Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Otz-lRLGypvf7TIwVms5jHBwxYQ.roa
File: Otz-lRLGypvf7TIwVms5jHBwxYQ.roa (raw, json)
Hash identifier: DTvEpHl+5nUpwx5mYYuodxVy4t8FUL7YR0GMpNyL6AA=
Subject key identifier: 3A:DC:FE:95:12:C6:CA:9B:DF:ED:32:30:56:6B:39:8C:70:70:C5:84
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 019E781B2B0F4E1636459E74F17968F2ED8E
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Otz-lRLGypvf7TIwVms5jHBwxYQ.roa
Signing time: Sat 30 May 2026 08:58:26 +0000
ROA not before: Sat 30 May 2026 08:58:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64289
IP address blocks: 194.110.60.0/24 maxlen: 24
2a14:3f80::/45 maxlen: 45
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:188::/45 maxlen: 45
2a14:3f80:3d1::/48 maxlen: 48
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:1ed0::/45 maxlen: 45
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:2b40::/42 maxlen: 42
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:6920::/44 maxlen: 44
2a14:3f87:6ba0::/44 maxlen: 44
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:c800::/38 maxlen: 38
2a14:3f87:e000::/38 maxlen: 38
2a14:3f87:f000::/38 maxlen: 38
2a14:3f87:f001::/48 maxlen: 48
2a14:3f87:f002::/48 maxlen: 48
2a14:3f87:fc00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:78:1b:2b:0f:4e:16:36:45:9e:74:f1:79:68:f2:ed:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: May 30 08:58:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3adcfe9512c6ca9bdfed3230566b398c7070c584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:47:16:01:55:fa:66:d0:e1:83:83:86:05:c6:
45:ad:b8:80:82:b2:09:47:23:80:4b:23:d2:13:82:
6d:d1:69:a6:a2:16:b0:e2:74:33:dd:e6:85:8e:de:
b0:de:0c:f0:09:7c:55:f4:1f:0d:d2:dc:bb:7b:93:
1a:86:22:68:e7:18:9a:79:44:b2:fe:d2:56:ae:6f:
8d:b4:c1:a6:90:78:e8:7a:88:8b:50:fd:ac:e2:64:
73:d5:9d:8d:1d:32:d8:6c:18:81:36:55:ee:67:ef:
d1:5e:39:7e:d6:44:04:ee:43:77:c2:13:f1:39:3d:
0f:cf:78:7b:d4:91:6b:2f:18:dc:27:7c:37:63:68:
48:31:fd:06:fd:ff:49:18:9b:40:a8:a2:3a:b9:92:
7f:1c:1a:1d:dc:0a:1d:5c:10:de:d8:4c:cd:a4:ce:
e9:bb:c5:d8:e3:32:4f:b8:a8:45:a1:9b:1f:99:24:
e0:7c:d8:91:4e:63:91:c7:66:46:73:eb:35:b8:05:
b9:c7:ba:ae:bb:5d:63:32:fa:df:9c:89:d9:71:15:
34:3c:dc:fc:63:1d:9f:1e:2d:e3:c5:25:0d:5f:79:
a4:3d:79:14:62:85:b2:cc:de:49:94:fe:21:cf:f0:
4c:09:3d:e7:ee:19:94:3d:f2:07:ae:6f:1f:f1:7f:
bf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DC:FE:95:12:C6:CA:9B:DF:ED:32:30:56:6B:39:8C:70:70:C5:84
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Otz-lRLGypvf7TIwVms5jHBwxYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.60.0/24
IPv6:
2a14:3f80::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:188::/45
2a14:3f80:3d1::/48
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:1ed0::/45
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:c800::/38
2a14:3f87:e000::/38
2a14:3f87:f000::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
45:af:e0:30:bf:07:83:38:2c:56:25:f4:b5:54:25:7b:29:da:
ee:c9:74:0a:21:89:b9:72:87:86:f7:8f:a1:01:ec:aa:f4:93:
3c:b9:1c:b9:74:71:fb:6a:a7:06:9a:e7:c0:03:7c:3a:8e:05:
db:ba:3b:a3:4b:51:2d:07:69:93:28:9d:37:b7:03:4f:1b:24:
7f:11:29:33:fb:bd:cb:cd:3e:03:7d:5f:61:bd:01:c8:2a:eb:
3f:25:f1:a9:4d:90:57:be:05:03:da:42:d8:43:d0:ec:5a:94:
8b:b7:50:de:36:ed:ab:a9:42:c8:5f:fe:2e:11:af:45:f3:9a:
a5:a8:86:3a:25:65:f2:f6:0a:28:23:47:d5:0b:3f:82:f8:43:
82:2a:b0:22:e8:5d:67:80:51:d8:40:e9:b6:e4:4a:73:78:e3:
ab:f7:33:6f:10:77:10:d0:e6:52:e2:90:7d:12:95:29:f9:f7:
5f:eb:30:e6:d3:88:0f:3a:9d:c1:c8:65:ef:b2:f8:77:e2:2a:
80:3b:15:d8:db:da:03:27:e5:e2:ee:7a:24:99:c8:f6:f6:95:
53:ac:d5:3c:eb:54:02:9e:1f:60:53:c5:6e:a3:35:4d:49:f4:
8e:a8:cf:df:31:e5:f3:2c:3b:36:77:78:aa:bb:b3:f9:ca:35:
1f:48:96:36
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAZ54GysPThY2RZ508Xlo8u2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjYwNTMwMDg1ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRjZmU5NTEyYzZjYTliZGZlZDMyMzA1NjZiMzk4YzcwNzBjNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUcWAVX6ZtDhg4OGBcZFrbiAgrIJ
RyOASyPSE4Jt0Wmmohaw4nQz3eaFjt6w3gzwCXxV9B8N0ty7e5MahiJo5xiaeUSy
/tJWrm+NtMGmkHjoeoiLUP2s4mRz1Z2NHTLYbBiBNlXuZ+/RXjl+1kQE7kN3whPx
OT0Pz3h71JFrLxjcJ3w3Y2hIMf0G/f9JGJtAqKI6uZJ/HBod3AodXBDe2EzNpM7p
u8XY4zJPuKhFoZsfmSTgfNiRTmORx2ZGc+s1uAW5x7quu11jMvrfnInZcRU0PNz8
Yx2fHi3jxSUNX3mkPXkUYoWyzN5JlP4hz/BMCT3n7hmUPfIHrm8f8X+/JwIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFDrc/pUSxsqb3+0yMFZrOYxwcMWEMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvT3R6LWxSTEd5cHZmN1RJd1ZtczVqSEJ3eFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPgYIKwYBBQUHAQcBAf8EggEtMIIBKTAMBAIAATAGAwQA
wm48MIIBFwQCAAIwggEPMBADBQcqFD+AAwcEKhQ/gAAgAwcDKhQ/gABgAwcEKhQ/
gACAAwcEKhQ/gAEAAwcDKhQ/gAGIAwcAKhQ/gAPRMBADBgMqFD+ACAMGAioUP4AY
AwcDKhQ/gB7QMBADBgUqFD+AIAMGAioUP4AoMBADBgQqFD+AMAMGAyoUP4BAAwYC
KhQ/gFADBgIqFD+AYAMGAioUP4BwAwYCKhQ/gIgDBwMqFD+ArzgDBgIqFD+BWAMG
AioUP4JAAwYCKhQ/gmADBgIqFD+CcAMGAioUP4KIAwYCKhQ/hygDBgIqFD+HSAMG
AioUP4doAwYCKhQ/h5gDBgIqFD+HyAMGAioUP4fgAwYCKhQ/h/ADBgIqFD+H/DAN
BgkqhkiG9w0BAQsFAAOCAQEARa/gML8HgzgsViX0tVQleyna7sl0CiGJuXKHhveP
oQHsqvSTPLkcuXRx+2qnBprnwAN8Oo4F27o7o0tRLQdpkyidN7cDTxskfxEpM/u9
y80+A31fYb0ByCrrPyXxqU2QV74FA9pC2EPQ7FqUi7dQ3jbtq6lCyF/+LhGvRfOa
paiGOiVl8vYKKCNH1Qs/gvhDgiqwIuhdZ4BR2EDptuRKc3jjq/czbxB3ENDmUuKQ
fRKVKfn3X+sw5tOIDzqdwchl77L4d+IqgDsV2NvaAyfl4u56JJnI9vaVU6zVPOtU
Ap4fYFPFbqM1TUn0jqjP3zHl8yw7Nnd4qruz+co1H0iWNg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:08:37 2026 by rpki-client