Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/OT-82Er9tgitmaTBlBLqGxs_rw8.roa
File: OT-82Er9tgitmaTBlBLqGxs_rw8.roa (raw, json)
Hash identifier: m+Mrhst2wpAAy8++lh9rjfmzScVogf5j9f+YIQvacHQ=
Subject key identifier: 39:3F:BC:D8:4A:FD:B6:08:AD:99:A4:C1:94:12:EA:1B:1B:3F:AF:0F
Certificate issuer: /CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Certificate serial: 0198A35A5B97C2F2BFFCA6A90EB55B93485C
Authority key identifier: C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/OT-82Er9tgitmaTBlBLqGxs_rw8.roa
Signing time: Wed 13 Aug 2025 12:14:24 +0000
ROA not before: Wed 13 Aug 2025 12:14:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51683
IP address blocks: 31.40.241.0/24 maxlen: 24
31.40.243.0/24 maxlen: 24
185.9.138.0/24 maxlen: 24
185.115.209.0/24 maxlen: 24
2a07:9d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:5a:5b:97:c2:f2:bf:fc:a6:a9:0e:b5:5b:93:48:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Validity
Not Before: Aug 13 12:14:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=393fbcd84afdb608ad99a4c19412ea1b1b3faf0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:23:d5:40:94:31:8f:e1:95:ad:97:3e:dd:
80:66:de:54:57:ab:60:85:61:ae:df:18:6e:23:6f:
33:e3:d6:cb:18:a8:39:0b:8e:a4:4b:a0:ae:69:91:
be:13:4a:75:37:4c:e4:7d:59:b4:ec:65:12:85:66:
83:ba:6c:fa:2d:47:78:71:5b:22:1c:8c:29:44:96:
2b:0f:8c:67:bc:cd:c4:9b:2c:48:2b:47:16:88:1e:
a0:0c:8d:d0:71:e7:56:92:31:f6:fb:88:70:1f:5d:
c6:8b:01:f6:f8:78:50:5a:51:1d:05:da:6e:ff:20:
d4:2e:cf:07:a2:f3:30:5e:eb:e7:23:32:27:65:90:
bd:ec:d6:37:f5:c1:e3:40:12:10:2c:df:f1:48:e9:
21:b4:c0:f0:d9:1b:77:ce:07:b2:29:d9:59:87:a5:
76:01:74:40:5d:06:f5:0b:34:cc:b0:0c:26:11:f6:
59:8d:50:cc:77:d4:16:a3:1a:73:3b:ba:63:37:dd:
73:01:fc:2a:f7:1b:33:ef:2b:e4:ce:53:a1:03:a3:
7b:ec:7e:04:05:06:0f:89:e7:20:23:f4:c9:b5:3f:
fb:fe:be:e7:29:a1:e9:8b:24:dc:ce:6d:4d:70:6f:
19:4b:31:59:30:dd:76:aa:14:b5:21:f3:78:f4:88:
c6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3F:BC:D8:4A:FD:B6:08:AD:99:A4:C1:94:12:EA:1B:1B:3F:AF:0F
X509v3 Authority Key Identifier:
keyid:C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/OT-82Er9tgitmaTBlBLqGxs_rw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.241.0/24
31.40.243.0/24
185.9.138.0/24
185.115.209.0/24
IPv6:
2a07:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
2d:0f:a0:db:c8:40:e6:03:68:fb:60:80:86:2d:27:a4:9d:9e:
d6:70:be:72:c8:9e:a0:9d:d6:08:e3:be:60:ac:80:9f:4e:73:
9f:5b:a1:d7:82:20:56:98:28:66:1c:f0:57:99:dc:af:d8:3a:
bf:46:8d:1d:d7:7b:e1:3c:5b:f6:8f:cb:35:bb:44:24:0a:27:
40:4d:18:c0:4d:97:fb:94:e7:a9:b8:60:1f:69:c5:4b:0b:f6:
e9:22:04:81:c7:d0:97:43:22:86:07:6c:8c:03:7f:71:81:5d:
1e:de:0b:6d:40:39:35:aa:c3:15:d0:0f:9e:03:0a:03:63:dd:
17:89:5e:1b:9d:1b:07:18:14:44:34:7a:8b:3d:49:92:e8:60:
63:6f:54:c5:28:31:43:16:6f:ea:9e:15:11:4e:d5:7c:53:17:
3a:04:5a:b5:88:35:30:ba:87:e2:29:b6:aa:2c:9d:be:d0:0d:
c0:49:65:c1:14:b7:f6:3e:bf:1e:71:b2:10:ac:fe:2a:3d:c2:
9b:26:4a:a4:21:aa:80:9e:43:c5:3b:25:16:bf:7a:16:c5:69:
d8:8f:8e:48:df:88:eb:d8:97:a7:ce:9c:18:58:1f:da:a2:64:
7d:52:e3:27:ac:1d:b3:76:28:45:ce:a0:22:6a:04:83:ba:19:
e9:be:d4:95
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZijWluXwvK//KapDrVbk0hcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOWJjMzBhNzQ4OTYwYjIyN2ExYmYyNjIxNjA2N2VkZDA1
YzFhN2QwHhcNMjUwODEzMTIxNDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNmYmNkODRhZmRiNjA4YWQ5OWE0YzE5NDEyZWExYjFiM2ZhZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiUj1UCUMY/hla2XPt2AZt5UV6tg
hWGu3xhuI28z49bLGKg5C46kS6CuaZG+E0p1N0zkfVm07GUShWaDumz6LUd4cVsi
HIwpRJYrD4xnvM3EmyxIK0cWiB6gDI3QcedWkjH2+4hwH13GiwH2+HhQWlEdBdpu
/yDULs8HovMwXuvnIzInZZC97NY39cHjQBIQLN/xSOkhtMDw2Rt3zgeyKdlZh6V2
AXRAXQb1CzTMsAwmEfZZjVDMd9QWoxpzO7pjN91zAfwq9xsz7yvkzlOhA6N77H4E
BQYPiecgI/TJtT/7/r7nKaHpiyTczm1NcG8ZSzFZMN12qhS1IfN49IjG8wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDk/vNhK/bYIrZmkwZQS6hsbP68PMB8GA1UdIwQY
MBaAFMObwwp0iWCyJ6G/JiFgZ+3QXBp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgt
OTIwOWY3YjdlZjgxLzEvT1QtODJFcjl0Z2l0bWFUQmxCTHFHeHNfcnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgtOTIwOWY3YjdlZjgx
LzEvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHyjxAwQA
HyjzAwQAuQmKAwQAuXPRMA0EAgACMAcDBQMqB51AMA0GCSqGSIb3DQEBCwUAA4IB
AQAtD6DbyEDmA2j7YICGLSeknZ7WcL5yyJ6gndYI475grICfTnOfW6HXgiBWmChm
HPBXmdyv2Dq/Ro0d13vhPFv2j8s1u0QkCidATRjATZf7lOepuGAfacVLC/bpIgSB
x9CXQyKGB2yMA39xgV0e3gttQDk1qsMV0A+eAwoDY90XiV4bnRsHGBRENHqLPUmS
6GBjb1TFKDFDFm/qnhURTtV8Uxc6BFq1iDUwuofiKbaqLJ2+0A3ASWXBFLf2Pr8e
cbIQrP4qPcKbJkqkIaqAnkPFOyUWv3oWxWnYj45I34jr2JenzpwYWB/aomR9UuMn
rB2zdihFzqAiagSDuhnpvtSV
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:17:52 2025 by rpki-client