Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/8YTLS_1mFrh55A62a2mBS518iAg.roa
File: 8YTLS_1mFrh55A62a2mBS518iAg.roa (raw, json)
Hash identifier: b+QiLic550TpA6gu3XGSKkJ7N3n9C2SCnWL5+/s9Vr0=
Subject key identifier: F1:84:CB:4B:FD:66:16:B8:79:E4:0E:B6:6B:69:81:4B:9D:7C:88:08
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 0197E8D768780F3200453968982950C7549D
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/8YTLS_1mFrh55A62a2mBS518iAg.roa
Signing time: Tue 08 Jul 2025 07:02:00 +0000
ROA not before: Tue 08 Jul 2025 07:02:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201808
IP address blocks: 185.50.128.0/22 maxlen: 22
185.240.156.0/22 maxlen: 22
2a01:a5e0::/32 maxlen: 32
2a0a:da80::/29 maxlen: 29
2a0c:8c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 13:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e8:d7:68:78:0f:32:00:45:39:68:98:29:50:c7:54:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jul 8 07:02:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f184cb4bfd6616b879e40eb66b69814b9d7c8808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:82:f0:a2:26:79:77:cd:b6:2d:79:e6:5f:cb:
93:47:15:5f:83:dc:16:4d:54:44:38:99:c5:9d:fb:
91:c9:5e:06:62:11:d9:93:f4:6c:01:c0:75:13:ee:
fd:5f:bd:f3:77:1a:ab:aa:39:79:5c:1f:51:8f:4a:
44:65:10:92:40:c1:fb:70:65:19:a3:94:a1:d0:ef:
14:56:35:63:fa:fb:4b:82:b5:77:4e:c5:8a:35:88:
7f:1c:ba:60:f7:bf:d1:e8:92:cc:a5:72:60:90:f0:
ea:a8:f4:36:cb:7c:1e:05:dd:58:17:32:81:37:71:
4b:73:2e:ae:84:2c:fc:f7:8d:c2:30:b9:65:a7:6e:
7d:62:bb:14:90:88:fa:4f:2f:9a:b3:94:38:11:f8:
c7:c3:77:4c:70:be:06:e2:84:d2:3f:53:4c:53:99:
ad:9c:11:00:dd:24:9c:c4:d8:cb:59:dd:b8:b4:17:
5a:2b:51:15:a5:58:98:4f:f6:82:49:8f:17:8a:2a:
fb:18:4c:37:f3:a1:41:91:83:8b:1e:1c:1d:ca:7e:
dd:e4:05:84:5f:64:06:c9:9e:b2:e6:50:9d:c9:78:
3c:7f:a8:87:58:b1:eb:be:32:a9:06:84:8b:c8:01:
51:ad:73:b8:ea:27:70:a6:99:ca:0e:88:b2:ca:0f:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:84:CB:4B:FD:66:16:B8:79:E4:0E:B6:6B:69:81:4B:9D:7C:88:08
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/8YTLS_1mFrh55A62a2mBS518iAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.128.0/22
185.240.156.0/22
IPv6:
2a01:a5e0::/32
2a0a:da80::/29
2a0c:8c80::/32
Signature Algorithm: sha256WithRSAEncryption
8b:ae:3b:b4:04:74:59:59:ca:a6:67:c5:44:04:ec:df:28:4f:
9c:da:bf:e3:18:b6:29:79:0a:f3:42:f9:0b:c5:a9:d3:c5:8b:
5c:01:d9:0f:3c:6f:91:2b:b9:08:7b:db:02:3e:8c:0c:31:5c:
3d:d7:da:b0:ff:2b:a3:cf:b3:69:ec:6e:e2:ed:f3:62:ec:b8:
a6:2e:72:9c:f8:f8:9f:75:5d:33:1b:93:5e:52:cf:00:4e:7c:
f2:a8:f2:b4:73:d6:03:73:ee:16:2b:04:a7:e4:ff:a8:a1:2a:
13:f8:18:09:02:1d:f7:6b:4a:9b:8f:3f:4d:a0:a6:a4:7b:49:
58:c3:50:1b:d0:d0:cc:6c:cb:c6:02:ed:54:af:01:70:99:2d:
d8:e3:c6:38:7d:10:1b:23:24:71:77:02:fa:8b:0d:73:37:70:
c8:76:5f:ac:cf:74:7e:f0:9c:c9:87:e1:c2:25:e1:02:c3:85:
0d:61:4f:c0:1d:83:53:c1:fc:b7:1b:58:e0:cc:66:c1:c8:f3:
8d:38:af:e1:3f:c9:ac:8f:d0:7d:00:f3:58:f7:c6:87:35:de:
60:f7:a4:bd:da:bc:3e:53:2e:f2:ad:02:1f:9a:bb:f2:95:f4:
d1:b5:74:d8:38:df:3b:6b:a2:d2:52:72:5d:52:68:ca:5a:3a:
5b:97:07:27
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZfo12h4DzIARTlomClQx1SdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjUwNzA4MDcwMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTg0Y2I0YmZkNjYxNmI4NzllNDBlYjY2YjY5ODE0YjlkN2M4ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhILwoiZ5d822LXnmX8uTRxVfg9wW
TVREOJnFnfuRyV4GYhHZk/RsAcB1E+79X73zdxqrqjl5XB9Rj0pEZRCSQMH7cGUZ
o5Sh0O8UVjVj+vtLgrV3TsWKNYh/HLpg97/R6JLMpXJgkPDqqPQ2y3weBd1YFzKB
N3FLcy6uhCz8943CMLllp259YrsUkIj6Ty+as5Q4EfjHw3dMcL4G4oTSP1NMU5mt
nBEA3SScxNjLWd24tBdaK1EVpViYT/aCSY8Xiir7GEw386FBkYOLHhwdyn7d5AWE
X2QGyZ6y5lCdyXg8f6iHWLHrvjKpBoSLyAFRrXO46idwppnKDoiyyg8IjwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPGEy0v9Zha4eeQOtmtpgUudfIgIMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvOFlUTFNfMW1Gcmg1NUE2MmEybUJTNTE4aUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCuTKAAwQC
ufCcMBsEAgACMBUDBQAqAaXgAwUDKgragAMFACoMjIAwDQYJKoZIhvcNAQELBQAD
ggEBAIuuO7QEdFlZyqZnxUQE7N8oT5zav+MYtil5CvNC+QvFqdPFi1wB2Q88b5Er
uQh72wI+jAwxXD3X2rD/K6PPs2nsbuLt82LsuKYucpz4+J91XTMbk15SzwBOfPKo
8rRz1gNz7hYrBKfk/6ihKhP4GAkCHfdrSpuPP02gpqR7SVjDUBvQ0Mxsy8YC7VSv
AXCZLdjjxjh9EBsjJHF3AvqLDXM3cMh2X6zPdH7wnMmH4cIl4QLDhQ1hT8Adg1PB
/LcbWODMZsHI8404r+E/yayP0H0A81j3xoc13mD3pL3avD5TLvKtAh+au/KV9NG1
dNg43ztrotJScl1SaMpaOluXByc=
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:33:55 2025 by rpki-client