Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/TrlRH64mTqxgPbbyg2lJDlsMeB0.roa
File: TrlRH64mTqxgPbbyg2lJDlsMeB0.roa (raw, json)
Hash identifier: Ar7RtZkoApHXI4MhYkDHCkz8Varr+3EYOSwaeqk+kiE=
Subject key identifier: 4E:B9:51:1F:AE:26:4E:AC:60:3D:B6:F2:83:69:49:0E:5B:0C:78:1D
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019759B6ED68B2A6712118EA4232877F82A8
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/TrlRH64mTqxgPbbyg2lJDlsMeB0.roa
Signing time: Tue 10 Jun 2025 12:00:49 +0000
ROA not before: Tue 10 Jun 2025 12:00:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51583
IP address blocks: 91.219.88.0/24 maxlen: 24
91.219.89.0/24 maxlen: 24
91.219.90.0/24 maxlen: 24
91.219.91.0/24 maxlen: 24
91.228.246.0/24 maxlen: 24
91.228.247.0/24 maxlen: 24
185.32.120.0/24 maxlen: 24
185.32.121.0/24 maxlen: 24
185.32.122.0/24 maxlen: 24
185.32.123.0/24 maxlen: 24
193.104.224.0/24 maxlen: 24
193.104.225.0/24 maxlen: 24
193.104.226.0/24 maxlen: 24
193.104.227.0/24 maxlen: 24
193.242.202.0/24 maxlen: 24
193.242.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 13:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:b6:ed:68:b2:a6:71:21:18:ea:42:32:87:7f:82:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Jun 10 12:00:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eb9511fae264eac603db6f28369490e5b0c781d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:d7:d7:cb:d7:e2:20:f1:df:7c:a1:24:09:
23:15:69:a1:33:9f:6a:22:2b:dc:e2:a3:6a:6b:3f:
84:43:fa:57:20:af:08:6f:ed:0e:0a:33:60:e4:ce:
9c:b1:d3:8f:8b:b1:a9:c2:fc:fb:3d:45:d2:24:e3:
3a:0b:a3:b7:eb:dd:f3:0c:f3:db:1a:f1:38:25:73:
2b:68:69:a0:c5:6c:74:b1:b6:f5:8f:aa:fa:33:e4:
85:3e:fb:4c:71:dc:08:97:5e:82:5b:ed:c0:f5:54:
26:18:76:9b:fd:41:f0:f6:98:dc:15:95:e0:31:17:
59:2f:60:ce:3b:cd:15:8f:34:64:d0:e7:fc:34:62:
2a:31:f5:ee:62:14:fc:b6:df:48:8c:6a:65:5e:95:
5e:dd:99:19:c9:05:45:d5:f5:f0:65:6e:cd:3c:2f:
14:f2:3f:a7:65:d2:79:f4:26:0b:cd:59:a2:81:ed:
73:1e:7c:ff:8f:31:78:19:b5:7a:18:f8:4f:e8:9d:
77:31:57:8e:92:51:be:81:ef:df:c2:d9:a0:4a:ff:
ce:ab:81:e1:48:f0:4d:b3:dc:f0:21:c1:f6:08:26:
43:5d:61:2e:b6:d3:95:c8:94:1a:60:ea:7c:d4:45:
47:0b:59:68:31:c3:c7:fb:09:d1:67:60:32:51:22:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B9:51:1F:AE:26:4E:AC:60:3D:B6:F2:83:69:49:0E:5B:0C:78:1D
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/TrlRH64mTqxgPbbyg2lJDlsMeB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.88.0/22
91.228.246.0/23
185.32.120.0/22
193.104.224.0/22
193.242.202.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:3c:81:a9:9f:7f:0f:fe:41:5a:7a:d2:d5:e9:ab:08:32:4a:
9b:36:36:65:1c:22:e8:60:fc:b7:0c:88:14:78:7c:26:61:b9:
d9:25:2c:97:5b:e1:d5:5a:5f:1a:52:6b:8a:dc:d8:45:62:5e:
ec:95:f2:e3:de:de:dc:f6:97:c4:f8:e9:10:4c:db:55:e6:97:
ae:70:a0:c7:5f:fa:42:68:83:32:ad:cb:f8:a1:1a:bc:5c:9c:
9d:f7:ae:58:13:13:2b:d6:39:72:c0:eb:5b:2d:be:90:e6:ca:
39:1b:9c:c2:d9:c2:60:d7:15:d0:8f:4c:35:44:fa:08:e6:c1:
55:c2:40:04:f9:97:ac:84:b8:50:63:26:bc:a4:53:d1:77:cd:
00:73:55:b1:19:5c:49:28:20:fb:94:a3:a0:1f:fa:f1:10:16:
86:48:70:b1:a6:3f:01:69:cf:87:16:56:90:d8:23:f6:0c:8e:
c4:05:c2:23:a7:ee:ea:c5:15:76:e1:60:67:5f:5a:3f:94:a4:
9c:fb:5a:d1:73:7d:4b:d8:dd:0e:7a:9c:38:94:05:dc:55:68:
ed:36:dc:92:a6:36:38:3d:b7:11:73:fa:43:43:7c:51:59:a4:
c2:e1:c8:a0:31:4b:d6:91:10:bf:3a:d1:c9:93:46:90:0c:85:
1d:68:61:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdZtu1osqZxIRjqQjKHf4KoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwNjEwMTIwMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWI5NTExZmFlMjY0ZWFjNjAzZGI2ZjI4MzY5NDkwZTViMGM3ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDfX18vX4iDx33yhJAkjFWmhM59q
Iivc4qNqaz+EQ/pXIK8Ib+0OCjNg5M6csdOPi7Gpwvz7PUXSJOM6C6O3693zDPPb
GvE4JXMraGmgxWx0sbb1j6r6M+SFPvtMcdwIl16CW+3A9VQmGHab/UHw9pjcFZXg
MRdZL2DOO80VjzRk0Of8NGIqMfXuYhT8tt9IjGplXpVe3ZkZyQVF1fXwZW7NPC8U
8j+nZdJ59CYLzVmige1zHnz/jzF4GbV6GPhP6J13MVeOklG+ge/fwtmgSv/Oq4Hh
SPBNs9zwIcH2CCZDXWEuttOVyJQaYOp81EVHC1loMcPH+wnRZ2AyUSKLKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE65UR+uJk6sYD228oNpSQ5bDHgdMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEvVHJsUkg2NG1UcXhnUGJieWcybEpEbHNNZUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW9tYAwQB
W+T2AwQCuSB4AwQCwWjgAwQBwfLKMA0GCSqGSIb3DQEBCwUAA4IBAQC9PIGpn38P
/kFaetLV6asIMkqbNjZlHCLoYPy3DIgUeHwmYbnZJSyXW+HVWl8aUmuK3NhFYl7s
lfLj3t7c9pfE+OkQTNtV5peucKDHX/pCaIMyrcv4oRq8XJyd965YExMr1jlywOtb
Lb6Q5so5G5zC2cJg1xXQj0w1RPoI5sFVwkAE+ZeshLhQYya8pFPRd80Ac1WxGVxJ
KCD7lKOgH/rxEBaGSHCxpj8Bac+HFlaQ2CP2DI7EBcIjp+7qxRV24WBnX1o/lKSc
+1rRc31L2N0Oepw4lAXcVWjtNtySpjY4PbcRc/pDQ3xRWaTC4cigMUvWkRC/OtHJ
k0aQDIUdaGEt
-----END CERTIFICATE-----
Generated at Tue Jun 17 22:04:53 2025 by rpki-client