Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/OTrg-ZEc2BLcvUJfh8jjFvLHsBc.roa
File: OTrg-ZEc2BLcvUJfh8jjFvLHsBc.roa (raw, json)
Hash identifier: LhGZ4Fn8zvdKFROkrhPv5B9fTX3FdgJSPFLUgkfRUhE=
Subject key identifier: 39:3A:E0:F9:91:1C:D8:12:DC:BD:42:5F:87:C8:E3:16:F2:C7:B0:17
Certificate issuer: /CN=556ed11bb6d5e2d6a6eaba19daf637b53f767ed5
Certificate serial: 019841153315EA51F3D11285B1C3E6FC3F3A
Authority key identifier: 55:6E:D1:1B:B6:D5:E2:D6:A6:EA:BA:19:DA:F6:37:B5:3F:76:7E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/OTrg-ZEc2BLcvUJfh8jjFvLHsBc.roa
Signing time: Fri 25 Jul 2025 10:16:05 +0000
ROA not before: Fri 25 Jul 2025 10:16:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47346
IP address blocks: 94.139.33.0/24 maxlen: 24
185.29.132.0/24 maxlen: 24
194.140.235.0/24 maxlen: 24
2a14:1380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.mft
rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 13:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:15:33:15:ea:51:f3:d1:12:85:b1:c3:e6:fc:3f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556ed11bb6d5e2d6a6eaba19daf637b53f767ed5
Validity
Not Before: Jul 25 10:16:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=393ae0f9911cd812dcbd425f87c8e316f2c7b017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c6:9a:ae:e9:c3:ec:f1:32:13:bd:7e:8c:a0:
c6:3d:36:fa:3e:e8:60:d0:4a:84:31:c9:43:94:96:
ce:b8:8e:03:c8:0b:76:2a:64:40:0f:99:69:3a:5c:
15:fb:ee:c3:bd:22:15:e2:df:e6:f6:55:bd:14:c4:
23:40:f1:a2:56:87:0c:9a:db:24:8e:bd:5f:9f:7a:
3f:81:4a:f8:29:55:c3:f7:8a:db:74:3c:38:77:58:
b2:d1:45:f1:dc:04:ef:38:65:50:80:af:4a:97:a6:
3e:7d:89:63:e2:7f:23:30:9d:46:df:33:2b:4d:ad:
78:b7:0c:93:c8:da:17:d6:e6:2f:b5:4c:ac:d0:e9:
90:d9:d8:bf:f5:81:e7:1f:dd:26:b3:09:88:d5:11:
af:e7:40:7b:0b:22:a9:3c:23:be:11:e2:c9:8d:c9:
42:ac:a9:f5:41:ec:97:37:7b:1c:86:0d:b6:ec:c4:
5d:91:6e:aa:a4:09:f9:7d:26:53:a6:89:8b:77:3a:
8e:b6:cb:d1:d3:ed:07:47:60:8f:25:f2:b2:c6:7e:
c4:3e:0a:4b:18:38:8b:38:c4:a0:4f:5c:c2:2f:16:
59:2c:ee:a8:62:b1:a3:2b:1c:21:f8:ec:54:0f:a9:
39:84:d5:3b:b1:10:61:99:31:5f:da:4d:ba:6a:97:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3A:E0:F9:91:1C:D8:12:DC:BD:42:5F:87:C8:E3:16:F2:C7:B0:17
X509v3 Authority Key Identifier:
keyid:55:6E:D1:1B:B6:D5:E2:D6:A6:EA:BA:19:DA:F6:37:B5:3F:76:7E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/OTrg-ZEc2BLcvUJfh8jjFvLHsBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.33.0/24
185.29.132.0/24
194.140.235.0/24
IPv6:
2a14:1380::/32
Signature Algorithm: sha256WithRSAEncryption
95:2f:54:04:75:40:a5:84:55:c5:90:a7:a0:df:89:1f:14:06:
70:80:df:01:7a:0a:1b:5b:c0:31:00:4d:98:a8:36:e4:6e:68:
86:b4:f2:f6:b6:51:fb:f0:a5:5b:13:f7:d3:8b:0b:01:49:a6:
50:ca:0f:b7:ff:4e:d3:68:d6:68:4f:48:58:eb:45:11:28:da:
e6:78:c7:9a:99:82:68:17:c4:75:d4:dd:33:2e:b3:2c:6c:fb:
93:05:9e:c3:21:69:55:0b:31:4a:2c:c0:93:7c:3f:95:15:29:
66:72:c0:9b:87:28:9e:fb:5d:37:6e:2b:fb:ec:85:72:b0:58:
08:f4:9d:52:b2:94:d0:fd:bb:05:ee:ff:c0:15:2a:4e:27:db:
02:17:ae:4b:6a:7d:ad:c1:f2:c0:5e:14:a7:5e:3e:c8:be:5b:
ed:32:68:a3:f7:de:0d:15:4a:af:cc:cd:9f:77:68:b3:f6:77:
11:d1:2f:14:b5:ed:4d:59:6e:b8:36:f2:77:eb:eb:08:06:44:
0a:e2:0f:2b:78:cd:01:0b:2c:bd:92:7e:4e:8c:c8:d1:fc:9d:
b6:1d:08:4d:aa:f4:bd:38:1c:40:b7:3f:39:62:c1:27:bd:f2:
bb:08:f3:62:8a:fc:3c:0f:b8:bf:17:88:4b:b9:d9:60:57:3b:
90:c6:66:9a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZhBFTMV6lHz0RKFscPm/D86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmVkMTFiYjZkNWUyZDZhNmVhYmExOWRhZjYzN2I1M2Y3
NjdlZDUwHhcNMjUwNzI1MTAxNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNhZTBmOTkxMWNkODEyZGNiZDQyNWY4N2M4ZTMxNmYyYzdiMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicaarunD7PEyE71+jKDGPTb6Puhg
0EqEMclDlJbOuI4DyAt2KmRAD5lpOlwV++7DvSIV4t/m9lW9FMQjQPGiVocMmtsk
jr1fn3o/gUr4KVXD94rbdDw4d1iy0UXx3ATvOGVQgK9Kl6Y+fYlj4n8jMJ1G3zMr
Ta14twyTyNoX1uYvtUys0OmQ2di/9YHnH90mswmI1RGv50B7CyKpPCO+EeLJjclC
rKn1QeyXN3schg227MRdkW6qpAn5fSZTpomLdzqOtsvR0+0HR2CPJfKyxn7EPgpL
GDiLOMSgT1zCLxZZLO6oYrGjKxwh+OxUD6k5hNU7sRBhmTFf2k26apc3XQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDk64PmRHNgS3L1CX4fI4xbyx7AXMB8GA1UdIwQY
MBaAFFVu0Ru21eLWpuq6Gdr2N7U/dn7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlc3Ukc3YlY0dGFtNnJvWjJ2WTN0VDkyZnRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yMmJmOWYtYzBjOC00NzUwLWIxYmYt
MTk5ODY2NWJkNzkzLzEvT1RyZy1aRWMyQkxjdlVKZmg4ampGdkxIc0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yMmJmOWYtYzBjOC00NzUwLWIxYmYtMTk5ODY2NWJkNzkz
LzEvVlc3Ukc3YlY0dGFtNnJvWjJ2WTN0VDkyZnRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXoshAwQA
uR2EAwQAwozrMA0EAgACMAcDBQAqFBOAMA0GCSqGSIb3DQEBCwUAA4IBAQCVL1QE
dUClhFXFkKeg34kfFAZwgN8BegobW8AxAE2YqDbkbmiGtPL2tlH78KVbE/fTiwsB
SaZQyg+3/07TaNZoT0hY60URKNrmeMeamYJoF8R11N0zLrMsbPuTBZ7DIWlVCzFK
LMCTfD+VFSlmcsCbhyie+103biv77IVysFgI9J1SspTQ/bsF7v/AFSpOJ9sCF65L
an2twfLAXhSnXj7IvlvtMmij994NFUqvzM2fd2iz9ncR0S8Ute1NWW64NvJ36+sI
BkQK4g8reM0BCyy9kn5OjMjR/J22HQhNqvS9OBxAtz85YsEnvfK7CPNiivw8D7i/
F4hLudlgVzuQxmaa
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:19:02 2025 by rpki-client