Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/8-v-Z7Xa6lfqMbl7evIHp25t1sA.roa
File: 8-v-Z7Xa6lfqMbl7evIHp25t1sA.roa (raw, json)
Hash identifier: BWcCx1HwRpdJveviEQtt8WgW8hrEfngJob3ia7RrZwQ=
Subject key identifier: F3:EB:FE:67:B5:DA:EA:57:EA:31:B9:7B:7A:F2:07:A7:6E:6D:D6:C0
Certificate issuer: /CN=1659eb6040193df0681350905e639d0e58d5f9df
Certificate serial: 01967DF240F59A00E30EC7DDF091966E88E6
Authority key identifier: 16:59:EB:60:40:19:3D:F0:68:13:50:90:5E:63:9D:0E:58:D5:F9:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/8-v-Z7Xa6lfqMbl7evIHp25t1sA.roa
Signing time: Mon 28 Apr 2025 19:49:10 +0000
ROA not before: Mon 28 Apr 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 185.154.80.0/22 maxlen: 24
185.154.80.0/24 maxlen: 24
185.154.81.0/24 maxlen: 24
185.154.82.0/24 maxlen: 24
185.154.83.0/24 maxlen: 24
2a05:f500:2::/48 maxlen: 48
2a05:f507:77::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:f2:40:f5:9a:00:e3:0e:c7:dd:f0:91:96:6e:88:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1659eb6040193df0681350905e639d0e58d5f9df
Validity
Not Before: Apr 28 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3ebfe67b5daea57ea31b97b7af207a76e6dd6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dd:c5:35:f7:a5:cd:da:93:d4:21:6b:51:8b:
bd:ba:6c:3f:42:7a:ed:b6:54:0a:7b:03:f9:c4:d4:
49:38:ac:75:59:55:ba:ff:0e:35:06:b2:61:6e:43:
da:b4:d4:29:39:63:3b:78:dc:10:80:7a:b1:be:6c:
b8:61:76:53:fe:b7:41:71:41:e2:b4:fe:03:47:f9:
86:80:fd:b2:9a:e7:b6:8b:fd:41:34:46:d0:8a:bf:
53:cd:15:3a:c3:2f:24:ce:ba:05:15:9f:33:9c:ba:
e6:bd:3a:dd:c2:5e:a4:38:ae:57:3c:18:0e:a7:55:
29:44:fc:41:ec:12:b7:20:45:4d:f4:95:6c:f4:94:
35:c5:8b:32:d6:44:2e:50:9d:77:bb:97:c0:b6:b7:
17:43:1a:9e:ee:93:57:ab:e8:d2:8d:bd:3b:be:09:
f8:ee:52:ed:6f:ba:a4:41:48:dc:a7:a5:46:b5:30:
47:e9:48:7f:4f:1d:0f:e2:f5:2b:c5:f4:60:af:74:
5b:a7:f1:84:a3:d9:a6:65:76:57:dd:8c:ca:8e:a6:
6a:46:87:3f:b3:1b:78:e6:69:e7:7b:02:27:10:e6:
8c:10:86:2f:07:ef:db:fa:3d:72:18:51:c7:7c:7a:
22:51:09:6a:82:5e:0b:93:a5:99:f6:17:93:a5:0c:
3e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EB:FE:67:B5:DA:EA:57:EA:31:B9:7B:7A:F2:07:A7:6E:6D:D6:C0
X509v3 Authority Key Identifier:
keyid:16:59:EB:60:40:19:3D:F0:68:13:50:90:5E:63:9D:0E:58:D5:F9:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/8-v-Z7Xa6lfqMbl7evIHp25t1sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.80.0/22
IPv6:
2a05:f500:2::/48
2a05:f507:77::/48
Signature Algorithm: sha256WithRSAEncryption
23:3a:67:df:92:18:dc:41:87:d9:50:78:a6:1d:7d:b2:57:33:
e3:2f:5b:bc:e8:09:ab:4c:1a:b3:f0:03:7a:fb:ea:0c:55:6f:
ed:e2:e4:70:b7:12:75:90:06:08:f9:0c:17:da:d9:e0:ee:80:
4f:f3:2b:82:91:da:f3:4c:f0:a8:2d:eb:b4:06:d3:d0:b8:c3:
52:58:6b:67:97:e7:3e:e2:eb:16:ef:a1:ba:23:6d:41:28:93:
6b:b9:14:05:4f:fe:4e:84:76:ce:2c:4d:e0:10:d5:ed:61:74:
95:ae:a5:18:e2:05:e5:d8:89:a0:fb:cb:68:3d:0b:c8:f2:74:
bf:e5:5a:f3:8c:06:03:ff:c4:9f:83:de:bc:39:4e:63:62:e0:
a4:5c:b9:fc:6c:f9:be:d2:9a:30:79:9e:f3:99:e2:f5:5b:73:
e7:ec:5a:24:86:f8:0d:55:8a:62:2a:ee:56:b4:00:7f:68:1e:
a5:0a:56:4e:e6:bb:04:f7:dd:df:b0:7c:7a:b8:f5:10:cb:44:
93:3c:c8:83:4a:3d:09:0a:c4:a4:03:70:32:38:a5:79:3c:b2:
3c:cf:18:b2:c0:46:2b:e4:f7:cb:cc:bc:8e:ca:29:d3:64:f0:
74:1e:66:cd:d6:9f:b2:b7:b5:4f:80:70:0b:95:8f:86:76:8e:
c3:e6:5c:77
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZ98kD1mgDjDsfd8JGWbojmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTllYjYwNDAxOTNkZjA2ODEzNTA5MDVlNjM5ZDBlNThk
NWY5ZGYwHhcNMjUwNDI4MTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ViZmU2N2I1ZGFlYTU3ZWEzMWI5N2I3YWYyMDdhNzZlNmRkNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3N3FNfelzdqT1CFrUYu9umw/Qnrt
tlQKewP5xNRJOKx1WVW6/w41BrJhbkPatNQpOWM7eNwQgHqxvmy4YXZT/rdBcUHi
tP4DR/mGgP2ymue2i/1BNEbQir9TzRU6wy8kzroFFZ8znLrmvTrdwl6kOK5XPBgO
p1UpRPxB7BK3IEVN9JVs9JQ1xYsy1kQuUJ13u5fAtrcXQxqe7pNXq+jSjb07vgn4
7lLtb7qkQUjcp6VGtTBH6Uh/Tx0P4vUrxfRgr3Rbp/GEo9mmZXZX3YzKjqZqRoc/
sxt45mnnewInEOaMEIYvB+/b+j1yGFHHfHoiUQlqgl4Lk6WZ9heTpQw+BwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPPr/me12upX6jG5e3ryB6dubdbAMB8GA1UdIwQY
MBaAFBZZ62BAGT3waBNQkF5jnQ5Y1fnfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxucllFQVpQZkJvRTFDUVhtT2REbGpWLWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mZjUxMzMtY2ExMS00MmRiLWIwM2Qt
NTQ0ODU1Y2M0ZjU3LzEvOC12LVo3WGE2bGZxTWJsN2V2SUhwMjV0MXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mZjUxMzMtY2ExMS00MmRiLWIwM2QtNTQ0ODU1Y2M0ZjU3
LzEvRmxucllFQVpQZkJvRTFDUVhtT2REbGpWLWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuZpQMBgE
AgACMBIDBwAqBfUAAAIDBwAqBfUHAHcwDQYJKoZIhvcNAQELBQADggEBACM6Z9+S
GNxBh9lQeKYdfbJXM+MvW7zoCatMGrPwA3r76gxVb+3i5HC3EnWQBgj5DBfa2eDu
gE/zK4KR2vNM8Kgt67QG09C4w1JYa2eX5z7i6xbvobojbUEok2u5FAVP/k6Eds4s
TeAQ1e1hdJWupRjiBeXYiaD7y2g9C8jydL/lWvOMBgP/xJ+D3rw5TmNi4KRcufxs
+b7SmjB5nvOZ4vVbc+fsWiSG+A1VimIq7la0AH9oHqUKVk7muwT33d+wfHq49RDL
RJM8yINKPQkKxKQDcDI4pXk8sjzPGLLARivk98vMvI7KKdNk8HQeZs3Wn7K3tU+A
cAuVj4Z2jsPmXHc=
-----END CERTIFICATE-----
Generated at Sat May 10 21:02:05 2025 by rpki-client