Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/trnquIeGzcsfUn-ICQYKFCSwTXU.roa
File: trnquIeGzcsfUn-ICQYKFCSwTXU.roa (raw, json)
Hash identifier: CEyHyDW+VNifYLkT7DvsOiT1GMhHaNzGkMztPVekgpc=
Subject key identifier: B6:B9:EA:B8:87:86:CD:CB:1F:52:7F:88:09:06:0A:14:24:B0:4D:75
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 0194258F196BC68477A6FE16A38141182E20
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/trnquIeGzcsfUn-ICQYKFCSwTXU.roa
Signing time: Thu 02 Jan 2025 05:48:42 +0000
ROA not before: Thu 02 Jan 2025 05:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24614
IP address blocks: 193.140.252.0/23 maxlen: 23
193.255.252.0/22 maxlen: 22
194.27.188.0/22 maxlen: 22
194.27.196.0/22 maxlen: 22
194.27.238.0/23 maxlen: 23
194.27.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:19:6b:c6:84:77:a6:fe:16:a3:81:41:18:2e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 2 05:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6b9eab88786cdcb1f527f8809060a1424b04d75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c6:00:31:9b:ef:62:e0:aa:0d:e6:88:21:59:
3e:09:8b:13:fb:a6:83:cf:8a:8a:96:9c:3f:51:c3:
b3:5c:2a:da:78:b0:6a:43:17:96:c9:e5:3f:5c:b4:
dc:7b:3c:3f:30:6d:61:96:12:6a:6e:0d:58:ed:73:
61:cc:e9:54:58:ae:bd:f5:4f:76:87:5c:d8:2d:72:
f8:70:23:c8:2a:63:7d:5a:36:fc:6b:40:d9:04:35:
d9:b1:84:07:74:5f:53:54:ef:ff:5e:d8:04:2d:9e:
8d:f4:d3:24:42:cc:33:e8:c2:47:e7:39:a0:d4:c1:
68:63:7a:72:09:da:86:82:98:ef:e1:83:3d:f7:89:
9a:34:a3:39:92:94:55:a1:66:e3:e5:5d:11:b2:46:
97:ef:ce:4d:96:04:d4:da:b9:1d:9f:3f:c4:b8:bc:
33:e2:57:55:cb:90:fb:6e:6d:59:64:94:4b:47:13:
81:81:0f:ef:88:2a:5d:0a:80:69:ff:4f:2b:2c:a8:
76:8c:6f:45:e6:19:94:4a:c9:26:4a:c5:c7:53:a8:
73:f3:00:1c:71:87:04:2e:6f:55:88:42:59:36:77:
61:26:31:0f:b8:1e:18:e1:fd:42:61:fb:bf:4c:54:
a5:60:b6:08:e6:cd:c3:5a:09:c9:bf:2c:57:1c:05:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B9:EA:B8:87:86:CD:CB:1F:52:7F:88:09:06:0A:14:24:B0:4D:75
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/trnquIeGzcsfUn-ICQYKFCSwTXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.252.0/23
193.255.252.0/22
194.27.188.0/22
194.27.196.0/22
194.27.238.0-194.27.255.255
Signature Algorithm: sha256WithRSAEncryption
4e:e9:d8:14:c9:38:dd:54:53:ba:6d:62:e5:ca:48:8e:e7:47:
63:4b:e4:23:f2:60:61:d0:84:ab:a9:ed:2b:da:5c:f5:36:f7:
4b:d4:a9:9f:f5:41:27:d0:d2:56:80:fb:a1:42:3b:2f:2f:47:
f4:0c:6a:41:df:25:81:4f:8c:43:0f:e5:f3:8e:af:a0:54:e2:
dc:16:a5:bc:ab:75:7e:8a:95:02:05:af:89:9b:24:89:79:03:
d2:0e:84:43:a2:62:cd:92:74:31:9e:70:70:23:59:8d:54:74:
62:50:04:5f:2f:99:a9:e6:83:68:de:31:b1:38:6d:0a:74:37:
4e:82:cc:9b:86:18:e8:23:0f:b9:3a:2e:5a:0a:bf:11:20:53:
eb:fb:7a:56:5b:89:fc:0d:84:df:55:c3:19:c8:33:5e:1c:41:
53:4f:b8:20:df:a3:75:ff:92:4d:d4:0d:34:31:73:cd:a2:13:
23:a5:45:a2:ab:4d:ee:12:9b:34:c7:6a:c1:2a:09:d2:01:e8:
c2:4a:5b:e4:a4:b4:96:46:2e:b4:b3:0d:cf:77:5b:1d:de:52:
4f:ec:11:f6:5e:eb:c7:ab:9f:93:2b:4d:3f:d3:44:42:b9:34:
a0:bc:3d:96:f0:4f:31:37:ae:4f:f3:e1:57:2a:cf:8d:28:01:
be:62:87:7a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQljxlrxoR3pv4Wo4FBGC4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjUwMTAyMDU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI5ZWFiODg3ODZjZGNiMWY1MjdmODgwOTA2MGExNDI0YjA0ZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsYAMZvvYuCqDeaIIVk+CYsT+6aD
z4qKlpw/UcOzXCraeLBqQxeWyeU/XLTcezw/MG1hlhJqbg1Y7XNhzOlUWK699U92
h1zYLXL4cCPIKmN9Wjb8a0DZBDXZsYQHdF9TVO//XtgELZ6N9NMkQswz6MJH5zmg
1MFoY3pyCdqGgpjv4YM994maNKM5kpRVoWbj5V0RskaX785NlgTU2rkdnz/EuLwz
4ldVy5D7bm1ZZJRLRxOBgQ/viCpdCoBp/08rLKh2jG9F5hmUSskmSsXHU6hz8wAc
cYcELm9ViEJZNndhJjEPuB4Y4f1CYfu/TFSlYLYI5s3DWgnJvyxXHAXGmwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLa56riHhs3LH1J/iAkGChQksE11MB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvdHJucXVJZUd6Y3NmVW4tSUNRWUtGQ1N3VFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQBwYz8AwQC
wf/8AwQCwhu8AwQCwhvEMAsDBAHCG+4DAwLCGDANBgkqhkiG9w0BAQsFAAOCAQEA
TunYFMk43VRTum1i5cpIjudHY0vkI/JgYdCEq6ntK9pc9Tb3S9Spn/VBJ9DSVoD7
oUI7Ly9H9AxqQd8lgU+MQw/l846voFTi3BalvKt1foqVAgWviZskiXkD0g6EQ6Ji
zZJ0MZ5wcCNZjVR0YlAEXy+ZqeaDaN4xsThtCnQ3ToLMm4YY6CMPuTouWgq/ESBT
6/t6VluJ/A2E31XDGcgzXhxBU0+4IN+jdf+STdQNNDFzzaITI6VFoqtN7hKbNMdq
wSoJ0gHowkpb5KS0lkYutLMNz3dbHd5ST+wR9l7rx6ufkytNP9NEQrk0oLw9lvBP
MTeuT/PhVyrPjSgBvmKHeg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:11:24 2025 by rpki-client