Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/WBSv9nr34yh-4ay45sIY2yrfGuM.roa
File: WBSv9nr34yh-4ay45sIY2yrfGuM.roa (raw, json)
Hash identifier: oJ46YPLRk6dlsEArbKxRvm8tqd0uma3aEi7Jiq0SWS0=
Subject key identifier: 58:14:AF:F6:7A:F7:E3:28:7E:E1:AC:B8:E6:C2:18:DB:2A:DF:1A:E3
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0199621E676AB379BDD1B93CFE9227B5DFCF
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/WBSv9nr34yh-4ay45sIY2yrfGuM.roa
Signing time: Fri 19 Sep 2025 13:16:23 +0000
ROA not before: Fri 19 Sep 2025 13:16:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 79.132.180.0/24 maxlen: 24
79.132.183.0/24 maxlen: 24
79.132.188.0/24 maxlen: 24
79.132.190.0/24 maxlen: 24
88.223.154.0/23 maxlen: 24
88.223.164.0/24 maxlen: 24
88.223.165.0/24 maxlen: 24
88.223.166.0/24 maxlen: 24
88.223.167.0/24 maxlen: 24
88.223.176.0/20 maxlen: 24
88.223.180.0/24 maxlen: 24
88.223.183.0/24 maxlen: 24
88.223.189.0/24 maxlen: 24
88.223.190.0/24 maxlen: 24
88.223.191.0/24 maxlen: 24
88.223.208.0/24 maxlen: 24
88.223.218.0/24 maxlen: 24
88.223.224.0/20 maxlen: 24
213.164.96.0/20 maxlen: 24
213.164.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:62:1e:67:6a:b3:79:bd:d1:b9:3c:fe:92:27:b5:df:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Sep 19 13:16:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5814aff67af7e3287ee1acb8e6c218db2adf1ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:66:c2:1f:e5:7e:1a:4b:01:6a:81:1b:a4:d9:
b2:bc:65:d1:44:7b:ab:86:b9:88:c5:e7:5d:91:6d:
d4:2a:c1:ba:c4:7e:d4:f0:fa:a3:7f:71:92:b3:44:
c7:9c:88:88:33:cd:6f:f6:2f:af:e2:f7:2a:31:f0:
5d:e9:59:28:65:77:c2:c5:df:61:71:7d:ec:0a:6f:
47:d1:9a:45:11:2c:78:c5:62:77:02:94:de:77:af:
11:6d:6f:7f:7e:80:0f:2f:ca:36:6b:d9:5d:b6:0a:
b8:f6:11:79:08:8a:0b:d7:85:bb:f9:5e:c2:fc:37:
2f:39:f0:39:de:e7:18:9a:2b:f0:49:22:54:eb:cf:
cd:42:54:a7:a3:12:a4:fc:d4:c1:7a:a8:a5:94:22:
fb:17:6a:e5:65:d2:fc:b3:cc:58:61:91:ee:02:70:
74:ce:ca:6e:d0:46:b2:6a:75:f0:32:c6:ab:14:31:
c3:97:75:d0:e3:a8:96:b2:8c:76:67:2d:10:ee:a0:
63:b8:8d:89:d3:dd:b1:62:09:80:f0:8f:7a:b7:e0:
13:f5:5d:14:3f:b0:07:e5:59:e5:3d:78:40:db:88:
39:ab:7e:2e:e1:1b:2e:3c:14:d5:a9:40:30:93:f6:
dd:3b:8b:c6:b8:ef:0e:0f:c3:9a:3a:c9:d1:55:e2:
d5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:14:AF:F6:7A:F7:E3:28:7E:E1:AC:B8:E6:C2:18:DB:2A:DF:1A:E3
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/WBSv9nr34yh-4ay45sIY2yrfGuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.180.0/24
79.132.183.0/24
79.132.188.0/24
79.132.190.0/24
88.223.154.0/23
88.223.164.0/22
88.223.176.0/20
88.223.208.0/24
88.223.218.0/24
88.223.224.0/20
213.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
69:54:48:e1:f2:5d:1e:30:4f:51:dd:eb:26:1b:9b:cb:67:25:
2a:09:b0:b5:87:14:59:f7:73:66:88:5e:4c:82:ad:ff:15:8d:
e4:68:17:2f:49:21:08:0b:e5:dd:d3:40:ec:cd:58:12:5f:f7:
a8:54:bf:c9:6a:ac:b6:5d:b9:0c:f6:51:e9:10:65:85:d6:22:
b7:fc:39:17:9a:fe:c4:b3:0a:67:21:33:f1:b9:0f:08:4b:c3:
c4:0d:46:67:14:b9:e1:6a:10:ac:93:31:be:fc:a5:68:ee:4d:
7b:e5:69:76:01:72:1b:0c:f4:c0:17:f2:32:98:e3:bc:80:7d:
f8:d0:54:63:d4:c5:70:c9:59:c6:22:cd:6e:8a:90:1a:76:a1:
1f:c7:49:32:ce:59:4b:0e:b8:bf:4e:e4:fa:ef:32:09:32:5f:
d1:fd:a0:54:c5:90:2c:88:9b:81:d7:fb:33:4a:e6:6b:c2:7f:
f7:68:22:a1:66:03:b5:94:6d:5c:f6:21:dd:69:9a:e8:4a:bc:
0c:de:99:be:84:05:00:3d:34:33:47:de:8f:09:24:ca:c7:0e:
ee:72:01:48:1c:ca:a1:fa:97:b6:15:f9:de:14:be:3d:a4:1f:
9f:0f:22:8b:4b:33:a2:6e:f3:28:66:b1:0d:13:88:36:66:2a:
b3:9b:90:aa
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZliHmdqs3m90bk8/pIntd/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwOTE5MTMxNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE0YWZmNjdhZjdlMzI4N2VlMWFjYjhlNmMyMThkYjJhZGYxYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGbCH+V+GksBaoEbpNmyvGXRRHur
hrmIxeddkW3UKsG6xH7U8Pqjf3GSs0THnIiIM81v9i+v4vcqMfBd6VkoZXfCxd9h
cX3sCm9H0ZpFESx4xWJ3ApTed68RbW9/foAPL8o2a9ldtgq49hF5CIoL14W7+V7C
/DcvOfA53ucYmivwSSJU68/NQlSnoxKk/NTBeqillCL7F2rlZdL8s8xYYZHuAnB0
zspu0EayanXwMsarFDHDl3XQ46iWsox2Zy0Q7qBjuI2J092xYgmA8I96t+AT9V0U
P7AH5VnlPXhA24g5q34u4RsuPBTVqUAwk/bdO4vGuO8OD8OaOsnRVeLVCwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFgUr/Z69+MofuGsuObCGNsq3xrjMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvV0JTdjlucjM0eWgtNGF5NDVzSVkyeXJmR3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAT4S0AwQA
T4S3AwQAT4S8AwQAT4S+AwQBWN+aAwQCWN+kAwQEWN+wAwQAWN/QAwQAWN/aAwQE
WN/gAwQE1aRgMA0GCSqGSIb3DQEBCwUAA4IBAQBpVEjh8l0eME9R3esmG5vLZyUq
CbC1hxRZ93NmiF5Mgq3/FY3kaBcvSSEIC+Xd00DszVgSX/eoVL/Jaqy2XbkM9lHp
EGWF1iK3/DkXmv7EswpnITPxuQ8IS8PEDUZnFLnhahCskzG+/KVo7k175Wl2AXIb
DPTAF/IymOO8gH340FRj1MVwyVnGIs1uipAadqEfx0kyzllLDri/TuT67zIJMl/R
/aBUxZAsiJuB1/szSuZrwn/3aCKhZgO1lG1c9iHdaZroSrwM3pm+hAUAPTQzR96P
CSTKxw7ucgFIHMqh+pe2FfneFL49pB+fDyKLSzOibvMoZrENE4g2Ziqzm5Cq
-----END CERTIFICATE-----
Generated at Wed Oct 8 12:01:35 2025 by rpki-client