Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/gecfs4h459ZmHC8jyPITfaxQ-Mc.roa
File: gecfs4h459ZmHC8jyPITfaxQ-Mc.roa (raw, json)
Hash identifier: UbPFMr4ZgA/pyMWslD2T+IwgJUqlNLC0EhJraYsEqK8=
Subject key identifier: 81:E7:1F:B3:88:78:E7:D6:66:1C:2F:23:C8:F2:13:7D:AC:50:F8:C7
Certificate issuer: /CN=53390b13c9ef4afcfd08124111e6f63dc30165aa
Certificate serial: 018CC34898871866B9284EBF0162916544EC
Authority key identifier: 53:39:0B:13:C9:EF:4A:FC:FD:08:12:41:11:E6:F6:3D:C3:01:65:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/gecfs4h459ZmHC8jyPITfaxQ-Mc.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31655
IP address blocks: 185.9.232.0/22 maxlen: 24
2a02:df80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.mft
rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:98:87:18:66:b9:28:4e:bf:01:62:91:65:44:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53390b13c9ef4afcfd08124111e6f63dc30165aa
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81e71fb38878e7d6661c2f23c8f2137dac50f8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f8:a9:41:3c:90:22:1d:50:d5:fc:72:b8:11:
9e:bb:e0:af:0a:d1:a3:2a:7d:79:65:76:40:41:4b:
7e:02:42:7d:da:7f:32:8e:5a:eb:38:d1:92:c3:fd:
6e:ca:d6:cf:61:91:30:89:dc:3d:37:5f:33:c4:15:
31:09:53:39:14:21:3c:e7:f5:e1:61:cd:46:3b:88:
cf:b9:d3:f9:87:9d:47:12:1c:89:6e:40:9b:0e:8a:
83:77:20:59:9c:0c:c1:22:cf:5e:a5:cc:f2:ee:d2:
27:fe:00:52:3c:16:f3:27:3f:ba:a7:a8:f4:37:8b:
67:3c:62:76:de:7a:7f:9a:a1:3d:c1:b6:d2:c9:6d:
4d:27:18:d5:a8:73:a0:c4:d8:60:91:9e:43:a5:47:
4a:6e:3b:76:54:9b:05:9a:8a:37:6c:34:ef:ca:40:
ae:22:7e:79:15:e2:82:42:a9:28:d7:39:da:73:07:
97:0b:79:9a:8c:86:fd:4d:ea:c0:27:16:73:55:f9:
61:52:c0:2b:0f:40:64:c8:98:d0:47:c0:de:96:ac:
ef:9b:d5:9a:78:7d:92:f4:8d:93:8e:d7:5b:82:39:
8c:bc:9d:c9:f7:df:41:7e:a7:38:59:b4:0f:7e:41:
d0:db:e7:4e:e6:0b:9f:41:67:c0:45:48:1e:36:75:
0c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E7:1F:B3:88:78:E7:D6:66:1C:2F:23:C8:F2:13:7D:AC:50:F8:C7
X509v3 Authority Key Identifier:
keyid:53:39:0B:13:C9:EF:4A:FC:FD:08:12:41:11:E6:F6:3D:C3:01:65:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/gecfs4h459ZmHC8jyPITfaxQ-Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.232.0/22
IPv6:
2a02:df80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:03:84:0a:57:c8:4e:41:ef:eb:a0:a9:65:2f:53:fc:c3:f3:
ad:cd:18:55:52:eb:4f:be:18:30:2c:b6:84:91:5a:4e:72:45:
20:b8:34:5b:06:a0:67:04:24:d3:71:0e:dc:73:48:25:ee:a4:
bc:64:b1:3b:a9:23:00:a0:6c:55:70:41:79:19:b4:c5:fd:c2:
1a:c8:3b:8e:a3:b4:c6:9c:e8:f0:42:55:05:af:69:3e:85:54:
89:14:ed:ed:0a:e9:b0:99:b8:4e:e6:59:3f:b8:8e:b7:6a:15:
ff:06:8d:c1:3e:d9:9c:57:f5:19:7e:16:d6:69:e2:8d:99:37:
eb:a8:de:86:9f:f2:1c:4f:d2:23:22:86:2b:63:74:3b:98:9e:
c9:79:61:79:62:58:92:46:a3:c2:39:b9:a0:8b:f8:a0:a5:22:
02:56:fa:21:46:87:e6:b4:49:2a:97:7f:88:27:c5:70:8f:8f:
f6:3b:86:55:95:c3:da:b4:5e:18:58:19:83:6e:94:b6:37:f6:
80:ce:63:ed:36:93:10:b0:48:cd:b9:eb:d0:26:0e:b9:f5:ff:
84:a5:df:ba:fc:a7:0f:b5:37:53:53:c1:e7:06:8e:8d:f7:d6:
01:f8:5e:02:7d:4e:d0:ca:c4:7c:cc:5c:d4:6d:eb:e7:03:23:
fc:b0:46:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSJiHGGa5KE6/AWKRZUTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzkwYjEzYzllZjRhZmNmZDA4MTI0MTExZTZmNjNkYzMw
MTY1YWEwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWU3MWZiMzg4NzhlN2Q2NjYxYzJmMjNjOGYyMTM3ZGFjNTBmOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfipQTyQIh1Q1fxyuBGeu+CvCtGj
Kn15ZXZAQUt+AkJ92n8yjlrrONGSw/1uytbPYZEwidw9N18zxBUxCVM5FCE85/Xh
Yc1GO4jPudP5h51HEhyJbkCbDoqDdyBZnAzBIs9epczy7tIn/gBSPBbzJz+6p6j0
N4tnPGJ23np/mqE9wbbSyW1NJxjVqHOgxNhgkZ5DpUdKbjt2VJsFmoo3bDTvykCu
In55FeKCQqko1znacweXC3majIb9TerAJxZzVflhUsArD0BkyJjQR8Delqzvm9Wa
eH2S9I2TjtdbgjmMvJ3J999Bfqc4WbQPfkHQ2+dO5gufQWfARUgeNnUMwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIHnH7OIeOfWZhwvI8jyE32sUPjHMB8GA1UdIwQY
MBaAFFM5CxPJ70r8/QgSQRHm9j3DAWWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXprTEU4bnZTdno5Q0JKQkVlYjJQY01CWmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84OWM0YWItOTg0Yi00ZjZjLWJkZDAt
MzNkN2FjMzcwOTc5LzEvZ2VjZnM0aDQ1OVptSEM4anlQSVRmYXhRLU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84OWM0YWItOTg0Yi00ZjZjLWJkZDAtMzNkN2FjMzcwOTc5
LzEvVXprTEU4bnZTdno5Q0JKQkVlYjJQY01CWmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQnoMA0E
AgACMAcDBQMqAt+AMA0GCSqGSIb3DQEBCwUAA4IBAQAKA4QKV8hOQe/roKllL1P8
w/OtzRhVUutPvhgwLLaEkVpOckUguDRbBqBnBCTTcQ7cc0gl7qS8ZLE7qSMAoGxV
cEF5GbTF/cIayDuOo7TGnOjwQlUFr2k+hVSJFO3tCumwmbhO5lk/uI63ahX/Bo3B
PtmcV/UZfhbWaeKNmTfrqN6Gn/IcT9IjIoYrY3Q7mJ7JeWF5YliSRqPCObmgi/ig
pSICVvohRofmtEkql3+IJ8Vwj4/2O4ZVlcPatF4YWBmDbpS2N/aAzmPtNpMQsEjN
uevQJg659f+Epd+6/KcPtTdTU8HnBo6N99YB+F4CfU7QysR8zFzUbevnAyP8sEZs
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:57:03 2024 by rpki-client on console-ams.rpki-client.org