Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Jr0vftJR3CjRVz6-o4pf0gt3nug.roa
File: Jr0vftJR3CjRVz6-o4pf0gt3nug.roa (raw, json)
Hash identifier: +mzEEh0eCpPswQBbLT86K9qsx3oFcbJzNBm/K0viybI=
Subject key identifier: 26:BD:2F:7E:D2:51:DC:28:D1:57:3E:BE:A3:8A:5F:D2:0B:77:9E:E8
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01963308899D614128F18872AF1D1C4E791C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Jr0vftJR3CjRVz6-o4pf0gt3nug.roa
Signing time: Mon 14 Apr 2025 06:41:59 +0000
ROA not before: Mon 14 Apr 2025 06:41:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.208.0/23 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/23 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:08:89:9d:61:41:28:f1:88:72:af:1d:1c:4e:79:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 14 06:41:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26bd2f7ed251dc28d1573ebea38a5fd20b779ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:41:35:53:06:84:12:39:24:df:59:0a:fd:7a:
22:b0:a4:59:83:28:0a:bd:a4:be:e2:8f:a8:0f:f1:
01:a2:e5:08:a5:bf:5f:d1:76:bb:d1:4d:77:a4:46:
fd:55:c6:e3:cd:a4:90:c8:c1:25:bb:2c:ac:33:67:
60:38:e6:f4:1f:ae:28:43:75:71:ac:2a:e9:9a:32:
c2:f2:94:f7:e8:1f:1a:12:dc:15:88:05:64:54:ac:
d3:ac:e7:ea:eb:d9:be:93:61:3d:69:1d:27:c3:07:
9c:e4:0b:02:0a:78:eb:65:7c:37:fc:29:22:24:9a:
c5:5e:d6:5c:a5:be:7d:df:a0:88:59:1c:6f:27:59:
94:f8:ed:1b:5b:9f:30:81:e3:a4:56:5e:aa:b6:65:
e4:78:03:29:0b:16:29:25:85:d5:45:98:f9:7e:fb:
f2:3e:a0:aa:b6:8e:39:56:52:66:31:c2:50:34:3e:
15:fe:27:fd:97:f1:31:8b:32:e9:a1:51:e3:70:fd:
b7:d0:8f:b4:6b:70:5b:eb:72:dd:e1:f2:37:af:17:
57:b7:37:19:3b:cb:30:45:96:e6:36:5b:dc:8b:df:
49:bd:9f:b4:0a:1c:b6:82:1e:3e:83:44:d9:e3:5f:
20:e1:3a:b4:70:2d:6e:4f:a6:d1:30:fc:07:e4:15:
55:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BD:2F:7E:D2:51:DC:28:D1:57:3E:BE:A3:8A:5F:D2:0B:77:9E:E8
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Jr0vftJR3CjRVz6-o4pf0gt3nug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.192.255
85.133.208.0-85.133.214.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.232.255
85.133.234.0/23
85.133.239.0/24
85.133.244.0-85.133.249.255
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:55:ae:68:c1:b4:d0:86:ae:8b:9d:7e:12:5e:ab:90:10:8c:
37:c7:cf:88:4a:6e:a8:af:04:e1:7c:fb:fd:59:cd:bf:01:a5:
6b:2e:4c:41:5d:55:2a:b7:48:8f:10:a0:bd:8d:31:f5:3b:e0:
e4:4b:8b:d0:28:cf:23:a2:59:82:ad:72:48:c6:86:01:92:56:
db:24:9a:8a:1e:9a:b7:95:22:17:c3:08:0f:f7:11:21:c8:06:
d6:78:98:e8:bb:ca:b7:32:d7:78:ee:b9:ef:3d:0b:85:92:98:
0a:0e:32:be:6e:d2:71:68:c1:cd:12:ef:cc:f0:28:4f:e8:fc:
7f:19:3f:1a:60:cc:57:b9:7f:7f:6d:ac:01:b7:d7:ef:37:db:
31:6f:c9:48:3e:0f:01:7c:c8:12:67:27:ce:0b:b1:06:6d:45:
64:dc:a4:cc:41:9c:6f:d9:93:38:03:c4:c1:f9:59:dc:84:48:
26:fe:53:2c:8e:2c:8d:f9:5c:a4:f8:67:04:ce:35:19:6a:53:
16:5a:81:04:2f:f3:91:be:52:be:d3:91:45:00:2a:69:de:5b:
8a:52:1e:c5:8e:c7:95:be:dc:a6:29:02:10:c1:6c:77:70:a3:
c6:48:d7:04:30:cc:09:32:77:1c:87:11:ab:e6:7e:24:f1:f1:
34:4b:83:46
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZYzCImdYUEo8Yhyrx0cTnkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNDE0MDY0MTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmJkMmY3ZWQyNTFkYzI4ZDE1NzNlYmVhMzhhNWZkMjBiNzc5ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUE1UwaEEjkk31kK/XoisKRZgygK
vaS+4o+oD/EBouUIpb9f0Xa70U13pEb9VcbjzaSQyMEluyysM2dgOOb0H64oQ3Vx
rCrpmjLC8pT36B8aEtwViAVkVKzTrOfq69m+k2E9aR0nwwec5AsCCnjrZXw3/Cki
JJrFXtZcpb5936CIWRxvJ1mU+O0bW58wgeOkVl6qtmXkeAMpCxYpJYXVRZj5fvvy
PqCqto45VlJmMcJQND4V/if9l/ExizLpoVHjcP230I+0a3Bb63Ld4fI3rxdXtzcZ
O8swRZbmNlvci99JvZ+0Chy2gh4+g0TZ418g4Tq0cC1uT6bRMPwH5BVVKwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCa9L37SUdwo0Vc+vqOKX9ILd57oMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSnIwdmZ0SlIzQ2pSVno2LW80cGYwZ3QzbnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVYWA
MAwDBAJVhaQDBABVhcAwDAMEBFWF0AMEAFWF1gMEAFWF3AMEAVWF3jAMAwQAVYXh
AwQAVYXoAwQBVYXqAwQAVYXvMAwDBAJVhfQDBAFVhfgwDAMEAFWF+wMEAFWF/AME
AVWF/jANBAIAAjAHAwUDKgSHwDANBgkqhkiG9w0BAQsFAAOCAQEAC1WuaMG00Iau
i51+El6rkBCMN8fPiEpuqK8E4Xz7/VnNvwGlay5MQV1VKrdIjxCgvY0x9Tvg5EuL
0CjPI6JZgq1ySMaGAZJW2ySaih6at5UiF8MID/cRIcgG1niY6LvKtzLXeO657z0L
hZKYCg4yvm7ScWjBzRLvzPAoT+j8fxk/GmDMV7l/f22sAbfX7zfbMW/JSD4PAXzI
EmcnzguxBm1FZNykzEGcb9mTOAPEwflZ3IRIJv5TLI4sjflcpPhnBM41GWpTFlqB
BC/zkb5SvtORRQAqad5bilIexY7Hlb7cpikCEMFsd3CjxkjXBDDMCTJ3HIcRq+Z+
JPHxNEuDRg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:04:14 2025 by rpki-client