Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/c3yz1Xm3fr649PuxzYeiC0GyqPg.roa
File: c3yz1Xm3fr649PuxzYeiC0GyqPg.roa (raw, json)
Hash identifier: I/Ccv5oKVG1j/z4cFdG/fafH2WD7P5MCyaFq+J+EQdU=
Subject key identifier: 73:7C:B3:D5:79:B7:7E:BE:B8:F4:FB:B1:CD:87:A2:0B:41:B2:A8:F8
Certificate issuer: /CN=1659eb6040193df0681350905e639d0e58d5f9df
Certificate serial: 019423D7D2C9B30572341E74A3162CAACE74
Authority key identifier: 16:59:EB:60:40:19:3D:F0:68:13:50:90:5E:63:9D:0E:58:D5:F9:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/c3yz1Xm3fr649PuxzYeiC0GyqPg.roa
Signing time: Wed 01 Jan 2025 21:48:54 +0000
ROA not before: Wed 01 Jan 2025 21:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 185.154.80.0/22 maxlen: 24
185.154.80.0/24 maxlen: 24
185.154.81.0/24 maxlen: 24
185.154.82.0/24 maxlen: 24
185.154.83.0/24 maxlen: 24
2a05:f500:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d2:c9:b3:05:72:34:1e:74:a3:16:2c:aa:ce:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1659eb6040193df0681350905e639d0e58d5f9df
Validity
Not Before: Jan 1 21:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=737cb3d579b77ebeb8f4fbb1cd87a20b41b2a8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9c:35:f7:cb:83:87:a6:b0:85:cf:37:fc:29:
4a:0c:ab:9f:fe:32:5b:57:a8:8f:b3:6b:b5:b6:47:
1b:78:cc:ce:e0:3f:32:57:6a:45:0c:11:46:46:93:
47:a9:f0:41:ba:82:b6:6f:8a:b8:fb:c6:16:cc:b0:
d0:d7:10:de:68:ad:94:aa:c7:7c:fa:9d:b2:f9:11:
98:1d:1e:c3:9f:a4:a4:e7:f4:84:b0:8e:79:75:38:
88:03:71:56:e3:ea:bd:86:57:95:3b:95:ab:4c:cd:
14:a0:2e:ab:40:7f:8b:b1:1c:2f:1f:4f:9c:37:fd:
ab:b4:7f:4b:a1:d3:2a:2d:7b:97:2a:53:28:98:9e:
c4:b9:b9:39:c0:93:cf:1b:7d:e6:e4:d9:a9:62:fd:
2e:33:db:1c:38:ef:da:d2:ca:02:2a:ba:7a:ff:b4:
2a:ed:76:b7:c8:06:dd:c2:fe:d3:dc:60:54:3d:a5:
4f:2d:0b:c4:69:7e:d9:60:a8:35:7d:a5:28:10:d3:
0d:33:31:f6:56:21:92:62:1c:c0:15:44:e9:c8:27:
d2:54:eb:84:4b:9d:5e:22:b2:c1:b0:ca:c2:d9:2c:
37:90:e2:49:ae:ee:5f:ca:c4:c4:d1:d5:52:f1:7e:
4a:9b:2b:1f:c2:9d:f6:d4:57:39:75:64:5d:50:94:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7C:B3:D5:79:B7:7E:BE:B8:F4:FB:B1:CD:87:A2:0B:41:B2:A8:F8
X509v3 Authority Key Identifier:
keyid:16:59:EB:60:40:19:3D:F0:68:13:50:90:5E:63:9D:0E:58:D5:F9:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/c3yz1Xm3fr649PuxzYeiC0GyqPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.80.0/22
IPv6:
2a05:f500:2::/48
Signature Algorithm: sha256WithRSAEncryption
12:b9:57:78:62:97:bc:60:11:ac:b2:0b:b7:ca:69:c9:ff:83:
fe:bb:bc:43:0f:4d:bc:68:79:04:80:8d:21:dc:24:41:fa:bb:
31:23:a6:fe:ec:ef:7c:64:0f:e1:8d:74:71:0a:b1:56:fc:fd:
c8:6e:15:ee:67:01:6c:96:52:cc:df:53:96:5a:e5:5d:6c:4a:
65:96:3d:e2:c4:e9:97:43:3c:e3:78:ab:63:bc:59:78:98:4d:
17:ee:1d:69:6e:5d:a1:1f:a2:04:ff:65:e5:cb:5c:05:af:4f:
e4:5c:94:bf:76:8c:32:a2:00:cd:ad:6d:9b:10:a8:dd:79:4a:
fd:74:01:b9:92:c3:e6:81:eb:45:62:2d:30:ae:b0:81:ca:7c:
7b:d7:1b:c4:31:2c:71:ec:17:15:c5:24:3a:74:1f:6b:a5:fb:
c7:35:1e:7b:6a:e4:07:28:88:3e:32:79:9a:aa:d0:5e:11:5f:
3d:e6:c2:73:e1:57:fb:6b:95:f8:7e:71:df:03:44:d0:b8:bf:
51:ba:00:e5:f0:3d:d8:cd:da:b8:f0:3b:f9:13:03:67:f0:5b:
a4:1f:e9:8a:8a:c2:f7:4d:3f:7a:ed:ec:f7:6c:bd:36:ca:d9:
94:41:07:75:4f:33:18:97:76:b2:cc:1a:d1:8d:22:35:54:a7:
99:b6:82:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj19LJswVyNB50oxYsqs50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTllYjYwNDAxOTNkZjA2ODEzNTA5MDVlNjM5ZDBlNThk
NWY5ZGYwHhcNMjUwMTAxMjE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdjYjNkNTc5Yjc3ZWJlYjhmNGZiYjFjZDg3YTIwYjQxYjJhOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65w198uDh6awhc83/ClKDKuf/jJb
V6iPs2u1tkcbeMzO4D8yV2pFDBFGRpNHqfBBuoK2b4q4+8YWzLDQ1xDeaK2Uqsd8
+p2y+RGYHR7Dn6Sk5/SEsI55dTiIA3FW4+q9hleVO5WrTM0UoC6rQH+LsRwvH0+c
N/2rtH9LodMqLXuXKlMomJ7Eubk5wJPPG33m5NmpYv0uM9scOO/a0soCKrp6/7Qq
7Xa3yAbdwv7T3GBUPaVPLQvEaX7ZYKg1faUoENMNMzH2ViGSYhzAFUTpyCfSVOuE
S51eIrLBsMrC2Sw3kOJJru5fysTE0dVS8X5Kmysfwp321Fc5dWRdUJQ7/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHN8s9V5t36+uPT7sc2HogtBsqj4MB8GA1UdIwQY
MBaAFBZZ62BAGT3waBNQkF5jnQ5Y1fnfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxucllFQVpQZkJvRTFDUVhtT2REbGpWLWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mZjUxMzMtY2ExMS00MmRiLWIwM2Qt
NTQ0ODU1Y2M0ZjU3LzEvYzN5ejFYbTNmcjY0OVB1eHpZZWlDMEd5cVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mZjUxMzMtY2ExMS00MmRiLWIwM2QtNTQ0ODU1Y2M0ZjU3
LzEvRmxucllFQVpQZkJvRTFDUVhtT2REbGpWLWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuZpQMA8E
AgACMAkDBwAqBfUAAAIwDQYJKoZIhvcNAQELBQADggEBABK5V3hil7xgEayyC7fK
acn/g/67vEMPTbxoeQSAjSHcJEH6uzEjpv7s73xkD+GNdHEKsVb8/chuFe5nAWyW
UszfU5Za5V1sSmWWPeLE6ZdDPON4q2O8WXiYTRfuHWluXaEfogT/ZeXLXAWvT+Rc
lL92jDKiAM2tbZsQqN15Sv10AbmSw+aB60ViLTCusIHKfHvXG8QxLHHsFxXFJDp0
H2ul+8c1Hntq5AcoiD4yeZqq0F4RXz3mwnPhV/trlfh+cd8DRNC4v1G6AOXwPdjN
2rjwO/kTA2fwW6Qf6YqKwvdNP3rt7PdsvTbK2ZRBB3VPMxiXdrLMGtGNIjVUp5m2
gmk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:49 2025 by rpki-client