Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QuaQXnfiHzzwoGvG6Ius1fIKAGA.roa
File: QuaQXnfiHzzwoGvG6Ius1fIKAGA.roa (raw, json)
Hash identifier: zkF07MTGoKbNiUmdNvVh0uMdePAd/TeJrg9uxhbcRyg=
Subject key identifier: 42:E6:90:5E:77:E2:1F:3C:F0:A0:6B:C6:E8:8B:AC:D5:F2:0A:00:60
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01931AA157833E4974D1AB71E1802C5AB6FA
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QuaQXnfiHzzwoGvG6Ius1fIKAGA.roa
Signing time: Mon 11 Nov 2024 09:50:01 +0000
ROA not before: Mon 11 Nov 2024 09:50:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:a1:57:83:3e:49:74:d1:ab:71:e1:80:2c:5a:b6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 11 09:50:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42e6905e77e21f3cf0a06bc6e88bacd5f20a0060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:47:ad:a5:4c:93:e4:d2:57:05:62:14:2e:3f:
f6:8d:13:33:c2:81:41:8f:7e:29:e0:08:0d:2a:e5:
20:c8:ad:5c:fb:19:fb:4a:4b:07:cf:ac:5a:bf:97:
a2:56:b4:a7:c8:e2:eb:4f:ab:7e:2a:68:95:3b:d2:
9a:bb:c1:0a:4d:de:1e:1d:79:b9:d3:c0:1e:1f:7a:
6f:31:52:43:96:24:b2:0e:de:92:6e:56:d7:19:a0:
4d:f9:1d:a3:bb:7f:65:85:0e:aa:46:46:56:28:c2:
72:ba:3c:7a:c9:39:51:91:95:87:7d:df:f9:77:43:
c3:de:45:68:54:e8:d6:b3:a7:71:8c:6e:ae:48:72:
b5:be:80:b0:1b:12:58:6b:bb:36:cc:43:2a:0e:31:
e6:98:92:f2:d3:df:e4:39:f2:e5:55:57:74:5b:08:
c5:8e:b7:32:31:d3:49:79:b1:b5:d9:16:f8:5f:9d:
61:e3:a8:34:97:7d:77:de:ef:d5:d8:4c:80:19:10:
b1:6b:f2:d2:0c:29:0d:54:19:ab:8c:a7:5f:60:3c:
69:8d:e9:fd:ab:d8:9f:f6:e2:4f:ed:9c:fd:a1:b1:
83:b4:37:af:58:58:4d:c3:2d:82:66:3c:fc:d6:5b:
7f:6d:04:88:51:66:c3:56:5b:b6:51:f0:de:d6:d3:
59:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E6:90:5E:77:E2:1F:3C:F0:A0:6B:C6:E8:8B:AC:D5:F2:0A:00:60
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QuaQXnfiHzzwoGvG6Ius1fIKAGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0/23
85.133.167.0-85.133.192.255
85.133.196.0/22
85.133.209.0-85.133.213.255
85.133.219.0-85.133.223.255
85.133.225.0-85.133.226.255
85.133.228.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.247.0-85.133.249.255
85.133.255.0/24
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:3b:f1:32:2b:07:ed:f6:15:87:a2:71:90:bc:b0:28:b3:36:
65:6d:52:81:12:fc:11:4c:a1:63:a0:ad:29:ea:fc:cb:59:b7:
de:a6:2b:cd:13:a4:c4:d6:5b:8d:06:80:9c:a5:97:26:4b:43:
b1:03:77:f8:1e:9b:db:ad:77:1f:0f:94:71:f6:f3:a0:06:e4:
db:0a:89:e6:5d:a5:8f:ee:2f:6d:6e:ab:f8:25:4d:3d:0f:b0:
d8:49:c8:c8:79:9a:c9:3b:08:cb:fe:3d:95:bd:9a:5a:a8:b3:
12:52:e3:d5:46:30:f8:a8:8d:3b:52:fc:84:e3:3d:3d:f9:74:
36:60:69:83:b3:de:14:23:3a:c6:eb:29:33:c7:99:ce:d3:42:
0d:49:9e:fb:bc:13:79:dc:ea:29:41:85:a7:5f:79:44:ec:c4:
5a:b5:ef:d2:c9:e5:44:11:28:6c:33:ce:4b:98:f6:e7:ce:16:
a2:ab:89:ef:51:dd:45:0d:c1:4c:2a:44:11:75:83:d3:a2:e4:
c1:ac:82:df:b2:24:4f:0d:24:0f:59:7d:f9:66:cb:67:0c:e5:
3a:af:7f:39:d6:2f:b6:fe:09:a6:29:4c:34:4c:f0:f1:b7:fc:
80:d7:79:4e:d7:e5:d6:9f:27:49:a8:ee:bf:97:ff:2b:39:2b:
12:22:5a:58
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZMaoVeDPkl00atx4YAsWrb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMTExMDk1MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU2OTA1ZTc3ZTIxZjNjZjBhMDZiYzZlODhiYWNkNWYyMGEwMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0etpUyT5NJXBWIULj/2jRMzwoFB
j34p4AgNKuUgyK1c+xn7SksHz6xav5eiVrSnyOLrT6t+KmiVO9Kau8EKTd4eHXm5
08AeH3pvMVJDliSyDt6SblbXGaBN+R2ju39lhQ6qRkZWKMJyujx6yTlRkZWHfd/5
d0PD3kVoVOjWs6dxjG6uSHK1voCwGxJYa7s2zEMqDjHmmJLy09/kOfLlVVd0WwjF
jrcyMdNJebG12Rb4X51h46g0l3133u/V2EyAGRCxa/LSDCkNVBmrjKdfYDxpjen9
q9if9uJP7Zz9obGDtDevWFhNwy2CZjz81lt/bQSIUWbDVlu2UfDe1tNZVQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFELmkF534h888KBrxuiLrNXyCgBgMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUXVhUVhuZmlIenp3b0d2RzZJdXMxZklLQUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfgMEBVWF
gAMEAVWFpDAMAwQAVYWnAwQAVYXAAwQCVYXEMAwDBABVhdEDBAFVhdQwDAMEAFWF
2wMEBVWFwDAMAwQAVYXhAwQAVYXiMAwDBAJVheQDBABVhegDBABVhesDBABVhe8D
BAFVhfQwDAMEAFWF9wMEAVWF+AMEAFWF/zANBAIAAjAHAwUDKgSHwDANBgkqhkiG
9w0BAQsFAAOCAQEAfTvxMisH7fYVh6JxkLywKLM2ZW1SgRL8EUyhY6CtKer8y1m3
3qYrzROkxNZbjQaAnKWXJktDsQN3+B6b2613Hw+UcfbzoAbk2wqJ5l2lj+4vbW6r
+CVNPQ+w2EnIyHmayTsIy/49lb2aWqizElLj1UYw+KiNO1L8hOM9Pfl0NmBpg7Pe
FCM6xuspM8eZztNCDUme+7wTedzqKUGFp195ROzEWrXv0snlRBEobDPOS5j2584W
oquJ71HdRQ3BTCpEEXWD06LkwayC37IkTw0kD1l9+WbLZwzlOq9/OdYvtv4JpilM
NEzw8bf8gNd5Ttfl1p8nSajuv5f/KzkrEiJaWA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:30:17 2024 by rpki-client on console-ams.rpki-client.org