Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/otnam08RItqMmRpyQ5rjginW6ko.roa
File: otnam08RItqMmRpyQ5rjginW6ko.roa (raw, json)
Hash identifier: zIOUptVEVtFBTaUa49+ZBxAxFmI9HTX0oHu3VtwDabc=
Subject key identifier: A2:D9:DA:9B:4F:11:22:DA:8C:99:1A:72:43:9A:E3:82:29:D6:EA:4A
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01985BA468CAF5D57D3C03C1F590AC37DA19
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/otnam08RItqMmRpyQ5rjginW6ko.roa
Signing time: Wed 30 Jul 2025 14:02:37 +0000
ROA not before: Wed 30 Jul 2025 14:02:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52041
IP address blocks: 82.215.64.0/24 maxlen: 24
86.54.213.0/24 maxlen: 24
185.248.134.0/24 maxlen: 24
194.46.57.0/24 maxlen: 24
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:6a0::/44 maxlen: 44
2a12:bec0:e40::/44 maxlen: 44
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:7001::/48 maxlen: 48
2a12:bec0:7002::/48 maxlen: 48
2a12:bec0:7003::/48 maxlen: 48
2a12:bec0:7004::/48 maxlen: 48
2a12:bec0:7006::/48 maxlen: 48
2a12:bec0:7007::/48 maxlen: 48
2a12:bec0:7008::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
2a12:bec1::/32 maxlen: 48
2a12:bec1:2::/48 maxlen: 48
2a12:bec1:b00b::/48 maxlen: 48
2a12:bec2::/32 maxlen: 32
2a12:bec2:b00b::/48 maxlen: 48
2a12:bec3:b00b::/48 maxlen: 48
2a12:bec4:20::/44 maxlen: 48
2a12:bec4:100::/44 maxlen: 44
2a12:bec4:1120::/44 maxlen: 44
2a12:bec4:1430::/44 maxlen: 44
2a12:bec4:1490::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:a4:68:ca:f5:d5:7d:3c:03:c1:f5:90:ac:37:da:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jul 30 14:02:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d9da9b4f1122da8c991a72439ae38229d6ea4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:49:28:1c:4b:f3:c8:54:b7:6c:78:46:9b:c4:
c9:2f:9a:c6:1c:7d:72:63:17:f0:27:78:4d:23:b1:
ae:8e:8b:8b:3b:8c:2a:1f:6b:54:43:fc:b0:58:29:
9c:45:c5:e5:fc:e9:97:47:02:ae:84:d1:b2:73:06:
80:47:38:02:87:de:7b:df:83:aa:78:56:f8:c2:0b:
97:5a:a8:41:12:5e:e1:f4:7f:cd:9e:2f:22:e7:ed:
a4:20:ea:87:aa:d8:39:10:15:8b:74:59:d1:d3:1a:
d1:68:f6:c2:91:5e:d2:c4:63:ed:85:60:5f:8c:f0:
ed:d7:08:29:79:0a:6a:18:9f:a2:06:55:32:0c:db:
57:e7:3b:5e:63:73:f4:5a:29:3b:92:3c:be:9f:ce:
54:60:c4:de:b4:83:e7:16:2b:d3:9b:7c:b5:e5:88:
39:6e:57:eb:dc:f5:d3:59:7c:91:15:0b:f1:3a:5b:
31:7f:11:02:1e:14:b7:ff:7a:fb:75:31:ec:9d:3c:
59:94:82:7c:24:63:0b:d4:df:e5:f2:46:a2:3d:48:
bb:98:a6:b0:85:20:85:2c:9c:60:6f:3a:f8:30:8e:
54:d8:b6:f1:46:b6:b0:86:fc:73:3c:ae:2a:4a:b8:
65:4d:77:32:22:0d:ab:a8:ed:45:12:aa:f4:ed:81:
c9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D9:DA:9B:4F:11:22:DA:8C:99:1A:72:43:9A:E3:82:29:D6:EA:4A
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/otnam08RItqMmRpyQ5rjginW6ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.64.0/24
86.54.213.0/24
185.248.134.0/24
194.46.57.0/24
IPv6:
2a12:bec0:d0::/44
2a12:bec0:6a0::/44
2a12:bec0:e40::/44
2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
2a12:bec0:7006::-2a12:bec0:7008:ffff:ffff:ffff:ffff:ffff
2a12:bec0:b00b::/48
2a12:bec1::-2a12:bec2:ffff:ffff:ffff:ffff:ffff:ffff
2a12:bec3:b00b::/48
2a12:bec4:20::/44
2a12:bec4:100::/44
2a12:bec4:1120::/44
2a12:bec4:1430::/44
2a12:bec4:1490::/44
Signature Algorithm: sha256WithRSAEncryption
a7:02:6d:94:c7:56:9d:fd:eb:76:9f:15:ce:b7:e7:c8:42:e7:
d2:95:e2:11:18:f2:d9:0a:01:eb:51:59:3c:81:dc:c5:70:ab:
f1:c9:02:c3:52:c0:07:25:52:4c:af:1c:73:32:b1:56:40:ef:
71:38:be:0a:59:d1:c1:60:cb:f7:b2:2e:b9:c8:f6:20:c1:9d:
f1:71:a2:c3:58:49:29:21:a2:0d:9a:eb:1c:c7:8a:06:0a:70:
94:e9:00:e9:df:b6:31:71:42:51:ab:fc:45:5b:bd:13:17:83:
e7:d8:ba:b8:c8:66:55:3a:87:21:44:ae:6c:5c:05:b9:89:68:
e5:a8:12:05:6e:58:63:aa:a7:ba:5f:14:7d:48:1a:9f:2c:cf:
53:d6:a5:e8:f6:85:fd:92:a7:ab:59:70:e9:82:df:64:ef:ea:
28:68:9e:1c:8c:71:ee:1b:0b:25:d2:39:41:5c:ff:d0:4e:26:
f4:4f:ed:7c:c0:a9:7f:fa:5f:ee:d0:84:ab:ff:7f:26:40:23:
87:ff:4c:b6:10:f9:9b:b6:bf:7e:8e:15:2f:68:26:bc:c3:3f:
73:5a:fc:cd:6a:84:87:12:a3:84:ea:73:c6:d5:dd:31:ab:b1:
c0:cf:fc:bb:7f:a3:11:ef:dc:75:c6:25:13:7b:33:6c:a2:48:
a7:fa:72:9c
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZhbpGjK9dV9PAPB9ZCsN9oZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNzMwMTQwMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQ5ZGE5YjRmMTEyMmRhOGM5OTFhNzI0MzlhZTM4MjI5ZDZlYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEkoHEvzyFS3bHhGm8TJL5rGHH1y
YxfwJ3hNI7GujouLO4wqH2tUQ/ywWCmcRcXl/OmXRwKuhNGycwaARzgCh95734Oq
eFb4wguXWqhBEl7h9H/Nni8i5+2kIOqHqtg5EBWLdFnR0xrRaPbCkV7SxGPthWBf
jPDt1wgpeQpqGJ+iBlUyDNtX5zteY3P0Wik7kjy+n85UYMTetIPnFivTm3y15Yg5
blfr3PXTWXyRFQvxOlsxfxECHhS3/3r7dTHsnTxZlIJ8JGML1N/l8kaiPUi7mKaw
hSCFLJxgbzr4MI5U2LbxRrawhvxzPK4qSrhlTXcyIg2rqO1FEqr07YHJiQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFKLZ2ptPESLajJkackOa44Ip1upKMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvb3RuYW0wOFJJdHFNbVJweVE1cmpnaW5XNmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzAeBAIAATAYAwQAUtdA
AwQAVjbVAwQAufiGAwQAwi45MIGYBAIAAjCBkQMHBCoSvsAA0AMHBCoSvsAGoAMH
BCoSvsAOQDARAwYEKhK+wHADBwAqEr7AcAQwEgMHASoSvsBwBgMHACoSvsBwCAMH
ACoSvsCwCzAOAwUAKhK+wQMFACoSvsIDBwAqEr7DsAsDBwQqEr7EACADBwQqEr7E
AQADBwQqEr7EESADBwQqEr7EFDADBwQqEr7EFJAwDQYJKoZIhvcNAQELBQADggEB
AKcCbZTHVp3963afFc6358hC59KV4hEY8tkKAetRWTyB3MVwq/HJAsNSwAclUkyv
HHMysVZA73E4vgpZ0cFgy/eyLrnI9iDBnfFxosNYSSkhog2a6xzHigYKcJTpAOnf
tjFxQlGr/EVbvRMXg+fYurjIZlU6hyFErmxcBbmJaOWoEgVuWGOqp7pfFH1IGp8s
z1PWpej2hf2Sp6tZcOmC32Tv6ihonhyMce4bCyXSOUFc/9BOJvRP7XzAqX/6X+7Q
hKv/fyZAI4f/TLYQ+Zu2v36OFS9oJrzDP3Na/M1qhIcSo4Tqc8bV3TGrscDP/Lt/
oxHv3HXGJRN7M2yiSKf6cpw=
-----END CERTIFICATE-----
Generated at Sat Aug 9 03:03:48 2025 by rpki-client