Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/28c3d1-8a90-4068-bb27-33abc53c0e79/1/wwvXwr9r97YSNmNGZc9ySQ1_n6Y.roa
File: wwvXwr9r97YSNmNGZc9ySQ1_n6Y.roa (raw, json)
Hash identifier: 0W0dMiygG/vBFetZXEBlHUxoM8tIClWjEIo09OeTw+M=
Subject key identifier: C3:0B:D7:C2:BF:6B:F7:B6:12:36:63:46:65:CF:72:49:0D:7F:9F:A6
Certificate issuer: /CN=887a5f0486b18a2448f2358a2746c1abd9fb2e5e
Certificate serial: 0197700CD262396D36721184A100971F603A
Authority key identifier: 88:7A:5F:04:86:B1:8A:24:48:F2:35:8A:27:46:C1:AB:D9:FB:2E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHpfBIaxiiRI8jWKJ0bBq9n7Ll4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/28c3d1-8a90-4068-bb27-33abc53c0e79/1/wwvXwr9r97YSNmNGZc9ySQ1_n6Y.roa
Signing time: Sat 14 Jun 2025 20:06:17 +0000
ROA not before: Sat 14 Jun 2025 20:06:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 185.88.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/28c3d1-8a90-4068-bb27-33abc53c0e79/1/iHpfBIaxiiRI8jWKJ0bBq9n7Ll4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/28c3d1-8a90-4068-bb27-33abc53c0e79/1/iHpfBIaxiiRI8jWKJ0bBq9n7Ll4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iHpfBIaxiiRI8jWKJ0bBq9n7Ll4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:70:0c:d2:62:39:6d:36:72:11:84:a1:00:97:1f:60:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=887a5f0486b18a2448f2358a2746c1abd9fb2e5e
Validity
Not Before: Jun 14 20:06:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c30bd7c2bf6bf7b61236634665cf72490d7f9fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:38:ee:6f:24:57:c1:32:ef:ef:15:f3:47:05:
99:ed:de:3c:b9:98:e0:1e:3a:bf:c5:73:05:29:96:
f7:5e:f2:fe:58:4a:01:fb:c4:37:df:f0:48:b8:ac:
0a:ac:20:60:c9:e4:b7:55:8d:1c:cb:e3:7a:ba:7a:
42:15:1c:14:6a:d3:b8:93:73:af:02:36:12:73:6f:
18:d1:18:9b:64:11:92:23:39:65:ad:46:9a:b8:5b:
76:b9:d8:94:0f:0b:c9:63:68:08:44:ac:be:f9:cd:
df:af:37:8f:9b:4d:3d:c1:bb:64:11:a1:67:37:d2:
49:6c:28:d9:eb:cd:75:0f:e1:5c:80:b0:08:a6:da:
1f:0b:09:01:7b:1f:74:a2:6b:7e:d3:71:30:3a:13:
be:3a:d4:df:c2:77:1f:b1:b6:39:46:cc:d1:73:f6:
52:94:7a:31:5f:b0:c6:69:d1:cf:2b:1c:f4:5b:63:
59:bb:b6:6c:48:a9:e9:ca:10:73:3f:1f:2c:c8:30:
46:e3:10:ab:43:9b:9b:60:bb:92:38:07:3b:c9:04:
02:10:83:c2:c0:c6:ad:94:0a:38:c1:66:3b:5b:37:
a7:3c:50:25:49:27:74:e5:b5:50:60:b5:3c:d3:92:
88:cd:6f:38:db:1a:24:ff:2c:57:2a:06:82:95:2d:
4b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:0B:D7:C2:BF:6B:F7:B6:12:36:63:46:65:CF:72:49:0D:7F:9F:A6
X509v3 Authority Key Identifier:
keyid:88:7A:5F:04:86:B1:8A:24:48:F2:35:8A:27:46:C1:AB:D9:FB:2E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHpfBIaxiiRI8jWKJ0bBq9n7Ll4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/28c3d1-8a90-4068-bb27-33abc53c0e79/1/wwvXwr9r97YSNmNGZc9ySQ1_n6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/28c3d1-8a90-4068-bb27-33abc53c0e79/1/iHpfBIaxiiRI8jWKJ0bBq9n7Ll4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.68.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:f9:06:92:36:56:8e:5c:f0:2c:73:35:78:2e:b8:56:74:85:
c5:25:5d:eb:20:6e:9e:90:45:f3:60:a9:7e:62:80:f0:d6:a1:
b4:37:9f:ee:94:ae:be:27:d3:a6:88:fa:11:cd:4c:e7:29:76:
fe:6d:31:46:e8:15:3d:9e:9b:f3:1b:e9:02:fb:1f:93:71:1b:
30:64:39:3e:f3:da:8f:91:95:83:79:ba:53:d0:87:de:72:36:
5b:fa:4f:b6:23:32:c3:a5:57:53:aa:ec:d5:68:8b:15:af:9c:
e2:42:66:35:d9:3a:41:48:87:28:81:01:7b:6e:c2:ad:f2:cd:
1e:a8:eb:04:3a:99:af:d0:f0:69:05:7d:a8:7c:ca:4b:0e:6a:
f5:2d:fe:af:c1:62:c3:fe:82:ac:76:1d:e4:ee:30:35:d4:42:
13:73:1f:6d:1a:a5:38:89:3c:b3:d9:d5:36:11:e0:64:42:3f:
c1:5f:8a:08:62:db:27:9b:e5:af:9d:fc:f8:a1:41:89:fc:ad:
50:46:af:80:02:2e:08:86:60:98:d4:68:21:4f:aa:15:ed:fd:
77:75:b3:04:10:54:a5:42:05:dd:38:bd:45:9d:ca:c5:e1:7f:
a7:18:93:3e:61:cd:12:15:19:43:e1:44:08:0c:9b:6e:1c:f9:
fd:1f:7b:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdwDNJiOW02chGEoQCXH2A6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4N2E1ZjA0ODZiMThhMjQ0OGYyMzU4YTI3NDZjMWFiZDlm
YjJlNWUwHhcNMjUwNjE0MjAwNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzBiZDdjMmJmNmJmN2I2MTIzNjYzNDY2NWNmNzI0OTBkN2Y5ZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TjubyRXwTLv7xXzRwWZ7d48uZjg
Hjq/xXMFKZb3XvL+WEoB+8Q33/BIuKwKrCBgyeS3VY0cy+N6unpCFRwUatO4k3Ov
AjYSc28Y0RibZBGSIzllrUaauFt2udiUDwvJY2gIRKy++c3frzePm009wbtkEaFn
N9JJbCjZ6811D+FcgLAIptofCwkBex90omt+03EwOhO+OtTfwncfsbY5RszRc/ZS
lHoxX7DGadHPKxz0W2NZu7ZsSKnpyhBzPx8syDBG4xCrQ5ubYLuSOAc7yQQCEIPC
wMatlAo4wWY7WzenPFAlSSd05bVQYLU805KIzW842xok/yxXKgaClS1LlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMML18K/a/e2EjZjRmXPckkNf5+mMB8GA1UdIwQY
MBaAFIh6XwSGsYokSPI1iidGwavZ+y5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhwZkJJYXhpaVJJOGpXS0owYkJxOW43TGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOGMzZDEtOGE5MC00MDY4LWJiMjct
MzNhYmM1M2MwZTc5LzEvd3d2WHdyOXI5N1lTTm1OR1pjOXlTUTFfbjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOGMzZDEtOGE5MC00MDY4LWJiMjctMzNhYmM1M2MwZTc5
LzEvaUhwZkJJYXhpaVJJOGpXS0owYkJxOW43TGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVhEMA0G
CSqGSIb3DQEBCwUAA4IBAQCr+QaSNlaOXPAsczV4LrhWdIXFJV3rIG6ekEXzYKl+
YoDw1qG0N5/ulK6+J9OmiPoRzUznKXb+bTFG6BU9npvzG+kC+x+TcRswZDk+89qP
kZWDebpT0IfecjZb+k+2IzLDpVdTquzVaIsVr5ziQmY12TpBSIcogQF7bsKt8s0e
qOsEOpmv0PBpBX2ofMpLDmr1Lf6vwWLD/oKsdh3k7jA11EITcx9tGqU4iTyz2dU2
EeBkQj/BX4oIYtsnm+Wvnfz4oUGJ/K1QRq+AAi4IhmCY1GghT6oV7f13dbMEEFSl
QgXdOL1FncrF4X+nGJM+Yc0SFRlD4UQIDJtuHPn9H3sv
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:45:19 2025 by rpki-client