Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/KyHzc2l5WX4deastExYuOYoYTU8.roa
File: KyHzc2l5WX4deastExYuOYoYTU8.roa (raw, json)
Hash identifier: dB3uCN+Hc9zOyWjqIV5Ht0HxwQKyRJdiXYAVeB3r1ws=
Subject key identifier: 2B:21:F3:73:69:79:59:7E:1D:79:AB:2D:13:16:2E:39:8A:18:4D:4F
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018CC64B81C7D7E3D77FD3E0AD3AD85CB893
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/KyHzc2l5WX4deastExYuOYoYTU8.roa
Signing time: Mon 01 Jan 2024 18:31:26 +0000
ROA not before: Mon 01 Jan 2024 18:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30793
IP address blocks: 87.239.216.0/22 maxlen: 22
87.239.216.0/21 maxlen: 21
85.31.252.0/24 maxlen: 24
93.180.160.0/19 maxlen: 19
185.58.160.0/23 maxlen: 23
185.58.160.0/22 maxlen: 22
185.58.162.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:81:c7:d7:e3:d7:7f:d3:e0:ad:3a:d8:5c:b8:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 18:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b21f3736979597e1d79ab2d13162e398a184d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:54:5f:42:71:8e:99:ea:1e:c1:70:b1:87:3a:
26:fe:a5:ab:ae:b0:ba:36:70:e7:2d:3c:1f:f4:a0:
e8:65:7a:cf:a2:a1:1a:8a:9c:a2:f4:0c:80:85:04:
c6:cc:5f:32:73:74:40:6f:d5:a3:9e:4f:da:bc:d1:
b2:75:84:3a:c3:6e:16:5b:86:43:c2:32:47:29:60:
71:ab:2d:48:e8:56:4d:3a:e5:14:f5:ea:83:90:40:
26:4d:9c:71:2c:ca:43:48:0d:ba:26:5c:b9:dd:92:
1a:e0:80:f7:8a:2c:c1:1d:a5:50:40:e2:19:19:87:
f9:7d:3e:bc:84:9a:71:98:b8:e2:11:45:a0:20:1e:
8a:57:28:5d:b6:fa:39:7c:9f:02:8e:42:c3:32:c7:
5d:91:5e:af:10:9f:fd:37:de:e5:8a:12:8f:53:4f:
56:c8:1e:68:f8:68:b1:66:2d:f0:de:76:34:b1:66:
9b:12:9a:0d:8e:47:e4:63:b7:b3:df:39:f0:6e:ff:
34:83:15:d5:85:c0:57:26:3d:42:ed:04:51:90:84:
90:9e:a0:b6:86:60:83:e4:b3:d9:39:b7:50:1f:63:
01:b7:db:79:81:af:f9:d5:45:e8:fc:d6:02:bd:60:
b4:ae:57:39:ad:72:21:21:04:cd:4c:24:57:a6:95:
97:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:21:F3:73:69:79:59:7E:1D:79:AB:2D:13:16:2E:39:8A:18:4D:4F
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/KyHzc2l5WX4deastExYuOYoYTU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.252.0/24
87.239.216.0/21
93.180.160.0/19
185.58.160.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:71:62:1a:34:88:d7:80:e0:18:cb:cc:19:45:98:9f:82:ec:
3f:d5:ae:0e:2f:53:42:95:43:1a:3b:51:5a:c4:8d:1a:b5:aa:
87:37:3c:0c:d1:f4:2d:dd:db:93:3d:f0:bf:15:ad:53:b6:2d:
42:01:61:41:11:d6:11:3f:d7:ba:2a:7a:ab:0c:54:10:20:ce:
03:ed:dc:e2:2b:40:56:5d:29:53:63:1d:4b:03:ee:7d:0e:6a:
30:39:72:25:42:d7:27:ef:37:1f:8d:eb:37:a8:de:83:20:29:
aa:9a:a5:42:40:ba:0c:ee:be:7f:fc:55:4f:3e:55:45:45:07:
80:85:59:bd:4a:8b:c2:08:65:76:8a:3a:ac:68:14:78:56:28:
14:a4:32:73:83:1a:f3:51:ab:d2:e6:3d:62:ef:ef:32:10:28:
74:a8:e4:88:5f:2b:bc:dd:38:04:bf:30:8a:4f:94:60:2f:f1:
65:2b:ef:18:ff:cf:ff:3d:00:48:f0:b9:a9:97:4d:43:54:3b:
7e:9b:e0:dd:e4:68:56:70:b8:ac:39:c4:54:c8:32:63:e7:61:
a5:0c:37:81:0f:f2:53:80:0b:92:00:fd:eb:e9:f3:39:be:36:
5e:dc:86:68:56:97:18:87:ac:86:1a:fd:be:33:02:3b:e2:69:
ab:45:1d:54
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGS4HH1+PXf9PgrTrYXLiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjIxZjM3MzY5Nzk1OTdlMWQ3OWFiMmQxMzE2MmUzOThhMTg0ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVRfQnGOmeoewXCxhzom/qWrrrC6
NnDnLTwf9KDoZXrPoqEaipyi9AyAhQTGzF8yc3RAb9Wjnk/avNGydYQ6w24WW4ZD
wjJHKWBxqy1I6FZNOuUU9eqDkEAmTZxxLMpDSA26Jly53ZIa4ID3iizBHaVQQOIZ
GYf5fT68hJpxmLjiEUWgIB6KVyhdtvo5fJ8CjkLDMsddkV6vEJ/9N97lihKPU09W
yB5o+GixZi3w3nY0sWabEpoNjkfkY7ez3znwbv80gxXVhcBXJj1C7QRRkISQnqC2
hmCD5LPZObdQH2MBt9t5ga/51UXo/NYCvWC0rlc5rXIhIQTNTCRXppWXVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCsh83NpeVl+HXmrLRMWLjmKGE1PMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvS3lIemMybDVXWDRkZWFzdEV4WXVPWW9ZVFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVR/8AwQD
V+/YAwQFXbSgAwQCuTqgMA0GCSqGSIb3DQEBCwUAA4IBAQAMcWIaNIjXgOAYy8wZ
RZifguw/1a4OL1NClUMaO1FaxI0ataqHNzwM0fQt3duTPfC/Fa1Tti1CAWFBEdYR
P9e6KnqrDFQQIM4D7dziK0BWXSlTYx1LA+59DmowOXIlQtcn7zcfjes3qN6DICmq
mqVCQLoM7r5//FVPPlVFRQeAhVm9SovCCGV2ijqsaBR4VigUpDJzgxrzUavS5j1i
7+8yECh0qOSIXyu83TgEvzCKT5RgL/FlK+8Y/8//PQBI8Lmpl01DVDt+m+Dd5GhW
cLisOcRUyDJj52GlDDeBD/JTgAuSAP3r6fM5vjZe3IZoVpcYh6yGGv2+MwI74mmr
RR1U
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:06 2024 by rpki-client on console-ams.rpki-client.org