Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/GECAzqq5bwWzGfx4L_3apUm9Ges.roa
File: GECAzqq5bwWzGfx4L_3apUm9Ges.roa (raw, json)
Hash identifier: DDJ415C9tPbsRSmy5fIfXlOsoZG/HSOwPn4d8BjJbCE=
Subject key identifier: 18:40:80:CE:AA:B9:6F:05:B3:19:FC:78:2F:FD:DA:A5:49:BD:19:EB
Certificate issuer: /CN=dea46eaae7aef2f44fe660162bb9dc70d6525af1
Certificate serial: 018CC801B3768C71D1C7636D47756FC005EA
Authority key identifier: DE:A4:6E:AA:E7:AE:F2:F4:4F:E6:60:16:2B:B9:DC:70:D6:52:5A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/GECAzqq5bwWzGfx4L_3apUm9Ges.roa
Signing time: Tue 02 Jan 2024 02:30:03 +0000
ROA not before: Tue 02 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9136
IP address blocks: 185.225.135.0/24 maxlen: 24
2a0d:c405::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/3qRuqueu8vRP5mAWK7nccNZSWvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/3qRuqueu8vRP5mAWK7nccNZSWvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b3:76:8c:71:d1:c7:63:6d:47:75:6f:c0:05:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea46eaae7aef2f44fe660162bb9dc70d6525af1
Validity
Not Before: Jan 2 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=184080ceaab96f05b319fc782ffddaa549bd19eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:ea:c1:b8:ec:c5:8d:fc:54:2a:29:c3:86:
fa:36:09:32:6f:bf:be:c5:30:6b:5c:ac:fd:6b:c1:
2b:6a:19:d4:35:67:1e:59:db:a8:8b:a8:ce:f5:5f:
9b:96:19:09:21:87:70:51:39:d4:9e:ee:a9:d9:0f:
f9:1a:57:37:25:9d:91:f0:85:3a:ae:5a:23:d0:8a:
eb:69:43:78:82:f3:b6:6a:cc:85:79:e5:8b:92:b2:
53:2f:96:d4:7f:cd:bc:bb:6a:c1:32:93:dd:22:22:
96:19:60:58:1b:73:5e:25:15:43:bf:5d:6c:27:f0:
6e:47:9f:01:1d:5b:fc:8d:ef:e0:81:d9:1f:22:97:
d2:49:83:a0:bd:16:01:fa:3c:d7:47:40:cf:99:10:
4c:2b:73:c4:03:01:61:96:4b:33:28:f9:c8:df:47:
11:f9:9e:fc:10:c9:d0:5b:1c:7f:96:dc:06:d4:bf:
dc:c1:76:13:d1:29:40:13:51:5d:6b:53:93:d3:13:
ee:06:74:15:b1:3a:60:52:6a:db:49:18:99:90:6a:
6b:c7:f7:e6:a9:ce:83:9f:f1:51:6f:ad:a1:e4:1b:
cb:bc:02:22:75:49:f2:17:78:b9:74:30:40:c4:ca:
f5:07:8a:fe:06:d1:3f:b3:5d:66:27:65:57:4b:07:
67:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:40:80:CE:AA:B9:6F:05:B3:19:FC:78:2F:FD:DA:A5:49:BD:19:EB
X509v3 Authority Key Identifier:
keyid:DE:A4:6E:AA:E7:AE:F2:F4:4F:E6:60:16:2B:B9:DC:70:D6:52:5A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/GECAzqq5bwWzGfx4L_3apUm9Ges.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/3qRuqueu8vRP5mAWK7nccNZSWvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.135.0/24
IPv6:
2a0d:c405::/32
Signature Algorithm: sha256WithRSAEncryption
7b:72:d2:4b:da:80:9f:d4:d5:af:bc:24:7e:fc:66:65:12:cb:
2d:b6:0f:a0:26:f5:d2:4e:03:54:5c:fc:b7:19:80:80:30:10:
e8:ee:11:4a:8e:0a:da:87:c4:aa:34:1a:ae:d8:ab:51:0a:be:
f8:23:28:06:9e:42:ac:f1:14:76:7b:75:c5:21:2f:e3:e5:fa:
a1:a5:8f:1e:d9:f5:bc:f6:a9:ae:1e:13:18:28:f0:26:40:42:
4e:11:e8:8c:10:c5:27:f4:d5:62:b0:d8:90:1a:ea:5e:e7:e9:
9f:cc:36:7a:2c:35:3c:18:35:60:34:5f:44:bd:bb:5e:24:50:
94:2d:0c:81:bc:bb:bd:bd:70:74:9a:bc:37:cf:60:2b:2f:ab:
21:b5:e2:91:40:f3:d4:86:24:17:be:bb:ac:90:ed:3b:15:3d:
a9:2e:e7:a3:22:e8:03:b8:0a:e3:b1:13:f2:12:c9:bb:e9:31:
de:08:a8:a1:89:74:a8:bf:01:c0:4c:0d:b0:ae:18:68:36:e2:
31:36:97:0a:f4:32:b9:17:b9:a7:ad:30:f7:eb:60:13:cc:86:
fe:ce:bf:a8:75:9e:43:05:8c:09:09:62:b3:e3:22:4c:ed:4e:
aa:1d:3b:b5:10:3c:04:ab:ee:7a:1f:89:2e:8c:5a:ef:39:6d:
8c:e3:f9:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAbN2jHHRx2NtR3VvwAXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTQ2ZWFhZTdhZWYyZjQ0ZmU2NjAxNjJiYjlkYzcwZDY1
MjVhZjEwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQwODBjZWFhYjk2ZjA1YjMxOWZjNzgyZmZkZGFhNTQ5YmQxOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE3qwbjsxY38VCopw4b6Ngkyb7++
xTBrXKz9a8ErahnUNWceWduoi6jO9V+blhkJIYdwUTnUnu6p2Q/5Glc3JZ2R8IU6
rloj0IrraUN4gvO2asyFeeWLkrJTL5bUf828u2rBMpPdIiKWGWBYG3NeJRVDv11s
J/BuR58BHVv8je/ggdkfIpfSSYOgvRYB+jzXR0DPmRBMK3PEAwFhlkszKPnI30cR
+Z78EMnQWxx/ltwG1L/cwXYT0SlAE1Fda1OT0xPuBnQVsTpgUmrbSRiZkGprx/fm
qc6Dn/FRb62h5BvLvAIidUnyF3i5dDBAxMr1B4r+BtE/s11mJ2VXSwdn1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBhAgM6quW8Fsxn8eC/92qVJvRnrMB8GA1UdIwQY
MBaAFN6kbqrnrvL0T+ZgFiu53HDWUlrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FSdXF1ZXU4dlJQNW1BV0s3bmNjTlpTV3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTM4OTAtOGQwNi00MjdjLTg1ZjEt
MWZhOWFjNTgwYjhlLzEvR0VDQXpxcTVid1d6R2Z4NExfM2FwVW05R2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTM4OTAtOGQwNi00MjdjLTg1ZjEtMWZhOWFjNTgwYjhl
LzEvM3FSdXF1ZXU4dlJQNW1BV0s3bmNjTlpTV3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueGHMA0E
AgACMAcDBQAqDcQFMA0GCSqGSIb3DQEBCwUAA4IBAQB7ctJL2oCf1NWvvCR+/GZl
Essttg+gJvXSTgNUXPy3GYCAMBDo7hFKjgrah8SqNBqu2KtRCr74IygGnkKs8RR2
e3XFIS/j5fqhpY8e2fW89qmuHhMYKPAmQEJOEeiMEMUn9NVisNiQGupe5+mfzDZ6
LDU8GDVgNF9EvbteJFCULQyBvLu9vXB0mrw3z2ArL6shteKRQPPUhiQXvruskO07
FT2pLuejIugDuArjsRPyEsm76THeCKihiXSovwHATA2wrhhoNuIxNpcK9DK5F7mn
rTD362ATzIb+zr+odZ5DBYwJCWKz4yJM7U6qHTu1EDwEq+56H4kujFrvOW2M4/nB
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:03:54 2024 by rpki-client on console-ams.rpki-client.org