Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/8_KpROUC87LoQNS8VLY736yyEU0.roa
File: 8_KpROUC87LoQNS8VLY736yyEU0.roa (raw, json)
Hash identifier: NpPz976hFkzmvsf10MQsmlZrALQ8wykuCf3a9p8Qpbk=
Subject key identifier: F3:F2:A9:44:E5:02:F3:B2:E8:40:D4:BC:54:B6:3B:DF:AC:B2:11:4D
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 018CC2DB06C07465308D7A5AD2610195B441
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/8_KpROUC87LoQNS8VLY736yyEU0.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203560
IP address blocks: 178.21.145.0/24 maxlen: 24
178.21.144.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
2a02:2c0:3::/48 maxlen: 48
2a02:2c0:1::/48 maxlen: 48
2a02:2c0:2::/48 maxlen: 48
2a02:2c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:06:c0:74:65:30:8d:7a:5a:d2:61:01:95:b4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3f2a944e502f3b2e840d4bc54b63bdfacb2114d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ac:40:b3:88:eb:44:ab:d8:cc:5f:19:a4:0e:
d9:a3:2c:68:cb:0c:9c:8e:00:d4:14:37:52:6c:f4:
0c:84:c7:be:6b:7a:79:da:ca:6b:12:b6:8f:37:26:
ec:c0:65:32:7c:4d:a1:71:dc:c4:f5:81:f1:67:1b:
c3:db:79:42:c4:03:65:bf:c9:e4:e3:73:86:df:a9:
14:24:a2:1f:84:fb:b2:5f:ed:c8:4a:c3:ec:de:2b:
d1:20:06:af:d4:92:17:70:28:c2:be:65:c3:8a:28:
ca:4c:11:ab:db:e8:3f:8d:e9:f6:28:02:6e:a4:35:
43:c9:d9:00:60:2b:c4:1a:be:08:fa:cb:b9:31:6f:
b6:03:91:ad:90:a8:19:1f:c9:87:54:3f:9a:20:a9:
76:b4:33:76:7c:78:db:06:3e:db:39:76:30:dc:71:
dd:c4:6e:e3:f7:1c:84:cf:e8:fd:c0:f3:f8:11:e6:
d9:c3:6a:58:e7:18:77:d4:11:89:8a:51:58:09:de:
56:3b:06:93:af:ba:09:c3:6d:f1:89:00:97:3e:03:
df:7b:8f:59:6b:70:e4:cc:ef:46:f8:86:15:56:5f:
ef:a2:22:cb:cb:8d:4f:8a:6d:7e:50:7b:42:b8:e8:
4f:02:ff:61:01:25:f5:fb:15:c4:11:bd:88:34:46:
31:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F2:A9:44:E5:02:F3:B2:E8:40:D4:BC:54:B6:3B:DF:AC:B2:11:4D
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/8_KpROUC87LoQNS8VLY736yyEU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
IPv6:
2a02:2c0::/46
Signature Algorithm: sha256WithRSAEncryption
96:5f:53:4c:9b:96:06:57:9d:f3:36:f2:17:f7:68:89:23:ca:
70:35:e9:b2:6f:99:7f:12:5a:8e:e4:32:43:fb:9c:4d:01:41:
a1:f2:b8:2f:4c:b7:e1:45:9d:d1:b6:f3:e0:55:d5:c6:a0:97:
80:4a:e4:eb:27:8f:fd:c5:9c:45:b6:5f:be:8f:13:c3:d9:fd:
b6:96:6d:73:26:e4:91:0d:42:e9:1e:3e:fa:51:dd:ca:8a:eb:
51:88:ff:f9:7f:d5:b7:e6:e1:2b:98:e1:15:0e:91:41:ab:05:
e4:35:1f:57:dc:0d:3c:ea:7a:c1:22:fb:94:cf:ca:bc:31:66:
5f:78:2c:26:22:ab:2e:ab:14:7f:b9:00:a6:85:94:e3:38:b1:
6b:15:09:fe:08:b5:18:51:39:3c:5e:cb:bc:72:10:b5:3f:5d:
68:44:0a:f2:6c:71:05:27:2b:55:ba:5f:f6:fd:33:1c:ca:0c:
6c:37:a4:fd:b6:30:d1:05:50:75:ff:98:29:c6:ac:76:40:fd:
95:cb:6e:23:66:e2:97:c3:dd:7e:2b:a1:67:71:9c:f0:11:d9:
cb:95:27:ab:a8:a1:b3:6e:05:d1:42:4e:38:a8:83:58:17:aa:
8c:ab:b0:38:3e:40:e1:50:81:33:4a:f7:95:43:72:95:9a:29:
8a:73:50:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2wbAdGUwjXpa0mEBlbRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2YyYTk0NGU1MDJmM2IyZTg0MGQ0YmM1NGI2M2JkZmFjYjIxMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKxAs4jrRKvYzF8ZpA7Zoyxoywyc
jgDUFDdSbPQMhMe+a3p52sprEraPNybswGUyfE2hcdzE9YHxZxvD23lCxANlv8nk
43OG36kUJKIfhPuyX+3ISsPs3ivRIAav1JIXcCjCvmXDiijKTBGr2+g/jen2KAJu
pDVDydkAYCvEGr4I+su5MW+2A5GtkKgZH8mHVD+aIKl2tDN2fHjbBj7bOXYw3HHd
xG7j9xyEz+j9wPP4EebZw2pY5xh31BGJilFYCd5WOwaTr7oJw23xiQCXPgPfe49Z
a3DkzO9G+IYVVl/voiLLy41Pim1+UHtCuOhPAv9hASX1+xXEEb2INEYx7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPPyqUTlAvOy6EDUvFS2O9+sshFNMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvOF9LcFJPVUM4N0xvUU5TOFZMWTczNnl5RVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCshWQMA8E
AgACMAkDBwIqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBAJZfU0yblgZXnfM28hf3
aIkjynA16bJvmX8SWo7kMkP7nE0BQaHyuC9Mt+FFndG28+BV1cagl4BK5Osnj/3F
nEW2X76PE8PZ/baWbXMm5JENQukePvpR3cqK61GI//l/1bfm4SuY4RUOkUGrBeQ1
H1fcDTzqesEi+5TPyrwxZl94LCYiqy6rFH+5AKaFlOM4sWsVCf4ItRhROTxey7xy
ELU/XWhECvJscQUnK1W6X/b9MxzKDGw3pP22MNEFUHX/mCnGrHZA/ZXLbiNm4pfD
3X4roWdxnPAR2cuVJ6uoobNuBdFCTjiog1gXqoyrsDg+QOFQgTNK95VDcpWaKYpz
UKg=
-----END CERTIFICATE-----
Generated at Mon May 20 17:52:38 2024 by rpki-client on console-ams.rpki-client.org