Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TxbD_aJNwVs6wc3abS2IksUVvHc.roa
File: TxbD_aJNwVs6wc3abS2IksUVvHc.roa (raw, json)
Hash identifier: toJfpi/XPKZfb4earfvmODmRMe/FJaZWYY0dFcVHl5U=
Subject key identifier: 4F:16:C3:FD:A2:4D:C1:5B:3A:C1:CD:DA:6D:2D:88:92:C5:15:BC:77
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0197400BB3A57A9A7AD58D45C85BDAF6E9A3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TxbD_aJNwVs6wc3abS2IksUVvHc.roa
Signing time: Thu 05 Jun 2025 12:23:17 +0000
ROA not before: Thu 05 Jun 2025 12:23:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 85.133.208.0/23 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:0b:b3:a5:7a:9a:7a:d5:8d:45:c8:5b:da:f6:e9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 5 12:23:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f16c3fda24dc15b3ac1cdda6d2d8892c515bc77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e1:16:ae:cd:10:43:27:4e:84:d1:c1:e7:fe:
f6:b0:e3:56:f7:41:46:22:77:8e:e5:32:af:79:1b:
52:81:1f:3f:9a:34:ea:e2:e3:46:fb:87:8e:fe:09:
cd:0c:71:79:bc:4a:3b:12:01:10:89:d5:67:18:75:
40:dd:0d:89:85:70:aa:2f:65:f8:6d:42:b9:10:73:
2c:6e:4e:10:00:01:a8:fe:a4:62:80:9a:f1:c7:4b:
59:42:22:0a:1b:43:1e:3f:7c:20:18:15:7f:68:3f:
7c:1f:1e:ab:1b:29:b2:25:d2:5a:c9:28:bd:d1:18:
9a:e7:eb:b9:e5:a9:0b:2f:9a:0b:5b:f5:3c:bc:4b:
a7:1d:ee:39:5b:e9:57:c3:34:5c:89:e9:27:bd:c2:
61:78:70:3e:4e:b9:11:e0:f3:d8:57:dc:ed:d9:14:
ce:b8:cf:6e:96:dd:a2:c2:b7:51:3e:aa:11:ef:9a:
ac:fb:71:32:fd:a2:5f:68:70:a7:59:3e:15:22:19:
a9:32:78:47:56:a6:7f:8b:3c:6c:38:00:39:8f:96:
b5:09:bc:34:fa:62:34:15:8f:e5:f7:a8:a9:fe:21:
0d:10:87:27:b4:c4:bf:c7:56:e4:81:57:d6:95:ea:
e1:a1:a8:5a:38:7a:1d:b5:ef:4e:1b:91:4d:fe:3d:
a6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:16:C3:FD:A2:4D:C1:5B:3A:C1:CD:DA:6D:2D:88:92:C5:15:BC:77
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TxbD_aJNwVs6wc3abS2IksUVvHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.208.0/23
85.133.225.0/24
85.133.227.0/24
85.133.248.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:fc:4d:34:48:55:53:f6:3a:f8:c2:45:66:60:b9:90:38:bb:
a8:80:41:15:aa:8c:e2:0e:ad:e1:90:77:6d:72:fb:62:16:18:
86:89:2f:cf:5d:45:f1:b5:74:33:19:dc:e3:be:f0:73:88:79:
68:73:dd:86:b4:ac:c3:a5:79:0b:5f:e7:c2:8e:9a:e2:b3:49:
c4:d4:3d:be:34:4b:e4:a5:5a:88:d3:05:b4:c2:d6:5d:b6:bd:
d9:a2:ec:da:49:0c:bf:5b:7d:16:8e:1a:e9:4f:d7:13:27:3b:
54:16:3d:09:b1:ef:fb:dd:22:2d:ed:1e:dc:e7:7d:b5:0f:ad:
03:de:3b:41:7d:c5:e2:29:0d:fe:a5:63:86:51:fb:a4:25:8a:
0e:9e:de:1e:2a:9d:fa:e9:26:c2:a2:39:b2:c9:b2:dc:42:ca:
98:3e:1f:79:13:1d:0c:c0:99:47:08:6e:e0:e0:88:d3:31:07:
36:17:37:4e:e3:73:ec:c4:f5:99:a5:73:b4:bd:ab:4f:8e:d8:
e6:99:2d:05:79:ca:0b:e8:58:4d:7a:00:e5:90:8d:a5:eb:3c:
5d:f2:57:b4:90:6e:22:68:25:cf:0e:b2:0b:5b:1d:be:7b:d7:
62:05:be:89:9e:e2:d8:2c:cc:8b:6b:95:80:4f:bf:14:41:8b:
f2:57:32:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdAC7Olepp61Y1FyFva9umjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNjA1MTIyMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjE2YzNmZGEyNGRjMTViM2FjMWNkZGE2ZDJkODg5MmM1MTViYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOEWrs0QQydOhNHB5/72sONW90FG
IneO5TKveRtSgR8/mjTq4uNG+4eO/gnNDHF5vEo7EgEQidVnGHVA3Q2JhXCqL2X4
bUK5EHMsbk4QAAGo/qRigJrxx0tZQiIKG0MeP3wgGBV/aD98Hx6rGymyJdJaySi9
0Ria5+u55akLL5oLW/U8vEunHe45W+lXwzRcieknvcJheHA+TrkR4PPYV9zt2RTO
uM9ult2iwrdRPqoR75qs+3Ey/aJfaHCnWT4VIhmpMnhHVqZ/izxsOAA5j5a1Cbw0
+mI0FY/l96ip/iENEIcntMS/x1bkgVfWlerhoahaOHodte9OG5FN/j2m0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE8Ww/2iTcFbOsHN2m0tiJLFFbx3MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVHhiRF9hSk53VnM2d2MzYWJTMklrc1VWdkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVYXQAwQA
VYXhAwQAVYXjAwQAVYX4MA0GCSqGSIb3DQEBCwUAA4IBAQBL/E00SFVT9jr4wkVm
YLmQOLuogEEVqoziDq3hkHdtcvtiFhiGiS/PXUXxtXQzGdzjvvBziHloc92GtKzD
pXkLX+fCjpris0nE1D2+NEvkpVqI0wW0wtZdtr3ZouzaSQy/W30WjhrpT9cTJztU
Fj0Jse/73SIt7R7c5321D60D3jtBfcXiKQ3+pWOGUfukJYoOnt4eKp366SbCojmy
ybLcQsqYPh95Ex0MwJlHCG7g4IjTMQc2FzdO43PsxPWZpXO0vatPjtjmmS0FecoL
6FhNegDlkI2l6zxd8le0kG4iaCXPDrILWx2+e9diBb6JnuLYLMyLa5WAT78UQYvy
VzLH
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:33:18 2025 by rpki-client