+ky5OzagelLg1eMvnF7Iye4mAGw2AIi1r
RImzc7X3s3qhO4tLYV6N8jbPz3nhEe+cv1HrA8z5lQGNEBD2znjPbvKZgwQEQ+O2
K0DVLSy16tDkvDvF8ZKyQ1rk2ZLnDK61kLERmbllQ6o38PF0Fi5hvJRFMDuepEKY
KuWftMiMYk26neeMVCaHHulYQNwuH9FE4UioUQaMxtTZeIH/ff2+IfM1NwJ0sITW
kb5VZP2EHFIP5thX0Q+gzmkZwogJreDPmjAt+ocvkvUzq0uzyony
-----END CERTIFICATE-----
Generated at Thu May 8 02:11:16 2025 by rpki-client