Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/Tcgkoxxj-3Y_xIvHNSyzlpwQH40.roa
File: Tcgkoxxj-3Y_xIvHNSyzlpwQH40.roa (raw, json)
Hash identifier: GqYXncKwQBAwiCmE8FmqI3646C3B1v1MmS8x0/OCQQE=
Subject key identifier: 4D:C8:24:A3:1C:63:FB:76:3F:C4:8B:C7:35:2C:B3:96:9C:10:1F:8D
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 018CC2DB068146E048AC1505398B139D38F5
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/Tcgkoxxj-3Y_xIvHNSyzlpwQH40.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 178.21.145.0/24 maxlen: 24
178.21.144.0/24 maxlen: 24
178.21.148.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
2a02:2c0:3::/48 maxlen: 48
2a02:2c0:1::/48 maxlen: 48
2a02:2c0:2::/48 maxlen: 48
2a02:2c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:06:81:46:e0:48:ac:15:05:39:8b:13:9d:38:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dc824a31c63fb763fc48bc7352cb3969c101f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:15:e1:34:28:6d:c3:2d:0d:64:17:d8:ae:04:
03:50:99:a6:85:20:65:01:18:15:c1:c1:e4:5b:0f:
f8:cd:ec:ab:21:92:3d:8d:86:34:e9:90:c6:6a:2d:
e0:cf:0b:f7:63:cd:a9:57:25:c8:fd:02:9e:6b:6a:
28:9e:ae:43:47:f4:52:d0:c1:e2:8c:ca:55:00:9d:
ab:b9:01:bd:cd:44:65:35:e3:ce:1c:22:4a:53:f8:
34:a1:f8:46:6f:3d:a2:46:27:92:b1:b0:12:78:4a:
57:6a:ad:5b:13:6a:f2:d9:f4:69:be:39:cc:02:2a:
92:16:c9:ef:c8:80:b5:15:93:ad:3a:3a:cb:cc:1f:
04:df:59:d6:cc:15:bb:44:a0:a9:f9:4b:97:04:67:
44:b6:eb:fa:eb:44:43:74:00:d6:3a:59:3a:f0:16:
64:2c:44:55:08:d8:8b:63:6f:39:df:b9:7c:f4:79:
b6:44:a1:8f:8f:2f:cc:78:93:e7:67:84:5b:0e:b4:
e3:8e:1e:46:8b:aa:78:15:8b:0e:c8:c8:cd:de:56:
ed:55:48:a3:60:41:b7:a0:21:0d:98:78:7e:5c:04:
39:31:68:38:f2:97:f6:45:ca:f3:2f:1e:16:4d:68:
c5:43:e4:ab:0e:5c:d6:ec:bf:a8:4d:9d:a9:7d:39:
38:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C8:24:A3:1C:63:FB:76:3F:C4:8B:C7:35:2C:B3:96:9C:10:1F:8D
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/Tcgkoxxj-3Y_xIvHNSyzlpwQH40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0-178.21.148.255
IPv6:
2a02:2c0::/46
Signature Algorithm: sha256WithRSAEncryption
54:28:e3:b8:a3:f4:16:30:97:70:c2:bd:cf:05:9c:fe:7b:c4:
4e:e0:42:db:54:e8:9c:1c:e8:33:d4:9d:2e:d5:74:3a:dc:aa:
d6:36:09:47:f6:83:08:46:ec:ee:b8:de:a4:17:34:99:de:e4:
26:b7:1a:36:53:a5:77:72:2a:e9:9e:80:09:dc:c0:b2:d8:1f:
c7:48:dd:aa:a8:21:4c:3f:b3:3a:d2:19:c4:3b:a6:6c:80:99:
59:b0:55:9e:c6:15:73:31:f2:be:0e:0c:31:94:bf:c3:6d:33:
cf:52:ef:eb:bc:3d:93:dd:53:44:ba:d7:18:73:31:96:01:bd:
cc:ab:8a:09:6b:b9:e5:bf:60:b3:09:92:37:d4:23:c0:64:0c:
cf:16:09:6e:16:8e:ae:45:63:be:cf:4e:32:86:02:34:a4:26:
5a:23:a1:f5:4d:8f:7e:3a:68:7e:90:01:bf:b6:94:f5:2e:ee:
97:59:0f:8c:98:54:02:ad:7d:b3:09:ff:f6:2d:84:36:36:a5:
d3:77:70:3c:a3:89:5d:e3:2c:67:90:8e:f9:16:41:07:48:42:
1f:20:f5:bf:37:c9:6b:1c:a6:45:da:32:fb:51:03:7e:5e:4c:
1c:4d:ce:e7:fd:13:07:df:65:9c:67:eb:ab:8b:63:ab:1f:78:
91:7f:39:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzC2waBRuBIrBUFOYsTnTj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM4MjRhMzFjNjNmYjc2M2ZjNDhiYzczNTJjYjM5NjljMTAxZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBXhNChtwy0NZBfYrgQDUJmmhSBl
ARgVwcHkWw/4zeyrIZI9jYY06ZDGai3gzwv3Y82pVyXI/QKea2oonq5DR/RS0MHi
jMpVAJ2ruQG9zURlNePOHCJKU/g0ofhGbz2iRieSsbASeEpXaq1bE2ry2fRpvjnM
AiqSFsnvyIC1FZOtOjrLzB8E31nWzBW7RKCp+UuXBGdEtuv660RDdADWOlk68BZk
LERVCNiLY28537l89Hm2RKGPjy/MeJPnZ4RbDrTjjh5Gi6p4FYsOyMjN3lbtVUij
YEG3oCENmHh+XAQ5MWg48pf2RcrzLx4WTWjFQ+SrDlzW7L+oTZ2pfTk47wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3IJKMcY/t2P8SLxzUss5acEB+NMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvVGNna294eGotM1lfeEl2SE5TeXpscHdRSDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBASyFZAD
BACyFZQwDwQCAAIwCQMHAioCAsAAADANBgkqhkiG9w0BAQsFAAOCAQEAVCjjuKP0
FjCXcMK9zwWc/nvETuBC21TonBzoM9SdLtV0Otyq1jYJR/aDCEbs7rjepBc0md7k
JrcaNlOld3Iq6Z6ACdzAstgfx0jdqqghTD+zOtIZxDumbICZWbBVnsYVczHyvg4M
MZS/w20zz1Lv67w9k91TRLrXGHMxlgG9zKuKCWu55b9gswmSN9QjwGQMzxYJbhaO
rkVjvs9OMoYCNKQmWiOh9U2PfjpofpABv7aU9S7ul1kPjJhUAq19swn/9i2ENjal
03dwPKOJXeMsZ5CO+RZBB0hCHyD1vzfJaxymRdoy+1EDfl5MHE3O5/0TB99lnGfr
q4tjqx94kX85Tg==
-----END CERTIFICATE-----
Generated at Thu May 2 20:47:57 2024 by rpki-client on console-ams.rpki-client.org