Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/tr_kn-RsLq_sHu2wu7WyzLHvQQ0.roa
File: tr_kn-RsLq_sHu2wu7WyzLHvQQ0.roa (raw, json)
Hash identifier: 1KkIBurM71+ob05FGtoPx8dvWK4HZ/gKoBSZLGvtOTE=
Subject key identifier: B6:BF:E4:9F:E4:6C:2E:AF:EC:1E:ED:B0:BB:B5:B2:CC:B1:EF:41:0D
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 01961BBF1DF773A957341D6E9C6271B61F33
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/tr_kn-RsLq_sHu2wu7WyzLHvQQ0.roa
Signing time: Wed 09 Apr 2025 18:10:31 +0000
ROA not before: Wed 09 Apr 2025 18:10:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 80.64.17.0/24 maxlen: 24
80.242.56.0/24 maxlen: 24
80.242.58.0/24 maxlen: 24
194.32.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 13:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:bf:1d:f7:73:a9:57:34:1d:6e:9c:62:71:b6:1f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Apr 9 18:10:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6bfe49fe46c2eafec1eedb0bbb5b2ccb1ef410d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b8:7f:46:3a:48:3a:66:01:33:1c:61:e4:6a:
4f:b0:47:5b:5e:f1:d5:1f:21:46:38:d8:a2:96:fa:
77:ed:18:10:60:ae:0a:a8:a1:ba:44:89:bd:ad:00:
29:b4:cd:64:dd:e8:5d:af:39:bf:6e:3e:24:43:df:
3b:da:ad:cf:18:a1:cb:db:11:c2:40:5c:1c:a0:b8:
a4:de:b3:d6:51:68:19:48:81:04:01:fd:5c:20:97:
4a:e1:67:f4:1b:6f:38:4a:65:4d:da:37:ec:0e:47:
c5:34:2b:be:6b:86:5e:b8:9d:52:ea:34:0b:05:da:
88:3a:4e:32:3c:7a:36:1b:11:bc:6a:60:41:c6:45:
57:f6:3a:bb:ed:82:63:cb:80:e1:10:84:d1:6f:42:
c5:8b:73:f8:7e:33:61:4b:36:5d:93:e6:d5:7b:e6:
06:ab:60:27:8b:96:1e:a1:16:2d:1b:67:5d:9f:2a:
6e:80:ac:55:13:b4:8b:0e:de:4d:07:c1:31:5f:2f:
23:16:dc:8c:32:5a:40:b8:83:35:b5:54:f4:9d:f9:
26:36:85:eb:85:72:d8:ea:69:c3:99:c8:8e:13:48:
5f:77:9e:54:8c:e8:78:32:2c:f9:81:c2:c4:ff:c6:
2e:4c:ef:0c:ff:bb:ef:ec:0a:4e:79:51:88:17:2e:
c4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BF:E4:9F:E4:6C:2E:AF:EC:1E:ED:B0:BB:B5:B2:CC:B1:EF:41:0D
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/tr_kn-RsLq_sHu2wu7WyzLHvQQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.17.0/24
80.242.56.0/24
80.242.58.0/24
194.32.98.0/24
Signature Algorithm: sha256WithRSAEncryption
19:b3:2f:c2:f5:8f:04:38:a8:8a:fe:58:ba:37:18:44:98:56:
c0:f7:d2:d7:3d:05:47:a8:ef:04:0c:82:20:95:7d:9e:c7:3d:
f9:2e:90:06:a1:aa:d6:14:81:26:f8:45:9a:76:24:8a:63:d1:
a5:ed:03:fc:c5:da:a3:4c:ee:fb:3c:94:65:e9:3d:a7:e4:b8:
0b:95:d4:7d:d4:21:1a:9b:71:23:82:9e:44:0f:2a:56:e6:6b:
e8:e8:2f:47:ba:b8:21:38:5c:5c:a7:d6:fe:44:80:ad:e9:59:
5e:a9:00:c0:53:44:6e:bf:21:47:62:82:c9:1c:74:02:73:2b:
13:cc:e8:43:d4:67:5a:f9:31:d8:fc:11:de:ec:ea:21:f5:64:
2d:9c:b2:49:93:06:e6:82:4f:85:43:3c:2a:78:be:e2:d1:4f:
dc:ef:de:67:a2:23:94:af:7c:a6:93:10:2e:1a:42:a9:50:fa:
4b:b9:ae:ee:e3:04:85:b1:6a:db:34:77:ff:1a:e7:99:17:ea:
17:c1:b3:4f:72:db:4d:1a:90:95:1e:2d:3f:e1:e5:a7:9c:a2:
e9:e8:68:94:49:e7:e5:c3:a1:86:62:5a:ae:9f:f2:df:05:eb:
9a:d6:64:65:61:b2:89:32:42:79:e4:55:85:6f:58:93:3e:df:
3f:53:55:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZYbvx33c6lXNB1unGJxth8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwNDA5MTgxMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmJmZTQ5ZmU0NmMyZWFmZWMxZWVkYjBiYmI1YjJjY2IxZWY0MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rh/RjpIOmYBMxxh5GpPsEdbXvHV
HyFGONiilvp37RgQYK4KqKG6RIm9rQAptM1k3ehdrzm/bj4kQ9872q3PGKHL2xHC
QFwcoLik3rPWUWgZSIEEAf1cIJdK4Wf0G284SmVN2jfsDkfFNCu+a4ZeuJ1S6jQL
BdqIOk4yPHo2GxG8amBBxkVX9jq77YJjy4DhEITRb0LFi3P4fjNhSzZdk+bVe+YG
q2Ani5YeoRYtG2ddnypugKxVE7SLDt5NB8ExXy8jFtyMMlpAuIM1tVT0nfkmNoXr
hXLY6mnDmciOE0hfd55UjOh4Miz5gcLE/8YuTO8M/7vv7ApOeVGIFy7ESQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLa/5J/kbC6v7B7tsLu1ssyx70ENMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvdHJfa24tUnNMcV9zSHUyd3U3V3l6TEh2UVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEARAwQA
UPI4AwQAUPI6AwQAwiBiMA0GCSqGSIb3DQEBCwUAA4IBAQAZsy/C9Y8EOKiK/li6
NxhEmFbA99LXPQVHqO8EDIIglX2exz35LpAGoarWFIEm+EWadiSKY9Gl7QP8xdqj
TO77PJRl6T2n5LgLldR91CEam3Ejgp5EDypW5mvo6C9HurghOFxcp9b+RICt6Vle
qQDAU0RuvyFHYoLJHHQCcysTzOhD1Gda+THY/BHe7Ooh9WQtnLJJkwbmgk+FQzwq
eL7i0U/c795noiOUr3ymkxAuGkKpUPpLua7u4wSFsWrbNHf/GueZF+oXwbNPcttN
GpCVHi0/4eWnnKLp6GiUSeflw6GGYlqun/LfBeua1mRlYbKJMkJ55FWFb1iTPt8/
U1V4
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:02:17 2025 by rpki-client