Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/C4mXoWlE0u2rZTvygZOHRccieT0.roa
File: C4mXoWlE0u2rZTvygZOHRccieT0.roa (raw, json)
Hash identifier: 2pjG126FZCESeR0DqPSbBLsbSndNcZCXbWy82O0JVRw=
Subject key identifier: 0B:89:97:A1:69:44:D2:ED:AB:65:3B:F2:81:93:87:45:C7:22:79:3D
Certificate issuer: /CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Certificate serial: 01971AC3E3D1EC3B3B76692C0551C42D6E58
Authority key identifier: 0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/C4mXoWlE0u2rZTvygZOHRccieT0.roa
Signing time: Thu 29 May 2025 06:38:54 +0000
ROA not before: Thu 29 May 2025 06:38:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 85.85.104.0/21 maxlen: 21
85.85.112.0/20 maxlen: 20
85.85.160.0/20 maxlen: 21
85.85.176.0/20 maxlen: 21
85.85.200.0/21 maxlen: 21
85.85.224.0/20 maxlen: 20
85.86.24.0/21 maxlen: 21
85.86.32.0/21 maxlen: 21
85.86.56.0/21 maxlen: 21
85.86.64.0/21 maxlen: 21
85.86.208.0/21 maxlen: 21
85.86.232.0/21 maxlen: 21
85.87.0.0/16 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 00:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:c3:e3:d1:ec:3b:3b:76:69:2c:05:51:c4:2d:6e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Validity
Not Before: May 29 06:38:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b8997a16944d2edab653bf281938745c722793d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:09:09:e5:8a:9d:16:3d:c3:b9:39:6c:38:c3:
50:61:47:0f:6c:89:ce:60:0e:a1:56:23:97:14:32:
72:20:ea:21:e8:7e:47:6f:27:d2:59:58:9a:21:67:
1e:37:8c:1a:c5:63:16:5c:30:72:28:e7:20:9e:ad:
fe:08:88:a3:ad:e6:0a:40:9d:54:cd:f4:db:b5:82:
6a:4b:8b:01:76:31:cd:fc:06:e3:02:61:0f:1c:5d:
c3:a0:fc:69:eb:77:0f:8d:6e:31:45:69:9b:f9:8b:
20:ce:b8:0a:7d:9a:66:18:96:17:ee:b8:b5:47:1d:
5e:49:b2:53:28:bd:eb:58:af:db:2b:54:cb:84:d8:
c8:ca:15:c2:83:96:53:e8:6c:93:9e:1b:10:4f:03:
34:3d:58:20:ef:5e:ef:66:65:39:45:e3:13:d8:fa:
33:08:87:b8:47:bd:d0:3c:9e:49:58:ee:90:15:5c:
b9:be:4c:ff:2b:e8:6a:1b:e4:3a:12:be:69:63:8f:
75:2e:22:e3:0b:04:c1:9d:da:33:09:d3:22:b7:53:
6a:f8:f0:c6:0f:78:68:c5:c9:8a:96:ad:48:a4:1e:
30:0b:24:4c:4a:cf:7b:45:8b:5a:45:b9:5d:b0:ad:
6d:26:a9:d9:34:15:00:0b:01:f7:49:29:28:4d:4a:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:89:97:A1:69:44:D2:ED:AB:65:3B:F2:81:93:87:45:C7:22:79:3D
X509v3 Authority Key Identifier:
keyid:0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/C4mXoWlE0u2rZTvygZOHRccieT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.85.104.0-85.85.127.255
85.85.160.0/19
85.85.200.0/21
85.85.224.0/20
85.86.24.0-85.86.39.255
85.86.56.0-85.86.71.255
85.86.208.0/21
85.86.232.0/21
85.87.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:22:14:5c:fe:74:82:30:66:eb:1c:32:b3:94:00:1a:64:4c:
a8:c7:a5:9d:56:72:ee:32:d6:1a:0e:18:f9:8e:64:0c:24:a5:
04:cd:27:a6:29:16:85:ea:db:6c:93:7e:48:2a:5d:7a:1c:bf:
6f:6e:51:1b:f6:94:6d:5f:f6:0b:35:20:5e:97:8f:df:4b:bf:
1c:1f:f4:c5:e0:96:e7:c4:39:c6:6a:64:ad:73:40:ab:a7:7d:
d4:a8:16:4b:97:82:71:94:af:19:8d:23:07:76:46:08:c8:25:
00:90:2a:d7:0b:1e:4a:21:62:29:07:65:e1:e7:0d:fd:69:01:
00:2e:96:c9:7d:4a:55:e9:33:63:cd:05:4d:f1:7e:04:ae:3b:
c5:c1:35:75:7e:df:bd:31:69:d8:8e:7e:dd:9a:25:dc:6d:21:
ca:ca:67:5a:a5:2f:aa:ae:c4:ca:1b:0d:68:8a:df:66:a5:f6:
e7:72:93:8e:36:24:90:87:2d:39:1f:31:f2:2b:e5:0b:79:d1:
9f:ca:cc:8e:f2:a6:e3:37:b6:8c:84:97:1a:78:cc:47:fe:df:
a6:ce:2e:86:6e:91:79:34:cd:d9:cb:ed:cc:4a:38:55:c5:79:
a3:3f:d5:a4:47:09:87:0f:fe:4d:45:1c:54:4d:1a:f7:3d:ad:
07:a0:dc:b1
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZcaw+PR7Ds7dmksBVHELW5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZTM5YjQxMDc0YzdkNmFkYzhlZTI3NGUyMzlmN2I4ZWIz
NTg1ZTkwHhcNMjUwNTI5MDYzODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjg5OTdhMTY5NDRkMmVkYWI2NTNiZjI4MTkzODc0NWM3MjI3OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAkJ5YqdFj3DuTlsOMNQYUcPbInO
YA6hViOXFDJyIOoh6H5HbyfSWViaIWceN4waxWMWXDByKOcgnq3+CIijreYKQJ1U
zfTbtYJqS4sBdjHN/AbjAmEPHF3DoPxp63cPjW4xRWmb+YsgzrgKfZpmGJYX7ri1
Rx1eSbJTKL3rWK/bK1TLhNjIyhXCg5ZT6GyTnhsQTwM0PVgg717vZmU5ReMT2Poz
CIe4R73QPJ5JWO6QFVy5vkz/K+hqG+Q6Er5pY491LiLjCwTBndozCdMit1Nq+PDG
D3hoxcmKlq1IpB4wCyRMSs97RYtaRbldsK1tJqnZNBUACwH3SSkoTUomAwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAuJl6FpRNLtq2U78oGTh0XHInk9MB8GA1UdIwQY
MBaAFA/jm0EHTH1q3I7idOI597jrNYXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUt
MDRlODEyZDQ4ZTcyLzEvQzRtWG9XbEUwdTJyWlR2eWdaT0hSY2NpZVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUtMDRlODEyZDQ4ZTcy
LzEvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNMAwDBANVVWgD
BAdVVQADBAVVVaADBANVVcgDBARVVeAwDAMEA1VWGAMEA1VWIDAMAwQDVVY4AwQD
VVZAAwQDVVbQAwQDVVboAwMAVVcwDQYJKoZIhvcNAQELBQADggEBAJgiFFz+dIIw
ZuscMrOUABpkTKjHpZ1Wcu4y1hoOGPmOZAwkpQTNJ6YpFoXq22yTfkgqXXocv29u
URv2lG1f9gs1IF6Xj99Lvxwf9MXglufEOcZqZK1zQKunfdSoFkuXgnGUrxmNIwd2
RgjIJQCQKtcLHkohYikHZeHnDf1pAQAulsl9SlXpM2PNBU3xfgSuO8XBNXV+370x
adiOft2aJdxtIcrKZ1qlL6quxMobDWiK32al9udyk442JJCHLTkfMfIr5Qt50Z/K
zI7ypuM3toyElxp4zEf+36bOLoZukXk0zdnL7cxKOFXFeaM/1aRHCYcP/k1FHFRN
Gvc9rQeg3LE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:19:46 2025 by rpki-client