Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/h_aVeyWAhyIXUAM9oeSx15liAiM.roa
File: h_aVeyWAhyIXUAM9oeSx15liAiM.roa (raw, json)
Hash identifier: hv39e2N25/bI+YhyIVAOqVFMdikRy2tXVlzLcuRexMM=
Subject key identifier: 87:F6:95:7B:25:80:87:22:17:50:03:3D:A1:E4:B1:D7:99:62:02:23
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0198266B5C2D1EE3189F481B1C42A96311A2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/h_aVeyWAhyIXUAM9oeSx15liAiM.roa
Signing time: Sun 20 Jul 2025 06:00:26 +0000
ROA not before: Sun 20 Jul 2025 06:00:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214922
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:26:6b:5c:2d:1e:e3:18:9f:48:1b:1c:42:a9:63:11:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 20 06:00:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87f6957b258087221750033da1e4b1d799620223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a4:d7:9c:0b:46:37:9c:04:e0:27:1b:91:92:
a6:13:94:f2:a2:df:33:54:a9:fa:ff:ad:8a:b9:e7:
c9:e8:b7:33:d3:8b:b3:65:ea:bc:9f:e9:12:78:71:
25:74:d2:f0:66:48:d7:1a:37:ac:7d:b9:30:7a:68:
39:3d:75:33:64:a8:d8:4f:88:cf:a2:66:04:5e:af:
13:7b:3a:63:4d:ff:82:67:d7:cd:13:40:3f:51:87:
a9:fa:0a:51:87:db:fe:6b:fc:e7:f3:4a:fb:a8:89:
66:b0:06:83:6e:e5:4a:54:56:f6:2c:2e:64:1c:16:
93:be:9f:32:09:70:c2:40:45:1a:bb:10:da:77:40:
c2:e4:7b:e8:41:bf:1e:e3:c0:1f:03:7f:d6:ce:7b:
17:ab:f8:55:fc:ae:0f:0e:60:e2:26:fe:3c:f9:99:
4b:69:0b:6e:e8:a9:e4:64:85:16:17:9e:54:5e:13:
81:bd:80:21:e2:92:bb:d7:e5:64:ed:5c:b1:a3:1f:
b5:36:cc:47:15:80:39:3e:cb:f6:26:38:b3:95:87:
8d:cd:5e:04:22:d3:06:a6:32:96:36:27:6b:1c:cd:
60:22:c0:16:ad:ae:30:af:c9:45:33:4a:92:ea:60:
4a:9b:99:90:31:6f:ff:78:50:84:dc:aa:5d:92:db:
b9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F6:95:7B:25:80:87:22:17:50:03:3D:A1:E4:B1:D7:99:62:02:23
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/h_aVeyWAhyIXUAM9oeSx15liAiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0-85.133.204.255
85.133.228.0/24
85.133.238.0/24
85.133.241.0/24
Signature Algorithm: sha256WithRSAEncryption
08:31:f3:f1:19:03:b5:08:27:bd:79:1a:5e:be:d8:a9:d6:a0:
cf:21:fc:8a:ae:56:36:1d:f1:bb:da:54:a1:1e:09:84:dc:56:
f3:1b:97:d2:21:b4:00:51:5d:9c:76:d3:a4:25:6c:60:ef:2c:
bd:12:07:a6:5b:57:ab:0d:2c:99:48:62:20:d8:cb:fd:1e:21:
f0:46:75:7e:44:a6:1b:40:0b:06:45:60:5f:40:cc:fe:df:68:
c3:1f:f1:de:bf:a0:c5:7d:a6:3f:20:04:a5:ef:19:e9:08:bb:
ed:e4:70:c8:c2:9f:12:ed:bd:94:f7:cf:85:94:49:c2:d6:69:
fa:1d:7e:76:60:d0:5e:f4:6b:09:c5:d9:f6:da:31:24:5d:2a:
d0:fe:d4:57:e5:1a:1e:4f:f8:4c:9c:95:96:9e:25:cb:90:ff:
12:f3:f0:7a:60:19:37:22:60:81:be:40:a4:24:f5:81:4b:7e:
26:cb:7a:72:9a:cd:77:33:fa:71:25:8a:8d:bb:7e:86:77:41:
f8:8a:46:73:6a:cf:bb:cb:c8:d7:75:0e:1c:91:69:4f:b3:3c:
86:d3:08:8d:c2:fb:f1:75:38:84:c5:5f:2f:6b:38:f7:f2:0d:
57:50:6f:f0:33:50:be:a2:12:ce:30:fe:c0:51:68:63:dd:96:
e1:d4:ae:64
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZgma1wtHuMYn0gbHEKpYxGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNzIwMDYwMDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y2OTU3YjI1ODA4NzIyMTc1MDAzM2RhMWU0YjFkNzk5NjIwMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKTXnAtGN5wE4CcbkZKmE5Tyot8z
VKn6/62KuefJ6Lcz04uzZeq8n+kSeHEldNLwZkjXGjesfbkwemg5PXUzZKjYT4jP
omYEXq8TezpjTf+CZ9fNE0A/UYep+gpRh9v+a/zn80r7qIlmsAaDbuVKVFb2LC5k
HBaTvp8yCXDCQEUauxDad0DC5HvoQb8e48AfA3/WznsXq/hV/K4PDmDiJv48+ZlL
aQtu6KnkZIUWF55UXhOBvYAh4pK71+Vk7Vyxox+1NsxHFYA5Psv2JjizlYeNzV4E
ItMGpjKWNidrHM1gIsAWra4wr8lFM0qS6mBKm5mQMW//eFCE3Kpdktu5WwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIf2lXslgIciF1ADPaHksdeZYgIjMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvaF9hVmV5V0FoeUlYVUFNOW9lU3gxNWxpQWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABVhckD
BABVhcwDBABVheQDBABVhe4DBABVhfEwDQYJKoZIhvcNAQELBQADggEBAAgx8/EZ
A7UIJ715Gl6+2KnWoM8h/IquVjYd8bvaVKEeCYTcVvMbl9IhtABRXZx206QlbGDv
LL0SB6ZbV6sNLJlIYiDYy/0eIfBGdX5EphtACwZFYF9AzP7faMMf8d6/oMV9pj8g
BKXvGekIu+3kcMjCnxLtvZT3z4WUScLWafodfnZg0F70awnF2fbaMSRdKtD+1Ffl
Gh5P+EyclZaeJcuQ/xLz8HpgGTciYIG+QKQk9YFLfibLenKazXcz+nElio27foZ3
QfiKRnNqz7vLyNd1DhyRaU+zPIbTCI3C+/F1OITFXy9rOPfyDVdQb/AzUL6iEs4w
/sBRaGPdluHUrmQ=
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:56:59 2025 by rpki-client