
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/68HNk8HEdL4-oopkdnJE6KyE9tE.roa
File: 68HNk8HEdL4-oopkdnJE6KyE9tE.roa (raw, json)
Hash identifier: r+cfQ7TwTUHPP64ePGT4lzc5kagIFx0IEzlAR6zZIV0=
Subject key identifier: EB:C1:CD:93:C1:C4:74:BE:3E:A2:8A:64:76:72:44:E8:AC:84:F6:D1
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0198643FF3ADB9910ECCED0D3F1BF25467CC
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/68HNk8HEdL4-oopkdnJE6KyE9tE.roa
Signing time: Fri 01 Aug 2025 06:09:29 +0000
ROA not before: Fri 01 Aug 2025 06:09:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 88.223.42.0/24 maxlen: 24
88.223.43.0/24 maxlen: 24
88.223.45.0/24 maxlen: 24
88.223.168.0/24 maxlen: 24
88.223.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:64:3f:f3:ad:b9:91:0e:cc:ed:0d:3f:1b:f2:54:67:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Aug 1 06:09:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebc1cd93c1c474be3ea28a64767244e8ac84f6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:26:e6:62:0d:f7:66:4e:af:77:25:26:52:
fb:f9:1e:9b:38:d8:5c:22:7a:c8:1e:42:45:55:73:
62:d3:17:fe:13:a7:db:c4:22:68:5a:da:b2:8f:64:
ab:08:df:7e:ac:a2:5a:8f:13:7c:b1:5f:02:78:95:
2a:56:3f:54:06:08:d0:b8:bf:5e:c6:0e:69:12:7d:
59:6b:f0:23:73:dc:4c:ad:6c:a7:10:01:95:d5:dd:
6f:aa:5e:8e:7e:51:3c:a5:b9:1b:fe:43:b8:f8:9c:
94:44:d4:b0:48:dd:96:c1:40:d6:04:49:9a:ec:37:
5c:f9:f1:b5:94:e0:ee:42:cb:e7:8a:c4:2b:6b:39:
dd:9a:4d:c0:a7:9b:bd:fe:8b:38:7d:94:db:f1:9f:
32:6e:a1:f8:14:c0:a2:1c:6b:03:61:99:3d:d5:02:
37:66:f9:39:b1:b3:25:d5:6d:3c:cb:fa:4c:05:67:
69:0d:e4:cb:88:b7:df:ab:66:66:45:6c:3f:2b:ef:
75:66:c4:27:5c:f5:a9:4a:a6:09:98:c0:23:23:45:
92:6e:ed:67:9c:67:2b:41:96:8d:21:46:69:ea:a5:
e0:5a:06:3d:9b:9a:a8:28:3a:9a:5a:a5:87:7e:c8:
75:3a:63:40:d0:4b:66:5c:82:2a:1e:b7:1f:62:0a:
24:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C1:CD:93:C1:C4:74:BE:3E:A2:8A:64:76:72:44:E8:AC:84:F6:D1
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/68HNk8HEdL4-oopkdnJE6KyE9tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.223.42.0/23
88.223.45.0/24
88.223.168.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:37:88:34:19:97:72:ae:61:9c:59:02:b2:34:f7:31:01:d3:
da:11:bc:f5:ec:7a:29:81:66:8d:82:b6:b3:d5:9c:25:f8:c6:
09:05:92:b9:a1:60:f9:34:f7:e2:d2:12:c8:84:56:3b:c9:c3:
b3:a1:f1:27:8a:df:09:b8:0d:05:7a:ce:4c:41:ae:6d:0a:58:
e0:14:70:90:a2:40:f4:e8:70:b3:83:13:aa:17:e1:56:d8:82:
65:6e:9d:48:3c:d3:bb:db:ea:96:ba:48:03:65:7d:b8:dc:57:
d0:86:63:98:8c:da:38:bb:e6:1b:1a:f7:d9:28:62:49:ac:01:
54:46:e6:e3:b4:21:5d:65:f9:dc:5c:d6:7e:6f:e2:4a:59:72:
33:e3:ea:de:2a:e0:14:fa:4a:5c:1d:3b:1c:71:07:de:2a:b5:
25:d3:45:b6:e2:9d:0b:31:2b:91:9e:61:dd:1f:29:24:ff:c2:
5a:42:90:26:31:d4:44:ec:b0:02:4d:cb:65:b1:eb:e9:f2:c7:
3d:0f:27:29:60:65:3e:01:d5:ff:be:a8:ff:0c:53:28:d9:88:
f1:22:e6:c9:12:eb:8b:6c:9c:8f:d0:b2:c9:1b:42:1f:90:64:
48:56:71:3c:ca:84:ed:5c:4c:1c:d0:21:48:8d:0c:fb:ec:3f:
81:12:ed:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZhkP/OtuZEOzO0NPxvyVGfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwODAxMDYwOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMxY2Q5M2MxYzQ3NGJlM2VhMjhhNjQ3NjcyNDRlOGFjODRmNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU4m5mIN92ZOr3clJlL7+R6bONhc
InrIHkJFVXNi0xf+E6fbxCJoWtqyj2SrCN9+rKJajxN8sV8CeJUqVj9UBgjQuL9e
xg5pEn1Za/Ajc9xMrWynEAGV1d1vql6OflE8pbkb/kO4+JyURNSwSN2WwUDWBEma
7Ddc+fG1lODuQsvnisQrazndmk3Ap5u9/os4fZTb8Z8ybqH4FMCiHGsDYZk91QI3
Zvk5sbMl1W08y/pMBWdpDeTLiLffq2ZmRWw/K+91ZsQnXPWpSqYJmMAjI0WSbu1n
nGcrQZaNIUZp6qXgWgY9m5qoKDqaWqWHfsh1OmNA0EtmXIIqHrcfYgok3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOvBzZPBxHS+PqKKZHZyROishPbRMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvNjhITms4SEVkTDQtb29wa2RuSkU2S3lFOXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWN8qAwQA
WN8tAwQBWN+oMA0GCSqGSIb3DQEBCwUAA4IBAQB/N4g0GZdyrmGcWQKyNPcxAdPa
Ebz17HopgWaNgraz1Zwl+MYJBZK5oWD5NPfi0hLIhFY7ycOzofEnit8JuA0Fes5M
Qa5tCljgFHCQokD06HCzgxOqF+FW2IJlbp1IPNO72+qWukgDZX243FfQhmOYjNo4
u+YbGvfZKGJJrAFURubjtCFdZfncXNZ+b+JKWXIz4+reKuAU+kpcHTsccQfeKrUl
00W24p0LMSuRnmHdHykk/8JaQpAmMdRE7LACTctlsevp8sc9DycpYGU+AdX/vqj/
DFMo2YjxIubJEuuLbJyP0LLJG0IfkGRIVnE8yoTtXEwc0CFIjQz77D+BEu06
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:08:02 2025 by rpki-client