Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/pdibwb27SbD9nJ2QiIqkUFv8C7w.roa
File: pdibwb27SbD9nJ2QiIqkUFv8C7w.roa (raw, json)
Hash identifier: vs2FNSAr8OCSQfoLGO4wc++pGndif3uqr7gndMMbCoA=
Subject key identifier: A5:D8:9B:C1:BD:BB:49:B0:FD:9C:9D:90:88:8A:A4:50:5B:FC:0B:BC
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019E8E14D3988F54B59D0443DDD915552497
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/pdibwb27SbD9nJ2QiIqkUFv8C7w.roa
Signing time: Wed 03 Jun 2026 15:23:10 +0000
ROA not before: Wed 03 Jun 2026 15:23:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197328
IP address blocks: 85.133.197.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:14:d3:98:8f:54:b5:9d:04:43:dd:d9:15:55:24:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 3 15:23:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a5d89bc1bdbb49b0fd9c9d90888aa4505bfc0bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a6:a6:cb:3a:a5:eb:ec:54:81:fd:52:34:b5:
e9:e1:be:06:f9:63:95:80:f5:06:98:84:6f:44:a0:
77:81:e4:f4:8f:01:f7:47:b3:ad:7f:ee:62:ee:f9:
18:3d:bc:dc:85:8d:c1:ac:8b:08:d0:22:f6:3f:71:
67:3c:9e:78:6f:24:00:2f:19:8a:75:74:1c:b9:88:
85:e5:f1:9c:81:57:f7:f5:d1:59:52:23:96:0e:5b:
ad:6e:04:1c:09:25:38:75:e0:7a:20:7e:4d:61:33:
5f:ea:df:58:3e:1f:27:20:b4:69:7e:dc:49:e0:13:
d4:91:c7:12:54:af:80:c4:ee:6e:7c:08:4d:dc:82:
1b:0c:2c:d4:f5:a8:52:39:f7:d8:01:aa:d9:6f:d0:
88:01:f6:83:db:7c:a7:9b:02:56:98:81:8b:65:ae:
a1:66:c0:99:2e:40:48:3f:c3:54:b3:80:9a:eb:df:
41:b0:e6:62:83:21:02:5f:ce:69:46:63:3e:f1:0c:
aa:6d:d4:c8:5d:8b:47:bf:c0:21:84:b3:72:de:27:
10:81:ca:16:d6:ed:53:67:de:f3:3b:c3:9e:2c:b1:
19:8e:c2:90:71:b5:b8:57:84:2c:7f:f7:47:52:02:
c3:27:fd:84:76:c7:5d:99:c4:61:11:d4:bb:25:9f:
3e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D8:9B:C1:BD:BB:49:B0:FD:9C:9D:90:88:8A:A4:50:5B:FC:0B:BC
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/pdibwb27SbD9nJ2QiIqkUFv8C7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.197.0/24
85.133.234.0/24
85.133.241.0/24
85.133.246.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c6:2f:19:be:04:56:09:9b:00:25:b0:24:ad:a2:59:c6:cf:
e0:1f:03:39:2c:6f:09:1e:68:c6:9d:ef:04:08:b5:a9:73:1c:
7f:45:f4:01:35:7d:df:5a:92:33:68:b9:0e:65:5a:69:2d:18:
f1:e6:66:fb:6b:ac:59:00:da:a2:d6:1f:22:ed:be:bf:0f:3a:
de:3d:01:4e:bb:51:d2:92:90:c3:62:7f:9d:f2:61:e6:7e:71:
a0:8e:45:69:37:15:c8:06:26:74:c9:3a:9a:3c:17:e5:e9:54:
1b:1d:75:85:51:97:11:35:6f:93:25:a7:bd:d6:64:08:5c:b2:
15:ad:e8:80:df:2f:f1:a1:04:7f:82:83:41:2f:39:bd:ef:85:
28:7e:9e:bf:df:fe:1e:ef:a7:21:e9:fe:18:40:f9:02:92:bc:
39:86:4f:28:3f:46:8a:d4:62:0a:02:b2:96:05:5e:24:ff:58:
e9:e4:01:d7:89:6e:38:c1:55:df:7d:39:c8:c9:37:6e:2b:47:
5a:fb:ec:29:73:51:da:a0:b5:e3:6c:ee:3a:1a:85:2c:c6:0b:
c6:61:90:43:57:d7:bf:59:a5:5b:65:86:a5:55:ff:d8:d4:3f:
1d:44:b3:ae:d1:e0:c0:a3:ad:10:8a:4a:fd:fb:1b:71:dd:bb:
d1:be:f6:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6OFNOYj1S1nQRD3dkVVSSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjYwNjAzMTUyMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ4OWJjMWJkYmI0OWIwZmQ5YzlkOTA4ODhhYTQ1MDViZmMwYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qamyzql6+xUgf1SNLXp4b4G+WOV
gPUGmIRvRKB3geT0jwH3R7Otf+5i7vkYPbzchY3BrIsI0CL2P3FnPJ54byQALxmK
dXQcuYiF5fGcgVf39dFZUiOWDlutbgQcCSU4deB6IH5NYTNf6t9YPh8nILRpftxJ
4BPUkccSVK+AxO5ufAhN3IIbDCzU9ahSOffYAarZb9CIAfaD23ynmwJWmIGLZa6h
ZsCZLkBIP8NUs4Ca699BsOZigyECX85pRmM+8QyqbdTIXYtHv8AhhLNy3icQgcoW
1u1TZ97zO8OeLLEZjsKQcbW4V4Qsf/dHUgLDJ/2EdsddmcRhEdS7JZ8+uwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKXYm8G9u0mw/ZydkIiKpFBb/Au8MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcGRpYndiMjdTYkQ5bkoyUWlJcWtVRnY4Qzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVYXFAwQA
VYXqAwQAVYXxAwQAVYX2AwQAVYX9MA0GCSqGSIb3DQEBCwUAA4IBAQClxi8ZvgRW
CZsAJbAkraJZxs/gHwM5LG8JHmjGne8ECLWpcxx/RfQBNX3fWpIzaLkOZVppLRjx
5mb7a6xZANqi1h8i7b6/DzrePQFOu1HSkpDDYn+d8mHmfnGgjkVpNxXIBiZ0yTqa
PBfl6VQbHXWFUZcRNW+TJae91mQIXLIVreiA3y/xoQR/goNBLzm974Uofp6/3/4e
76ch6f4YQPkCkrw5hk8oP0aK1GIKArKWBV4k/1jp5AHXiW44wVXffTnIyTduK0da
++wpc1HaoLXjbO46GoUsxgvGYZBDV9e/WaVbZYalVf/Y1D8dRLOu0eDAo60Qikr9
+xtx3bvRvvba
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:31:25 2026 by rpki-client