Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/lWWzD8KpiSRDu-3ZBZSl7nX6Jts.roa
File: lWWzD8KpiSRDu-3ZBZSl7nX6Jts.roa (raw, json)
Hash identifier: 1vMZkkbIrJFEhAGk+wrLpatP/TeRYU6mNHkV++RVOvk=
Subject key identifier: 95:65:B3:0F:C2:A9:89:24:43:BB:ED:D9:05:94:A5:EE:75:FA:26:DB
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 0199B33ECA612FF9C6A996B698B1F55F7A11
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/lWWzD8KpiSRDu-3ZBZSl7nX6Jts.roa
Signing time: Sun 05 Oct 2025 07:21:00 +0000
ROA not before: Sun 05 Oct 2025 07:21:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 62.68.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b3:3e:ca:61:2f:f9:c6:a9:96:b6:98:b1:f5:5f:7a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Oct 5 07:21:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9565b30fc2a9892443bbedd90594a5ee75fa26db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:08:7a:bc:90:d2:d0:10:41:9b:fd:67:49:67:
7a:91:40:15:47:ee:e6:37:4f:8e:73:52:7a:03:e5:
9f:b0:0e:dc:8a:7b:9b:ad:09:41:56:97:aa:51:49:
b7:1e:94:d1:8b:f1:6e:dc:f8:85:2c:80:ff:4a:98:
e7:da:bf:db:f8:30:48:f2:c3:ba:40:11:4b:4f:18:
19:23:50:58:f6:33:68:bf:28:0a:a0:f9:7e:c2:ea:
c6:20:c7:f7:47:6c:2c:fb:eb:12:6b:5a:6d:35:15:
55:90:45:de:81:5f:75:c2:69:22:55:e5:f5:bd:43:
87:cb:35:9e:60:26:2d:44:50:1f:f8:49:15:e2:5e:
9c:b1:77:bd:0c:cc:b4:21:5f:10:7f:bf:8f:04:ef:
99:34:d9:27:5a:5a:20:8c:f7:f7:60:07:6d:f1:ee:
d2:90:92:76:d9:1f:76:86:ec:ea:d3:e9:c2:12:ec:
dc:b0:f6:d1:f4:b3:5a:ea:bd:bc:30:a3:23:3a:79:
3e:bd:23:aa:f4:1e:35:8e:46:b6:b6:46:1c:9a:8c:
b2:98:eb:31:62:71:42:a8:e0:2c:3a:4c:8c:5e:e1:
54:2c:4b:ff:20:c3:08:24:44:fa:58:0c:54:e4:44:
08:a0:d8:ed:de:c1:39:79:c0:24:a2:56:c5:62:e4:
17:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:65:B3:0F:C2:A9:89:24:43:BB:ED:D9:05:94:A5:EE:75:FA:26:DB
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/lWWzD8KpiSRDu-3ZBZSl7nX6Jts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.68.0/24
Signature Algorithm: sha256WithRSAEncryption
03:87:f5:97:fc:6f:00:ce:cb:e5:61:1f:26:d2:dd:7d:28:9e:
76:68:18:ba:91:8e:31:c8:4d:91:e6:84:47:32:1e:e3:ec:7e:
d3:bd:09:d1:41:53:bb:25:82:53:43:8f:71:3d:a1:8d:cf:f0:
10:3b:2d:1d:ca:9c:7b:d4:74:48:6c:3b:b7:ec:7c:af:0d:12:
6e:4a:6d:09:85:2d:a1:15:a9:76:82:f8:d0:26:60:5c:a8:8b:
b6:4e:05:cb:52:20:01:65:d1:9a:22:61:43:f8:b4:f6:77:d5:
07:9a:ce:cd:19:82:b8:b9:37:64:a7:9f:14:84:a1:6b:eb:d9:
19:bf:0d:aa:6e:93:cf:14:c7:44:db:05:3b:08:c3:1a:43:f2:
33:51:1d:44:68:10:3e:29:04:04:a9:5a:12:dd:d8:7f:cf:2d:
44:97:5b:b8:35:74:55:ff:14:06:2b:7e:06:39:05:f1:d8:4b:
20:5a:64:58:c8:c9:1c:75:46:e3:52:a4:ef:b2:b8:d1:cb:08:
11:b9:70:1d:78:5d:92:68:92:e7:5c:1c:a9:21:bd:dc:2c:7d:
cf:ae:24:9e:0b:56:2f:ae:8f:50:52:1f:36:49:37:87:5e:db:
52:b5:9b:d4:69:dc:0a:83:c0:b8:7c:81:a0:65:bd:7a:60:c2:
a6:f9:3c:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmzPsphL/nGqZa2mLH1X3oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjUxMDA1MDcyMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY1YjMwZmMyYTk4OTI0NDNiYmVkZDkwNTk0YTVlZTc1ZmEyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQh6vJDS0BBBm/1nSWd6kUAVR+7m
N0+Oc1J6A+WfsA7cinubrQlBVpeqUUm3HpTRi/Fu3PiFLID/Spjn2r/b+DBI8sO6
QBFLTxgZI1BY9jNovygKoPl+wurGIMf3R2ws++sSa1ptNRVVkEXegV91wmkiVeX1
vUOHyzWeYCYtRFAf+EkV4l6csXe9DMy0IV8Qf7+PBO+ZNNknWlogjPf3YAdt8e7S
kJJ22R92huzq0+nCEuzcsPbR9LNa6r28MKMjOnk+vSOq9B41jka2tkYcmoyymOsx
YnFCqOAsOkyMXuFULEv/IMMIJET6WAxU5EQIoNjt3sE5ecAkolbFYuQXoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVlsw/CqYkkQ7vt2QWUpe51+ibbMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvbFdXekQ4S3BpU1JEdS0zWkJaU2w3blg2SnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkREMA0G
CSqGSIb3DQEBCwUAA4IBAQADh/WX/G8AzsvlYR8m0t19KJ52aBi6kY4xyE2R5oRH
Mh7j7H7TvQnRQVO7JYJTQ49xPaGNz/AQOy0dypx71HRIbDu37HyvDRJuSm0JhS2h
Fal2gvjQJmBcqIu2TgXLUiABZdGaImFD+LT2d9UHms7NGYK4uTdkp58UhKFr69kZ
vw2qbpPPFMdE2wU7CMMaQ/IzUR1EaBA+KQQEqVoS3dh/zy1El1u4NXRV/xQGK34G
OQXx2EsgWmRYyMkcdUbjUqTvsrjRywgRuXAdeF2SaJLnXBypIb3cLH3PriSeC1Yv
ro9QUh82STeHXttStZvUadwKg8C4fIGgZb16YMKm+TyV
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:47 2025 by rpki-client