Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/wVIN0cBImlfNWFOz4IT7aYaexqE.roa
File: wVIN0cBImlfNWFOz4IT7aYaexqE.roa (raw, json)
Hash identifier: BV94o+pd1hE2+f5obJYSJgfF2TueBCqdTmVe9yx/Lfw=
Subject key identifier: C1:52:0D:D1:C0:48:9A:57:CD:58:53:B3:E0:84:FB:69:86:9E:C6:A1
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0199ED2611606AA5CD85B5E2D1447CF2886C
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/wVIN0cBImlfNWFOz4IT7aYaexqE.roa
Signing time: Thu 16 Oct 2025 13:11:58 +0000
ROA not before: Thu 16 Oct 2025 13:11:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 79.132.180.0/24 maxlen: 24
79.132.183.0/24 maxlen: 24
79.132.188.0/24 maxlen: 24
79.132.190.0/24 maxlen: 24
88.223.154.0/23 maxlen: 24
88.223.164.0/24 maxlen: 24
88.223.165.0/24 maxlen: 24
88.223.166.0/24 maxlen: 24
88.223.167.0/24 maxlen: 24
88.223.176.0/20 maxlen: 24
88.223.180.0/24 maxlen: 24
88.223.183.0/24 maxlen: 24
88.223.189.0/24 maxlen: 24
88.223.190.0/24 maxlen: 24
88.223.191.0/24 maxlen: 24
88.223.208.0/24 maxlen: 24
88.223.218.0/24 maxlen: 24
88.223.224.0/20 maxlen: 24
88.223.244.0/22 maxlen: 22
88.223.248.0/22 maxlen: 22
88.223.252.0/22 maxlen: 22
213.164.96.0/20 maxlen: 24
213.164.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ed:26:11:60:6a:a5:cd:85:b5:e2:d1:44:7c:f2:88:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Oct 16 13:11:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1520dd1c0489a57cd5853b3e084fb69869ec6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bd:e0:ee:56:b9:a9:97:49:ff:50:b1:96:53:
a2:0c:74:95:e4:29:20:89:88:e0:a1:3e:90:2d:46:
89:c3:d7:d3:e3:a9:13:93:c2:8e:53:c6:dc:ed:9b:
c9:e8:9e:c4:f1:31:40:4b:6a:64:9f:48:7f:46:83:
69:3a:7c:75:fc:63:a3:9f:d2:62:44:a2:6f:a6:2d:
d3:03:3f:bf:13:57:12:ea:01:68:b6:b6:50:57:bf:
3e:ad:ad:51:0f:e7:84:bc:26:63:9c:76:1d:99:53:
77:18:cf:c5:17:ac:89:25:8c:ad:79:e3:e8:4c:eb:
7f:26:23:39:16:b4:46:ee:cd:b7:d6:3f:4c:b7:a5:
38:26:25:7e:d9:e8:17:ae:40:d4:d8:87:69:58:65:
e0:22:6e:d6:a9:3c:2f:14:7a:84:2f:86:ef:86:7a:
3c:c0:24:89:21:df:e2:25:f9:b8:4d:7c:99:76:0b:
7f:65:b1:ea:80:54:68:cb:20:f4:ec:7d:13:77:72:
7a:07:47:e4:88:2c:d9:5f:77:44:eb:e4:e0:ea:dd:
cb:d4:16:5a:36:c5:d0:98:bd:99:12:fe:81:40:c2:
c3:d6:95:27:65:cf:ba:e8:7b:77:7c:15:9b:b0:a9:
6c:d8:83:37:ff:0e:b0:44:21:d7:8e:88:bc:9e:a1:
19:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:52:0D:D1:C0:48:9A:57:CD:58:53:B3:E0:84:FB:69:86:9E:C6:A1
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/wVIN0cBImlfNWFOz4IT7aYaexqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.180.0/24
79.132.183.0/24
79.132.188.0/24
79.132.190.0/24
88.223.154.0/23
88.223.164.0/22
88.223.176.0/20
88.223.208.0/24
88.223.218.0/24
88.223.224.0/20
88.223.244.0-88.223.255.255
213.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:23:fc:26:ef:0b:49:3c:fc:86:79:99:92:01:8d:69:33:2d:
c6:d1:89:fc:47:37:f9:71:49:51:6f:68:ab:22:6b:83:c1:94:
c2:8f:e2:4f:12:c0:d2:44:9c:b8:3a:f7:ea:dc:60:0b:a5:57:
eb:19:46:3e:75:d9:df:cd:f8:29:c9:43:fc:df:19:e3:11:98:
80:c6:18:3b:09:be:fb:92:9b:10:4b:d8:0b:fd:0d:63:50:d2:
6e:56:e9:ad:e5:e6:9f:ca:9f:87:c6:1e:96:71:63:2f:88:f6:
e7:59:2c:0e:8b:29:73:8c:d3:ca:6d:d2:ca:d8:bc:32:cc:cf:
57:26:23:e4:f2:53:55:fa:3d:73:37:a8:c7:31:ad:eb:75:c6:
cf:5d:46:76:f2:27:71:cc:79:6a:f5:ab:41:48:65:bd:a3:36:
d2:26:bc:72:de:dc:e5:b2:b8:cf:c5:d7:1c:02:dd:6a:b0:5b:
17:1a:e2:10:43:ee:cd:30:13:83:ee:f5:42:0d:1a:44:2a:f4:
f1:22:d4:f4:df:cc:a9:10:04:d4:db:0d:b8:45:dd:2b:6d:be:
d0:b7:35:9c:6b:d9:6c:57:0c:3c:77:ea:64:0b:75:e4:7d:cb:
57:fd:f6:cd:24:ca:69:a1:c6:28:fc:87:0b:3e:5c:59:18:ec:
69:1e:cf:e0
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZntJhFgaqXNhbXi0UR88ohsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUxMDE2MTMxMTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTUyMGRkMWMwNDg5YTU3Y2Q1ODUzYjNlMDg0ZmI2OTg2OWVjNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL3g7la5qZdJ/1CxllOiDHSV5Ckg
iYjgoT6QLUaJw9fT46kTk8KOU8bc7ZvJ6J7E8TFAS2pkn0h/RoNpOnx1/GOjn9Ji
RKJvpi3TAz+/E1cS6gFotrZQV78+ra1RD+eEvCZjnHYdmVN3GM/FF6yJJYyteePo
TOt/JiM5FrRG7s231j9Mt6U4JiV+2egXrkDU2IdpWGXgIm7WqTwvFHqEL4bvhno8
wCSJId/iJfm4TXyZdgt/ZbHqgFRoyyD07H0Td3J6B0fkiCzZX3dE6+Tg6t3L1BZa
NsXQmL2ZEv6BQMLD1pUnZc+66Ht3fBWbsKls2IM3/w6wRCHXjoi8nqEZ1QIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFMFSDdHASJpXzVhTs+CE+2mGnsahMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvd1ZJTjBjQkltbGZOV0ZPejRJVDdhWWFleHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAATBPAwQAT4S0AwQA
T4S3AwQAT4S8AwQAT4S+AwQBWN+aAwQCWN+kAwQEWN+wAwQAWN/QAwQAWN/aAwQE
WN/gMAsDBAJY3/QDAwVYwAMEBNWkYDANBgkqhkiG9w0BAQsFAAOCAQEAXCP8Ju8L
STz8hnmZkgGNaTMtxtGJ/Ec3+XFJUW9oqyJrg8GUwo/iTxLA0kScuDr36txgC6VX
6xlGPnXZ3834KclD/N8Z4xGYgMYYOwm++5KbEEvYC/0NY1DSblbpreXmn8qfh8Ye
lnFjL4j251ksDospc4zTym3Syti8MszPVyYj5PJTVfo9czeoxzGt63XGz11GdvIn
ccx5avWrQUhlvaM20ia8ct7c5bK4z8XXHALdarBbFxriEEPuzTATg+71Qg0aRCr0
8SLU9N/MqRAE1NsNuEXdK22+0Lc1nGvZbFcMPHfqZAt15H3LV/32zSTKaaHGKPyH
Cz5cWRjsaR7P4A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:44 2025 by rpki-client