Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/KyQ1825MKdhF2CJ9fkchMu5eVAI.roa
File: KyQ1825MKdhF2CJ9fkchMu5eVAI.roa (raw, json)
Hash identifier: lytKpMAhmBBFSCM9v20O7CRfzkKDWawFJIGezRjovI0=
Subject key identifier: 2B:24:35:F3:6E:4C:29:D8:45:D8:22:7D:7E:47:21:32:EE:5E:54:02
Certificate issuer: /CN=c7f6ad83f25c2886a25857fb515d4559527c46f7
Certificate serial: 018CC94BD53DC405977B1ADD9D7DB3E4574A
Authority key identifier: C7:F6:AD:83:F2:5C:28:86:A2:58:57:FB:51:5D:45:59:52:7C:46:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/KyQ1825MKdhF2CJ9fkchMu5eVAI.roa
Signing time: Tue 02 Jan 2024 08:30:39 +0000
ROA not before: Tue 02 Jan 2024 08:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59545
IP address blocks: 93.157.0.0/21 maxlen: 32
195.5.163.0/24 maxlen: 32
2001:67c:54::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:d5:3d:c4:05:97:7b:1a:dd:9d:7d:b3:e4:57:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f6ad83f25c2886a25857fb515d4559527c46f7
Validity
Not Before: Jan 2 08:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b2435f36e4c29d845d8227d7e472132ee5e5402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c5:b7:ef:17:d8:29:ae:ae:f0:08:aa:fc:7a:
cd:9a:ad:32:e4:2f:e7:aa:23:55:49:58:fd:2a:71:
1a:34:1c:ce:80:f3:69:16:98:74:5b:a6:d7:79:f1:
9d:1c:31:47:d4:66:44:c5:f5:30:1f:93:af:a3:b2:
54:a1:ad:09:3d:3d:65:39:15:f7:a8:2b:03:69:ee:
ef:3c:e7:35:34:dc:6d:64:c0:b8:1b:49:aa:47:23:
68:40:42:40:82:28:07:0c:bf:39:68:6e:ac:03:83:
f5:b2:0c:a6:52:eb:ca:f3:c0:ae:ea:79:d8:a8:e5:
5f:14:ea:3e:52:51:b6:f8:ed:24:7e:b1:56:ed:55:
16:7e:42:04:48:bd:5e:64:ee:67:ae:94:56:f9:4e:
85:89:f2:54:5b:60:89:82:76:b0:1e:96:a6:a1:8d:
e8:ab:67:91:ee:28:10:b5:a8:93:f3:aa:47:c1:52:
7f:1d:dc:a0:cb:17:6a:92:63:7b:53:4f:4e:69:5a:
d1:df:01:3b:ad:81:4e:02:f2:85:83:1d:14:d6:16:
fd:ec:77:2c:f5:aa:0a:3d:5e:09:ad:63:0f:e8:cc:
47:7b:87:c3:ee:3b:d0:34:bd:89:7c:66:2a:b4:8a:
75:36:e0:92:f8:6f:4f:af:d4:e0:e6:23:fe:82:6b:
eb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:24:35:F3:6E:4C:29:D8:45:D8:22:7D:7E:47:21:32:EE:5E:54:02
X509v3 Authority Key Identifier:
keyid:C7:F6:AD:83:F2:5C:28:86:A2:58:57:FB:51:5D:45:59:52:7C:46:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/KyQ1825MKdhF2CJ9fkchMu5eVAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.0.0/21
195.5.163.0/24
IPv6:
2001:67c:54::/48
Signature Algorithm: sha256WithRSAEncryption
45:13:dc:5d:f7:be:4f:6d:56:95:a7:eb:da:ff:6e:98:7e:d9:
36:a1:aa:3b:90:83:e4:68:25:92:2d:33:be:0d:7d:4a:b4:f2:
d4:84:21:cd:02:c7:60:ed:ae:93:01:be:d4:68:f2:91:38:52:
53:b2:cc:e9:50:af:2d:a5:bc:0f:57:5f:18:72:40:c7:1a:f3:
18:57:3f:c1:08:03:7a:4a:dd:9d:83:f2:00:c0:b6:e4:17:48:
bc:38:ab:94:fb:86:fa:c4:ce:62:9b:e7:c3:b4:f3:38:12:c9:
62:53:be:69:38:4d:15:28:58:72:09:ee:6b:7b:4c:0f:8f:51:
8a:40:73:9f:c9:ac:54:2c:ed:3e:47:14:7f:a8:69:c7:7c:6d:
df:3b:7f:d6:ff:69:9e:60:9e:a7:a9:90:60:cb:48:cc:24:40:
39:1d:55:f6:eb:b1:19:b8:ad:97:5c:1b:b2:d8:ff:5e:2c:bb:
02:71:f7:62:ad:96:ac:c9:87:6a:89:e6:33:21:fe:d2:ed:09:
a0:a0:14:2e:ba:c9:2b:c4:d4:a4:94:d5:a3:6f:6c:38:b0:80:
bf:49:44:41:d1:ac:00:0a:f7:ee:6b:dc:05:2d:6b:02:8b:7b:
a7:23:38:36:47:8d:eb:d9:8a:66:97:ca:df:74:86:8b:c1:6c:
cd:4f:a8:a7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJS9U9xAWXexrdnX2z5FdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjZhZDgzZjI1YzI4ODZhMjU4NTdmYjUxNWQ0NTU5NTI3
YzQ2ZjcwHhcNMjQwMTAyMDgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI0MzVmMzZlNGMyOWQ4NDVkODIyN2Q3ZTQ3MjEzMmVlNWU1NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMW37xfYKa6u8Aiq/HrNmq0y5C/n
qiNVSVj9KnEaNBzOgPNpFph0W6bXefGdHDFH1GZExfUwH5Ovo7JUoa0JPT1lORX3
qCsDae7vPOc1NNxtZMC4G0mqRyNoQEJAgigHDL85aG6sA4P1sgymUuvK88Cu6nnY
qOVfFOo+UlG2+O0kfrFW7VUWfkIESL1eZO5nrpRW+U6FifJUW2CJgnawHpamoY3o
q2eR7igQtaiT86pHwVJ/HdygyxdqkmN7U09OaVrR3wE7rYFOAvKFgx0U1hb97Hcs
9aoKPV4JrWMP6MxHe4fD7jvQNL2JfGYqtIp1NuCS+G9Pr9Tg5iP+gmvr8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCskNfNuTCnYRdgifX5HITLuXlQCMB8GA1UdIwQY
MBaAFMf2rYPyXCiGolhX+1FdRVlSfEb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9hdGdfSmNLSWFpV0ZmN1VWMUZXVko4UnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85N2U0ZTUtMDI0Ny00NmJhLTgzY2Et
MzI2OGFlOTA5NmRjLzEvS3lRMTgyNU1LZGhGMkNKOWZrY2hNdTVlVkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85N2U0ZTUtMDI0Ny00NmJhLTgzY2EtMzI2OGFlOTA5NmRj
LzEveF9hdGdfSmNLSWFpV0ZmN1VWMUZXVko4UnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDXZ0AAwQA
wwWjMA8EAgACMAkDBwAgAQZ8AFQwDQYJKoZIhvcNAQELBQADggEBAEUT3F33vk9t
VpWn69r/bph+2TahqjuQg+RoJZItM74NfUq08tSEIc0Cx2DtrpMBvtRo8pE4UlOy
zOlQry2lvA9XXxhyQMca8xhXP8EIA3pK3Z2D8gDAtuQXSLw4q5T7hvrEzmKb58O0
8zgSyWJTvmk4TRUoWHIJ7mt7TA+PUYpAc5/JrFQs7T5HFH+oacd8bd87f9b/aZ5g
nqepkGDLSMwkQDkdVfbrsRm4rZdcG7LY/14suwJx92KtlqzJh2qJ5jMh/tLtCaCg
FC66ySvE1KSU1aNvbDiwgL9JREHRrAAK9+5r3AUtawKLe6cjODZHjevZimaXyt90
hovBbM1PqKc=
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:58:29 2024 by rpki-client on console-ams.rpki-client.org