Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/ABLd_GhkY3vakEeuFHvoMmFguBA.roa
File: ABLd_GhkY3vakEeuFHvoMmFguBA.roa (raw, json)
Hash identifier: 3PTn1zmCH8kuJUSoOyMk4VBESvJfeeNo1ozAN35MB0Q=
Subject key identifier: 00:12:DD:FC:68:64:63:7B:DA:90:47:AE:14:7B:E8:32:61:60:B8:10
Certificate issuer: /CN=db186422279d9d8b4e68e69b1296e532d4da0c3f
Certificate serial: 018CC94E1FD8594608FDA21F330EDABE12EA
Authority key identifier: DB:18:64:22:27:9D:9D:8B:4E:68:E6:9B:12:96:E5:32:D4:DA:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/ABLd_GhkY3vakEeuFHvoMmFguBA.roa
Signing time: Tue 02 Jan 2024 08:33:09 +0000
ROA not before: Tue 02 Jan 2024 08:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203441
IP address blocks: 185.132.224.0/22 maxlen: 22
193.105.103.0/24 maxlen: 24
2a03:a660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:1f:d8:59:46:08:fd:a2:1f:33:0e:da:be:12:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db186422279d9d8b4e68e69b1296e532d4da0c3f
Validity
Not Before: Jan 2 08:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0012ddfc6864637bda9047ae147be8326160b810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8b:34:2f:91:9b:4c:e2:c9:2b:bc:4f:12:ea:
b2:92:62:b8:df:0d:36:78:7c:f5:b9:70:6a:06:97:
1a:d4:9a:55:2e:69:70:ae:f1:15:28:59:54:3c:10:
8a:bd:c5:85:f1:8a:93:84:75:1c:fc:c6:91:7d:10:
b8:7c:d2:53:1a:82:cc:a1:f6:09:7c:8d:8e:59:3d:
81:88:eb:4d:db:2e:bf:ef:dc:59:46:53:8e:c1:56:
be:1b:60:01:8e:e4:fb:0b:f4:d9:6f:00:0e:5d:85:
6d:0a:c5:d7:1e:9e:40:1e:99:f7:b9:59:5a:50:97:
41:d3:8f:b1:e9:d5:90:1b:c3:ee:5a:2a:7a:c0:7b:
47:7d:13:4b:f2:85:68:25:e2:85:e8:fc:a5:7a:89:
73:76:3e:2c:74:69:d7:59:5d:8c:5b:70:9f:f2:03:
4c:72:21:c6:dc:67:a3:10:6c:f6:36:3c:40:3c:20:
7a:85:11:54:9c:4d:7e:48:dc:6a:bc:d3:d8:f8:08:
a3:c0:6c:e3:ae:5e:40:af:1b:57:bc:40:78:66:0d:
06:b5:f6:87:c6:26:50:9d:8c:3b:22:9b:28:a6:6f:
14:77:50:78:eb:48:b6:d4:c1:e7:af:d8:07:41:4a:
0b:d1:71:b4:f8:04:7d:49:e2:7a:23:b6:ea:87:df:
2f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:12:DD:FC:68:64:63:7B:DA:90:47:AE:14:7B:E8:32:61:60:B8:10
X509v3 Authority Key Identifier:
keyid:DB:18:64:22:27:9D:9D:8B:4E:68:E6:9B:12:96:E5:32:D4:DA:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/ABLd_GhkY3vakEeuFHvoMmFguBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.224.0/22
193.105.103.0/24
IPv6:
2a03:a660::/32
Signature Algorithm: sha256WithRSAEncryption
35:f3:21:21:b8:5c:0f:0f:15:d6:73:ae:f1:d8:ea:b5:88:4d:
b6:f8:94:db:98:42:98:35:02:6e:02:af:21:d6:e7:0a:a5:d7:
8a:55:18:f7:22:d1:ea:94:be:de:79:a1:86:cf:a0:23:a7:2c:
c3:d5:2a:c3:38:e1:05:a2:3e:47:77:f6:05:d8:a7:1d:d3:6a:
1a:b3:7f:88:db:eb:61:cf:92:9e:ab:f3:58:0d:47:82:7d:b0:
b2:a4:53:b7:30:bd:1e:15:8d:c8:bb:07:81:c6:de:a5:7c:68:
19:27:76:a0:ac:c3:bf:01:3b:6e:3c:ed:f7:6e:3d:f9:3c:ad:
25:bc:f6:9a:fb:eb:2e:f1:86:27:a6:50:67:61:8d:ec:eb:a2:
66:89:94:90:da:2b:5f:b1:ed:65:38:f1:b8:d8:fa:99:23:7f:
3d:50:f3:51:07:96:af:e2:d3:50:f4:31:52:91:a3:d1:df:eb:
2e:5c:e6:e9:a3:29:8a:e6:50:9b:da:2e:e5:d2:de:8d:25:4a:
85:b0:de:54:1a:5b:57:f4:f8:53:b5:c0:e6:25:20:4c:35:87:
19:45:5b:ff:56:9a:77:96:56:eb:af:c4:26:bc:5f:ce:f2:6b:
b2:75:51:47:1b:e0:23:70:63:90:42:ea:0f:a5:4c:10:64:25:
77:22:1d:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTh/YWUYI/aIfMw7avhLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTg2NDIyMjc5ZDlkOGI0ZTY4ZTY5YjEyOTZlNTMyZDRk
YTBjM2YwHhcNMjQwMTAyMDgzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDEyZGRmYzY4NjQ2MzdiZGE5MDQ3YWUxNDdiZTgzMjYxNjBiODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoos0L5GbTOLJK7xPEuqykmK43w02
eHz1uXBqBpca1JpVLmlwrvEVKFlUPBCKvcWF8YqThHUc/MaRfRC4fNJTGoLMofYJ
fI2OWT2BiOtN2y6/79xZRlOOwVa+G2ABjuT7C/TZbwAOXYVtCsXXHp5AHpn3uVla
UJdB04+x6dWQG8PuWip6wHtHfRNL8oVoJeKF6Pyleolzdj4sdGnXWV2MW3Cf8gNM
ciHG3GejEGz2NjxAPCB6hRFUnE1+SNxqvNPY+AijwGzjrl5ArxtXvEB4Zg0GtfaH
xiZQnYw7Ipsopm8Ud1B460i21MHnr9gHQUoL0XG0+AR9SeJ6I7bqh98v1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAAS3fxoZGN72pBHrhR76DJhYLgQMB8GA1UdIwQY
MBaAFNsYZCInnZ2LTmjmmxKW5TLU2gw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhoa0lpZWRuWXRPYU9hYkVwYmxNdFRhREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wYzAxYzUtMTU3ZC00MGE3LThmY2Mt
NWM3NzIzNDYwMjIzLzEvQUJMZF9HaGtZM3Zha0VldUZIdm9NbUZndUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8wYzAxYzUtMTU3ZC00MGE3LThmY2MtNWM3NzIzNDYwMjIz
LzEvMnhoa0lpZWRuWXRPYU9hYkVwYmxNdFRhREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYTgAwQA
wWlnMA0EAgACMAcDBQAqA6ZgMA0GCSqGSIb3DQEBCwUAA4IBAQA18yEhuFwPDxXW
c67x2Oq1iE22+JTbmEKYNQJuAq8h1ucKpdeKVRj3ItHqlL7eeaGGz6AjpyzD1SrD
OOEFoj5Hd/YF2Kcd02oas3+I2+thz5Keq/NYDUeCfbCypFO3ML0eFY3IuweBxt6l
fGgZJ3agrMO/ATtuPO33bj35PK0lvPaa++su8YYnplBnYY3s66JmiZSQ2itfse1l
OPG42PqZI389UPNRB5av4tNQ9DFSkaPR3+suXObpoymK5lCb2i7l0t6NJUqFsN5U
GltX9PhTtcDmJSBMNYcZRVv/Vpp3llbrr8QmvF/O8muydVFHG+AjcGOQQuoPpUwQ
ZCV3Ih3+
-----END CERTIFICATE-----
Generated at Sat May 18 15:43:03 2024 by rpki-client on console-fra.rpki-client.org