Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/8lPw_ga_FoSSpmboRwfajYdx-go.roa
File: 8lPw_ga_FoSSpmboRwfajYdx-go.roa (raw, json)
Hash identifier: JloEp5W3jYXSF6n1lKX3TTBhUm7QwMzhp+1X0sR8wMg=
Subject key identifier: F2:53:F0:FE:06:BF:16:84:92:A6:66:E8:47:07:DA:8D:87:71:FA:0A
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 019D65D49D2293E81242CCD3DC14BBBB2B4C
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/8lPw_ga_FoSSpmboRwfajYdx-go.roa
Signing time: Tue 07 Apr 2026 02:45:25 +0000
ROA not before: Tue 07 Apr 2026 02:45:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 273113
IP address blocks: 45.85.180.0/22 maxlen: 22
45.85.180.0/23 maxlen: 23
45.85.180.0/24 maxlen: 24
45.85.181.0/24 maxlen: 24
45.85.182.0/23 maxlen: 23
45.85.182.0/24 maxlen: 24
45.85.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 23:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:65:d4:9d:22:93:e8:12:42:cc:d3:dc:14:bb:bb:2b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Apr 7 02:45:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f253f0fe06bf168492a666e84707da8d8771fa0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ff:cb:10:ec:99:dd:b3:09:e9:e6:fd:68:79:
82:d3:7d:00:3c:62:79:8e:26:f9:77:89:ec:9b:b1:
6f:69:ac:17:75:3b:1f:0e:31:d3:d0:f6:36:5c:e8:
11:b8:9d:fd:7d:ff:ca:96:a4:f3:8a:f2:dd:b9:c7:
30:51:0a:d1:91:67:7e:3e:b9:fd:45:a7:db:6d:31:
59:28:05:e0:d3:03:d7:60:3f:5b:f5:37:b7:5b:49:
ee:93:6a:77:20:22:5a:8f:e4:be:f5:a2:27:5f:fb:
c6:69:27:e6:8d:77:29:36:64:08:bb:fd:9a:ea:14:
5a:a1:f6:e4:af:5b:6c:f7:51:84:65:54:8f:5f:36:
e7:da:1f:b3:85:11:ab:c0:97:d5:94:59:72:c5:5a:
08:f9:9e:03:e8:7f:95:1c:b7:59:c5:9a:33:25:fb:
4b:31:83:07:0b:37:1c:15:87:ed:03:38:c3:5e:dc:
44:a9:06:d9:62:3f:92:a8:15:c5:6b:08:69:bc:33:
98:53:4b:5f:e7:95:88:87:04:80:bc:0a:b6:ff:2a:
17:8b:05:89:7c:5d:ad:20:f1:37:5e:9b:f8:35:c5:
4d:be:36:a6:49:f2:3d:f7:5e:c2:ae:b6:84:9d:ae:
01:6c:92:05:60:7d:ae:52:0d:6a:28:b8:d3:d5:2b:
be:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:53:F0:FE:06:BF:16:84:92:A6:66:E8:47:07:DA:8D:87:71:FA:0A
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/8lPw_ga_FoSSpmboRwfajYdx-go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:88:80:d5:18:e1:1c:39:c5:24:12:c9:eb:36:2a:21:83:26:
2d:25:5b:d7:7e:ce:1a:82:f7:ae:65:a0:8a:2f:0f:20:97:11:
f3:25:dc:21:22:14:cc:35:34:33:3e:d8:d9:ed:00:ac:c6:bb:
1f:28:09:bd:75:38:30:c5:ff:c0:a5:b1:60:b1:55:3e:dd:1c:
69:03:f6:e0:06:36:b4:77:19:4e:a9:27:07:a7:2f:7b:7c:40:
35:1d:ee:90:dc:dd:d6:51:6e:cc:5f:a0:de:90:e8:74:a6:9f:
26:b6:4d:93:44:5f:4a:a7:37:90:3d:76:3f:93:8e:7b:72:02:
0b:f1:46:ee:cc:04:54:27:42:c6:ad:0b:b5:39:f3:7e:50:74:
bc:56:cb:3d:fb:d9:f5:68:58:ff:2d:8d:30:87:8f:06:d0:ae:
57:7c:44:c3:20:4f:a9:91:89:45:2d:99:5c:a6:b3:75:bc:5e:
05:a5:ea:5a:f6:61:3d:9a:ec:48:e9:10:af:93:fb:44:17:3d:
d1:44:7b:98:6d:36:99:c5:06:7f:92:ee:92:70:99:bb:db:5d:
28:db:e8:71:65:2e:b7:95:4a:cc:60:1e:19:26:95:31:21:52:
a5:95:76:0d:c5:1d:83:da:90:3f:5b:7c:c9:d5:6a:58:89:b9:
15:45:05:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1l1J0ik+gSQszT3BS7uytMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjYwNDA3MDI0NTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUzZjBmZTA2YmYxNjg0OTJhNjY2ZTg0NzA3ZGE4ZDg3NzFmYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3v/LEOyZ3bMJ6eb9aHmC030APGJ5
jib5d4nsm7FvaawXdTsfDjHT0PY2XOgRuJ39ff/KlqTzivLduccwUQrRkWd+Prn9
RafbbTFZKAXg0wPXYD9b9Te3W0nuk2p3ICJaj+S+9aInX/vGaSfmjXcpNmQIu/2a
6hRaofbkr1ts91GEZVSPXzbn2h+zhRGrwJfVlFlyxVoI+Z4D6H+VHLdZxZozJftL
MYMHCzccFYftAzjDXtxEqQbZYj+SqBXFawhpvDOYU0tf55WIhwSAvAq2/yoXiwWJ
fF2tIPE3Xpv4NcVNvjamSfI9917CrraEna4BbJIFYH2uUg1qKLjT1Su+4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJT8P4GvxaEkqZm6EcH2o2HcfoKMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvOGxQd19nYV9Gb1NTcG1ib1J3ZmFqWWR4LWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVW0MA0G
CSqGSIb3DQEBCwUAA4IBAQAqiIDVGOEcOcUkEsnrNiohgyYtJVvXfs4agveuZaCK
Lw8glxHzJdwhIhTMNTQzPtjZ7QCsxrsfKAm9dTgwxf/ApbFgsVU+3RxpA/bgBja0
dxlOqScHpy97fEA1He6Q3N3WUW7MX6DekOh0pp8mtk2TRF9KpzeQPXY/k457cgIL
8UbuzARUJ0LGrQu1OfN+UHS8Vss9+9n1aFj/LY0wh48G0K5XfETDIE+pkYlFLZlc
prN1vF4Fpepa9mE9muxI6RCvk/tEFz3RRHuYbTaZxQZ/ku6ScJm7210o2+hxZS63
lUrMYB4ZJpUxIVKllXYNxR2D2pA/W3zJ1WpYibkVRQXp
-----END CERTIFICATE-----
Generated at Wed Apr 8 07:39:55 2026 by rpki-client