Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/trnbESznlOsXSmOq-zTLOlE0nzc.roa
File: trnbESznlOsXSmOq-zTLOlE0nzc.roa (raw, json)
Hash identifier: fOmXOdcOD5V/jRJlsSdgNbz1rZ873FVRanr34sBtxks=
Subject key identifier: B6:B9:DB:11:2C:E7:94:EB:17:4A:63:AA:FB:34:CB:3A:51:34:9F:37
Certificate issuer: /CN=b1241f129dbfc4a1651fecdba03108fcd2cc1df2
Certificate serial: 0194221F63AEE386264149F71B2677AE689A
Authority key identifier: B1:24:1F:12:9D:BF:C4:A1:65:1F:EC:DB:A0:31:08:FC:D2:CC:1D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/trnbESznlOsXSmOq-zTLOlE0nzc.roa
Signing time: Wed 01 Jan 2025 13:47:50 +0000
ROA not before: Wed 01 Jan 2025 13:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42742
IP address blocks: 91.189.232.0/21 maxlen: 21
92.118.140.0/22 maxlen: 22
194.79.4.0/22 maxlen: 22
195.211.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:63:ae:e3:86:26:41:49:f7:1b:26:77:ae:68:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1241f129dbfc4a1651fecdba03108fcd2cc1df2
Validity
Not Before: Jan 1 13:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6b9db112ce794eb174a63aafb34cb3a51349f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:38:c3:c6:8d:6a:3d:f4:0c:30:06:14:18:
55:e4:9d:e4:55:71:1c:f0:7e:b4:46:86:4e:6b:55:
6a:56:ba:c8:94:17:6d:51:46:7c:7a:a8:ae:a9:bc:
f7:c4:45:5b:bd:e4:a5:cf:b5:7f:cc:69:11:90:6e:
4b:e4:23:40:b2:eb:c2:eb:1b:23:74:e1:dc:82:1f:
3d:6b:de:46:03:0e:1b:62:9a:76:83:e0:8b:66:3e:
17:2a:94:18:d0:3a:7b:81:4c:57:fa:94:e1:28:50:
59:28:a1:23:45:5d:db:cd:0b:02:60:9d:f4:72:08:
51:7d:e4:1d:64:4c:5b:d4:46:7e:07:61:52:93:50:
f4:ee:3a:2f:55:c4:b6:2c:d6:85:da:d7:76:84:11:
cc:88:7e:b3:41:45:d0:5f:d4:4c:e2:30:33:3f:d1:
b8:fa:42:b3:95:44:1d:fa:1c:89:15:1e:f2:b9:2d:
ff:1d:a3:ee:16:0a:35:d2:51:5e:a3:06:74:9b:b1:
5b:dc:5f:a2:5e:5a:24:2d:ae:3f:12:1a:51:ee:25:
2f:d2:6b:10:cb:e2:88:a8:5d:26:17:39:ac:f6:20:
10:c2:bf:a8:b3:68:3e:af:bb:29:89:db:df:ed:8f:
92:25:fc:dd:93:17:0d:55:1e:05:71:08:0a:08:ee:
42:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B9:DB:11:2C:E7:94:EB:17:4A:63:AA:FB:34:CB:3A:51:34:9F:37
X509v3 Authority Key Identifier:
keyid:B1:24:1F:12:9D:BF:C4:A1:65:1F:EC:DB:A0:31:08:FC:D2:CC:1D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/trnbESznlOsXSmOq-zTLOlE0nzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.232.0/21
92.118.140.0/22
194.79.4.0/22
195.211.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:1e:35:32:2a:b4:1a:4c:77:5d:5c:38:42:a8:fd:bd:b1:db:
81:8f:ae:72:7c:e8:e9:dd:9f:c6:12:89:2d:62:e3:d6:68:b9:
63:1b:99:ab:2d:c4:66:eb:e1:5f:81:92:b4:c4:81:b8:91:e3:
24:a3:c3:d2:27:f3:79:db:a3:11:23:65:97:90:79:91:04:10:
db:20:b7:65:d6:ba:3a:67:de:f4:59:9b:64:39:55:9d:e2:e3:
99:8b:8f:a3:97:56:75:05:58:6c:28:93:47:3a:59:3d:14:35:
fb:e9:30:6a:2c:ba:d6:2e:48:5a:95:47:50:00:92:92:05:c0:
d7:0a:3f:a4:ae:76:73:41:cd:60:2e:c9:db:7a:75:03:ea:d6:
31:f3:84:9a:44:af:b9:a9:14:75:86:72:28:d1:f6:aa:f4:30:
c4:cd:7c:98:8c:12:58:13:e0:b4:b3:6b:8b:92:3f:ec:6e:c2:
62:e4:f6:1d:dc:67:38:b8:63:b1:89:68:b3:8b:07:39:c7:8d:
25:a4:5f:92:48:7c:ee:f7:70:70:a6:63:b5:0c:68:f2:62:51:
a9:bc:12:d7:cf:4f:29:f5:68:87:b3:a8:b1:60:7c:6e:8c:84:
67:46:55:f0:28:45:b0:9e:b0:3a:4f:14:a0:b6:21:35:ad:a3:
16:11:9f:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH2Ou44YmQUn3GyZ3rmiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjQxZjEyOWRiZmM0YTE2NTFmZWNkYmEwMzEwOGZjZDJj
YzFkZjIwHhcNMjUwMTAxMTM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI5ZGIxMTJjZTc5NGViMTc0YTYzYWFmYjM0Y2IzYTUxMzQ5ZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjQ4w8aNaj30DDAGFBhV5J3kVXEc
8H60RoZOa1VqVrrIlBdtUUZ8eqiuqbz3xEVbveSlz7V/zGkRkG5L5CNAsuvC6xsj
dOHcgh89a95GAw4bYpp2g+CLZj4XKpQY0Dp7gUxX+pThKFBZKKEjRV3bzQsCYJ30
cghRfeQdZExb1EZ+B2FSk1D07jovVcS2LNaF2td2hBHMiH6zQUXQX9RM4jAzP9G4
+kKzlUQd+hyJFR7yuS3/HaPuFgo10lFeowZ0m7Fb3F+iXlokLa4/EhpR7iUv0msQ
y+KIqF0mFzms9iAQwr+os2g+r7spidvf7Y+SJfzdkxcNVR4FcQgKCO5CfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLa52xEs55TrF0pjqvs0yzpRNJ83MB8GA1UdIwQY
MBaAFLEkHxKdv8ShZR/s26AxCPzSzB3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NRZkVwMl94S0ZsSC16Ym9ERUlfTkxNSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iMWE3NWQtYjc5MS00MGI0LWJkYTct
ZTlkZGJlM2VmYmUzLzEvdHJuYkVTem5sT3NYU21PcS16VExPbEUwbnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iMWE3NWQtYjc5MS00MGI0LWJkYTctZTlkZGJlM2VmYmUz
LzEvc1NRZkVwMl94S0ZsSC16Ym9ERUlfTkxNSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW73oAwQC
XHaMAwQCwk8EAwQCw9NAMA0GCSqGSIb3DQEBCwUAA4IBAQBKHjUyKrQaTHddXDhC
qP29sduBj65yfOjp3Z/GEoktYuPWaLljG5mrLcRm6+FfgZK0xIG4keMko8PSJ/N5
26MRI2WXkHmRBBDbILdl1ro6Z970WZtkOVWd4uOZi4+jl1Z1BVhsKJNHOlk9FDX7
6TBqLLrWLkhalUdQAJKSBcDXCj+krnZzQc1gLsnbenUD6tYx84SaRK+5qRR1hnIo
0faq9DDEzXyYjBJYE+C0s2uLkj/sbsJi5PYd3Gc4uGOxiWiziwc5x40lpF+SSHzu
93BwpmO1DGjyYlGpvBLXz08p9WiHs6ixYHxujIRnRlXwKEWwnrA6TxSgtiE1raMW
EZ8C
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:45 2025 by rpki-client