Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/R2ldoXhi8yWQOntF1DnCjSdvZHU.roa
File: R2ldoXhi8yWQOntF1DnCjSdvZHU.roa (raw, json)
Hash identifier: rEkBBSJ/AxqPUULu5r8GdT5K+bRn1TC46uKfQvy074k=
Subject key identifier: 47:69:5D:A1:78:62:F3:25:90:3A:7B:45:D4:39:C2:8D:27:6F:64:75
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019909177612266747A463A4565E2F50E44D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/R2ldoXhi8yWQOntF1DnCjSdvZHU.roa
Signing time: Tue 02 Sep 2025 06:22:36 +0000
ROA not before: Tue 02 Sep 2025 06:22:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:09:17:76:12:26:67:47:a4:63:a4:56:5e:2f:50:e4:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 2 06:22:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47695da17862f325903a7b45d439c28d276f6475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0d:40:ff:f5:7f:07:a9:d3:78:dc:e8:c6:30:
2e:97:97:59:38:5b:56:5e:3f:9e:c8:2b:6e:60:82:
d9:ac:4c:70:a2:13:6e:12:8e:fc:61:cf:76:8e:da:
82:dd:45:a1:71:11:b8:9c:79:14:62:ba:72:be:fa:
09:a7:e6:ff:dc:54:86:0e:c8:3e:3a:7b:1f:32:a4:
32:5e:bc:bf:b2:b8:5c:42:7c:fd:de:96:68:91:c1:
9e:9d:6f:92:24:67:cc:99:c2:a0:e0:43:4f:c4:2c:
28:4c:90:b9:2a:04:12:95:a5:7b:89:bc:03:07:5d:
c9:18:6e:fa:58:52:cd:fc:3e:1c:40:1d:67:bc:52:
bb:72:29:d6:65:f7:16:b9:41:7f:16:6a:0b:f0:51:
25:75:a1:bf:16:cf:e2:b3:86:48:21:69:02:99:5d:
ee:dc:51:18:b9:5b:bd:61:9a:ca:3a:fd:fa:ee:25:
c7:e3:fb:94:61:07:32:6e:0f:cd:0a:b2:a8:ae:95:
6d:c1:88:8d:3f:38:71:5b:14:6c:76:c6:cc:ee:39:
51:87:71:53:e4:48:4b:4f:03:f0:14:8b:c2:dd:14:
8f:21:31:9c:16:37:46:5a:87:13:97:67:81:3d:4a:
57:ce:19:7d:83:53:9e:55:f5:48:e7:e1:be:1b:6c:
28:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:69:5D:A1:78:62:F3:25:90:3A:7B:45:D4:39:C2:8D:27:6F:64:75
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/R2ldoXhi8yWQOntF1DnCjSdvZHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.214.0/24
85.133.216.0/24
85.133.234.0/24
85.133.236.0/23
85.133.246.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:78:89:17:36:ef:d8:f7:6c:9e:0c:24:6c:83:39:f9:12:0f:
0a:b6:8a:39:b2:94:5a:b2:0d:cd:f8:6c:8b:c2:ed:b0:2d:9b:
06:a8:64:5e:d0:b4:37:ae:b2:0e:44:80:9d:ef:be:d3:62:4e:
07:14:fb:0d:7f:8d:54:0e:49:04:c8:8b:5f:df:de:b1:91:9d:
0b:c2:bf:f1:ed:2f:36:40:6d:8f:08:2f:a0:df:ea:8b:74:67:
4d:92:0b:c8:b7:23:29:ff:0c:cc:bd:8c:da:10:05:c0:cf:f7:
12:8c:82:95:87:27:b1:2c:e4:4d:36:6c:58:96:98:86:54:5a:
11:f7:63:30:2b:45:06:8c:92:36:e3:9d:58:f1:cd:92:99:55:
cf:ea:d4:07:c1:b2:be:42:ca:8a:6d:54:48:e8:5a:8a:65:f9:
ee:a9:2c:7b:21:c8:12:2b:ed:0f:b7:8f:88:fe:a1:5f:be:a9:
14:6b:d1:25:de:90:d2:27:69:ac:48:48:e1:85:1a:86:c4:37:
84:ac:e1:77:53:04:4a:aa:67:ba:dd:7d:31:83:52:24:df:90:
d4:dd:7a:61:13:47:e7:ee:57:47:60:ca:00:ab:ea:95:5c:42:
d0:89:e4:c4:cb:cc:92:77:99:a3:60:56:35:d9:ec:ff:4f:c9:
8f:d5:ee:8d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZkJF3YSJmdHpGOkVl4vUORNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwOTAyMDYyMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY5NWRhMTc4NjJmMzI1OTAzYTdiNDVkNDM5YzI4ZDI3NmY2NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg1A//V/B6nTeNzoxjAul5dZOFtW
Xj+eyCtuYILZrExwohNuEo78Yc92jtqC3UWhcRG4nHkUYrpyvvoJp+b/3FSGDsg+
OnsfMqQyXry/srhcQnz93pZokcGenW+SJGfMmcKg4ENPxCwoTJC5KgQSlaV7ibwD
B13JGG76WFLN/D4cQB1nvFK7cinWZfcWuUF/FmoL8FEldaG/Fs/is4ZIIWkCmV3u
3FEYuVu9YZrKOv367iXH4/uUYQcybg/NCrKorpVtwYiNPzhxWxRsdsbM7jlRh3FT
5EhLTwPwFIvC3RSPITGcFjdGWocTl2eBPUpXzhl9g1OeVfVI5+G+G2woFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEdpXaF4YvMlkDp7RdQ5wo0nb2R1MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUjJsZG9YaGk4eVdRT250RjFEbkNqU2R2WkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVYXBAwQA
VYXWAwQAVYXYAwQAVYXqAwQBVYXsAwQAVYX2AwQAVYX9MA0GCSqGSIb3DQEBCwUA
A4IBAQBMeIkXNu/Y92yeDCRsgzn5Eg8Ktoo5spRasg3N+GyLwu2wLZsGqGRe0LQ3
rrIORICd777TYk4HFPsNf41UDkkEyItf396xkZ0Lwr/x7S82QG2PCC+g3+qLdGdN
kgvItyMp/wzMvYzaEAXAz/cSjIKVhyexLORNNmxYlpiGVFoR92MwK0UGjJI2451Y
8c2SmVXP6tQHwbK+QsqKbVRI6FqKZfnuqSx7IcgSK+0Pt4+I/qFfvqkUa9El3pDS
J2msSEjhhRqGxDeErOF3UwRKqme63X0xg1Ik35DU3XphE0fn7ldHYMoAq+qVXELQ
ieTEy8ySd5mjYFY12ez/T8mP1e6N
-----END CERTIFICATE-----
Generated at Sun Sep 7 08:18:16 2025 by rpki-client