Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7EwFuJf9nnQnzPh2D1JxltiEKYo.roa
File: 7EwFuJf9nnQnzPh2D1JxltiEKYo.roa (raw, json)
Hash identifier: EwJeqB+Hyr9+lTeyi/kkdkbvr/H81d6CccG0b+7FFDI=
Subject key identifier: EC:4C:05:B8:97:FD:9E:74:27:CC:F8:76:0F:52:71:96:D8:84:29:8A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0196344E786B8581DE3384DF0E4FFE5C7174
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7EwFuJf9nnQnzPh2D1JxltiEKYo.roa
Signing time: Mon 14 Apr 2025 12:37:59 +0000
ROA not before: Mon 14 Apr 2025 12:37:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:4e:78:6b:85:81:de:33:84:df:0e:4f:fe:5c:71:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 14 12:37:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec4c05b897fd9e7427ccf8760f527196d884298a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fe:98:7c:d1:e9:57:bc:e9:57:ef:93:69:13:
db:49:f4:78:3c:7f:2d:e2:d0:83:e2:5d:69:ef:9b:
9b:ed:f7:89:8e:cd:ce:13:ed:34:93:5c:b7:f6:d9:
b7:67:7e:4a:94:8c:73:9e:97:b9:10:48:03:35:09:
44:af:13:ac:d0:34:ad:68:a7:56:0c:a0:ff:4e:e6:
9e:07:12:79:73:c4:e5:52:51:ac:66:94:15:ab:3b:
4e:90:19:48:5c:cd:2a:a8:ec:fe:0c:73:ee:51:32:
9c:0c:3d:80:33:47:fe:14:b8:9d:a6:be:bc:91:6f:
83:c8:fd:d9:7f:fd:69:10:03:db:6e:67:a2:47:51:
25:bd:e9:d5:1a:97:46:6c:34:d1:52:19:05:74:3a:
75:d6:7b:43:63:d7:50:02:6e:5d:01:dd:a2:12:6f:
34:13:d3:8e:20:61:12:d4:9a:b3:9a:7f:15:5a:a7:
b4:a4:ca:75:1d:e3:38:fe:25:95:c4:93:1d:d6:e1:
0f:36:f5:51:dc:e5:f6:02:cd:94:a7:22:2d:de:1a:
7a:6e:db:d1:9f:bb:90:a3:94:48:00:c6:3c:21:dc:
10:f0:02:a1:39:13:71:88:b5:b6:62:37:36:b2:1d:
21:d6:27:70:14:c9:fe:c3:11:86:e9:0e:30:ae:10:
92:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4C:05:B8:97:FD:9E:74:27:CC:F8:76:0F:52:71:96:D8:84:29:8A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7EwFuJf9nnQnzPh2D1JxltiEKYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.216.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:c2:ab:a1:20:87:f5:19:f1:b5:0d:93:39:1d:ee:e7:bd:66:
16:62:d8:5c:07:fa:9d:7c:f8:3d:38:8c:d6:86:b3:ee:21:e7:
ba:d7:b7:88:27:57:c0:a0:9b:29:1a:51:a3:c0:c9:cf:32:6c:
c8:a5:f3:24:e1:9f:5b:36:11:0f:49:39:f1:b5:0c:8f:db:de:
99:07:ab:84:75:43:d9:fb:c4:ef:3e:58:b2:cb:9b:99:96:04:
7f:2e:84:ef:c5:58:21:49:6e:31:01:6d:48:cc:13:dc:47:c1:
6b:c8:2e:77:f9:76:e9:e3:fd:1a:70:99:67:1b:39:ff:63:16:
4f:7f:03:c4:7d:74:31:ac:9b:44:f5:eb:2a:fc:7d:6a:c0:14:
4e:e7:ed:b0:9a:77:20:3b:19:a7:51:d5:56:c9:b2:c9:ef:bf:
67:23:75:73:c9:b4:8f:d5:f6:7b:89:4e:8f:f1:90:ed:32:4d:
f6:5c:ee:50:f6:84:62:92:61:22:6e:b5:f6:34:37:54:36:f5:
fc:08:04:f9:46:d9:c0:07:77:80:4f:62:38:12:78:4a:56:33:
31:ac:d8:ff:e6:ee:dc:2a:32:45:ed:c7:68:21:88:e1:66:87:
ca:9e:77:d0:0f:fa:da:bc:70:9e:2d:91:f9:31:ee:c3:cc:bc:
a2:0c:5e:16
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZY0TnhrhYHeM4TfDk/+XHF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNDE0MTIzNzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRjMDViODk3ZmQ5ZTc0MjdjY2Y4NzYwZjUyNzE5NmQ4ODQyOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/6YfNHpV7zpV++TaRPbSfR4PH8t
4tCD4l1p75ub7feJjs3OE+00k1y39tm3Z35KlIxznpe5EEgDNQlErxOs0DStaKdW
DKD/TuaeBxJ5c8TlUlGsZpQVqztOkBlIXM0qqOz+DHPuUTKcDD2AM0f+FLidpr68
kW+DyP3Zf/1pEAPbbmeiR1ElvenVGpdGbDTRUhkFdDp11ntDY9dQAm5dAd2iEm80
E9OOIGES1Jqzmn8VWqe0pMp1HeM4/iWVxJMd1uEPNvVR3OX2As2UpyIt3hp6btvR
n7uQo5RIAMY8IdwQ8AKhORNxiLW2Yjc2sh0h1idwFMn+wxGG6Q4wrhCSlQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOxMBbiX/Z50J8z4dg9ScZbYhCmKMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvN0V3RnVKZjlublFuelBoMkQxSnhsdGlFS1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYXBAwQA
VYXYMAwDBAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAK7Cq6Eg
h/UZ8bUNkzkd7ue9ZhZi2FwH+p18+D04jNaGs+4h57rXt4gnV8CgmykaUaPAyc8y
bMil8yThn1s2EQ9JOfG1DI/b3pkHq4R1Q9n7xO8+WLLLm5mWBH8uhO/FWCFJbjEB
bUjME9xHwWvILnf5dunj/RpwmWcbOf9jFk9/A8R9dDGsm0T16yr8fWrAFE7n7bCa
dyA7GadR1VbJssnvv2cjdXPJtI/V9nuJTo/xkO0yTfZc7lD2hGKSYSJutfY0N1Q2
9fwIBPlG2cAHd4BPYjgSeEpWMzGs2P/m7twqMkXtx2ghiOFmh8qed9AP+tq8cJ4t
kfkx7sPMvKIMXhY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:08:07 2025 by rpki-client