Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_NsLucI7129trSjKVij43ao04K0.roa
File: _NsLucI7129trSjKVij43ao04K0.roa (raw, json)
Hash identifier: yOY6yAHLrN1s83mQpLeyYo3Y+DfgJ6MmEX1rrSbuphk=
Subject key identifier: FC:DB:0B:B9:C2:3B:D7:6F:6D:AD:28:CA:56:28:F8:DD:AA:34:E0:AD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01974A96ABE777A5260AA6A110C8F2ED7899
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_NsLucI7129trSjKVij43ao04K0.roa
Signing time: Sat 07 Jun 2025 13:31:17 +0000
ROA not before: Sat 07 Jun 2025 13:31:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:96:ab:e7:77:a5:26:0a:a6:a1:10:c8:f2:ed:78:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 7 13:31:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcdb0bb9c23bd76f6dad28ca5628f8ddaa34e0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fe:7e:e9:da:e6:ff:85:3a:33:fa:c2:94:e7:
fa:4b:5d:75:6e:b0:0e:d1:e0:99:7d:fd:b9:b9:d5:
1b:f2:90:2d:ed:43:d8:89:b7:db:bd:3f:6e:aa:21:
67:48:7e:6b:70:20:a5:d0:68:02:a8:91:cb:68:13:
de:0e:67:d7:b3:5c:75:0f:f2:5d:e6:39:22:e6:dc:
fc:5b:ca:1d:08:7f:80:42:48:98:6f:95:26:6c:80:
11:23:5a:15:62:5c:c9:d4:bf:d8:f7:07:f3:b4:51:
99:ca:57:06:92:51:72:35:c5:ce:5a:d9:65:72:26:
e8:d6:5f:ed:43:bd:41:b2:19:41:83:5c:17:af:a9:
d9:bd:45:64:d5:a1:01:b7:56:fa:69:24:27:a8:e3:
96:cc:e0:aa:92:f7:b3:da:7f:f2:ef:77:59:a9:e8:
27:c9:c0:94:c7:da:ca:93:7b:6e:98:eb:8f:0c:ec:
1c:d7:df:c5:4a:9a:5d:ad:90:83:62:c1:d2:72:af:
45:d1:90:c2:51:00:ed:f5:e1:44:e2:c8:45:ed:80:
6d:9d:7f:38:65:25:66:5c:f8:df:a8:a9:3a:b0:d9:
05:c4:20:ad:2c:c6:63:2f:d4:61:63:c6:07:73:72:
dd:7a:7a:61:56:51:a9:04:8e:31:42:a6:1c:f8:79:
b7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DB:0B:B9:C2:3B:D7:6F:6D:AD:28:CA:56:28:F8:DD:AA:34:E0:AD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_NsLucI7129trSjKVij43ao04K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0-85.133.152.255
85.133.154.0-85.133.159.255
85.133.164.0-85.133.192.255
85.133.209.0-85.133.213.255
85.133.220.0/24
85.133.222.0/23
85.133.226.0/24
85.133.229.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
b3:e7:9f:5f:80:92:31:e4:2c:6f:82:23:b0:14:e7:63:24:71:
5e:d7:dc:c2:42:80:92:b8:27:76:79:18:23:e4:53:44:24:0a:
e7:1e:e9:9b:3b:5f:0d:63:82:d6:b9:fb:c0:28:9e:24:0b:79:
84:82:30:87:d6:43:87:8f:9b:82:b6:ee:f1:24:36:fe:3c:60:
07:8d:c7:0b:2c:93:e2:b7:21:35:1c:80:5a:56:78:c6:40:1f:
41:a1:3b:21:db:f9:40:9e:c9:b0:53:7c:5d:26:06:4c:33:6a:
3a:d6:2b:24:61:d1:aa:f6:98:65:75:0e:1b:5d:52:87:2b:47:
26:4e:7b:ac:54:0a:f7:2a:9b:5c:20:95:9f:05:9f:48:1a:8e:
6a:90:05:1d:b4:9d:59:c1:b9:d4:52:4a:37:d0:23:03:4b:95:
c9:71:aa:e2:ae:3b:96:43:f9:68:27:f7:27:f8:d1:87:f2:ec:
94:04:fc:73:6c:6f:6b:32:8f:c6:10:40:3a:cb:19:18:1c:68:
96:41:8e:b5:77:27:22:82:91:61:86:c3:28:87:2b:b9:96:69:
90:91:3a:67:f7:7f:e0:f7:4b:e1:e0:48:e5:1f:64:d7:6c:1b:
4a:88:85:ff:d9:eb:29:13:d7:cb:ed:ef:59:a8:92:a4:95:11:
93:3f:0b:32
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZdKlqvnd6UmCqahEMjy7XiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNjA3MTMzMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2RiMGJiOWMyM2JkNzZmNmRhZDI4Y2E1NjI4ZjhkZGFhMzRlMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P5+6drm/4U6M/rClOf6S111brAO
0eCZff25udUb8pAt7UPYibfbvT9uqiFnSH5rcCCl0GgCqJHLaBPeDmfXs1x1D/Jd
5jki5tz8W8odCH+AQkiYb5UmbIARI1oVYlzJ1L/Y9wfztFGZylcGklFyNcXOWtll
cibo1l/tQ71BshlBg1wXr6nZvUVk1aEBt1b6aSQnqOOWzOCqkvez2n/y73dZqegn
ycCUx9rKk3tumOuPDOwc19/FSppdrZCDYsHScq9F0ZDCUQDt9eFE4shF7YBtnX84
ZSVmXPjfqKk6sNkFxCCtLMZjL9RhY8YHc3LdenphVlGpBI4xQqYc+Hm3SQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFPzbC7nCO9dvba0oylYo+N2qNOCtMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvX05zTHVjSTcxMjl0clNqS1ZpajQzYW8wNEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfjAMAwQH
VYWAAwQAVYWYMAwDBAFVhZoDBAVVhYAwDAMEAlWFpAMEAFWFwDAMAwQAVYXRAwQB
VYXUAwQAVYXcAwQBVYXeAwQAVYXiMAwDBABVheUDBABVhegDBABVhesDBABVhe8D
BAFVhfQwDAMEAFWF+wMEAFWF/AMEAVWF/jANBAIAAjAHAwUDKgSHwDANBgkqhkiG
9w0BAQsFAAOCAQEAs+efX4CSMeQsb4IjsBTnYyRxXtfcwkKAkrgndnkYI+RTRCQK
5x7pmztfDWOC1rn7wCieJAt5hIIwh9ZDh4+bgrbu8SQ2/jxgB43HCyyT4rchNRyA
WlZ4xkAfQaE7Idv5QJ7JsFN8XSYGTDNqOtYrJGHRqvaYZXUOG11ShytHJk57rFQK
9yqbXCCVnwWfSBqOapAFHbSdWcG51FJKN9AjA0uVyXGq4q47lkP5aCf3J/jRh/Ls
lAT8c2xvazKPxhBAOssZGBxolkGOtXcnIoKRYYbDKIcruZZpkJE6Z/d/4PdL4eBI
5R9k12wbSoiF/9nrKRPXy+3vWaiSpJURkz8LMg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:03:42 2025 by rpki-client