Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v_Jcrl9LmW3dbIhgOXzh6hYxl5M.roa
File: v_Jcrl9LmW3dbIhgOXzh6hYxl5M.roa (raw, json)
Hash identifier: JvA58F64MZqw53ocAB77xU9qb0c34gOLRFvgKyKP1NE=
Subject key identifier: BF:F2:5C:AE:5F:4B:99:6D:DD:6C:88:60:39:7C:E1:EA:16:31:97:93
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01972B8D6047797CD742099852E30457BBC2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v_Jcrl9LmW3dbIhgOXzh6hYxl5M.roa
Signing time: Sun 01 Jun 2025 12:52:54 +0000
ROA not before: Sun 01 Jun 2025 12:52:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214922
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2b:8d:60:47:79:7c:d7:42:09:98:52:e3:04:57:bb:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 1 12:52:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bff25cae5f4b996ddd6c8860397ce1ea16319793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4f:63:4b:96:60:4b:7c:59:5b:11:c1:ed:0a:
7f:3a:ad:b8:cb:91:df:fe:5c:0b:c7:56:34:8a:31:
a8:ec:79:04:88:ca:d7:c7:a9:e7:fa:cf:4e:8f:7d:
78:cf:6f:ca:e0:ee:5a:0f:fe:0b:1c:66:92:47:ea:
cf:31:b9:e7:5b:38:ab:53:35:51:cb:0d:71:6f:a0:
41:7c:88:4f:d8:46:e1:97:ea:66:04:6b:4e:59:89:
a0:8e:c2:6d:c3:27:dd:2e:09:87:db:32:4c:fb:bc:
99:04:f2:5f:42:a3:e2:b6:8a:0e:b4:a8:ab:e7:4a:
3d:3b:3b:1e:f9:e9:11:8c:82:f7:41:49:6f:73:2d:
59:38:35:fd:c7:70:6f:33:0d:2b:e4:27:af:a5:b5:
33:ff:05:05:b2:41:dd:30:39:fd:2b:bc:7c:b7:2c:
af:88:d9:57:59:1e:c6:8c:c8:2e:97:99:7e:48:2a:
0b:52:1f:b2:e0:85:88:3e:93:a0:85:22:c0:40:bf:
46:a7:09:8b:e5:38:7b:ff:60:39:5f:5b:5d:9b:69:
45:29:bb:10:c2:3d:f1:46:d6:8c:1b:95:45:ca:a5:
75:55:5c:d5:9f:db:e0:b4:a8:1a:27:a2:1b:21:e0:
b6:b9:d7:00:5e:29:7c:75:f4:ae:cb:d5:dc:9b:16:
09:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F2:5C:AE:5F:4B:99:6D:DD:6C:88:60:39:7C:E1:EA:16:31:97:93
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v_Jcrl9LmW3dbIhgOXzh6hYxl5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0-85.133.204.255
85.133.228.0/24
85.133.238.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:d8:4a:6d:18:68:a2:e8:e5:45:b8:f4:de:05:a6:03:e1:ed:
c9:8a:b1:96:57:45:7f:53:3b:df:18:dc:6f:85:e9:97:b3:b5:
ed:c6:97:04:08:9e:5b:5b:60:34:c1:8e:68:8c:1a:cd:ab:90:
f4:b2:98:cc:b8:e2:76:91:eb:bc:8f:bf:6a:b4:8f:a1:a6:d8:
a5:9f:99:ec:77:ab:71:f1:93:42:67:9c:e6:50:ab:3b:84:84:
e9:3d:ac:ec:7b:76:39:e0:b2:dd:e6:da:20:bc:cc:a4:d9:87:
39:62:9a:8b:46:a1:c3:6d:d5:88:5b:d4:e8:f3:17:a8:00:9b:
eb:b1:ad:0d:fd:50:46:20:19:c8:0c:e9:13:ae:9b:da:5e:ce:
43:5e:d4:ce:76:7c:da:dd:94:9d:51:fd:93:70:8d:71:e1:eb:
fd:03:66:32:c7:4e:8b:a3:f7:3b:49:29:ca:7d:36:33:cc:10:
ca:6c:b8:dc:e0:ac:9c:45:99:79:f5:eb:81:95:e9:bc:09:22:
64:68:e5:4c:ea:04:bc:aa:ad:c4:07:54:d0:37:19:04:44:ef:
3f:15:a5:b9:12:26:c2:d6:99:93:c5:5f:ee:96:35:93:be:8e:
a1:ba:9d:7e:ca:19:99:8c:c0:ff:4a:6a:2c:49:9d:4a:98:07:
ef:16:fc:50
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZcrjWBHeXzXQgmYUuMEV7vCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNjAxMTI1MjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmYyNWNhZTVmNGI5OTZkZGQ2Yzg4NjAzOTdjZTFlYTE2MzE5NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE9jS5ZgS3xZWxHB7Qp/Oq24y5Hf
/lwLx1Y0ijGo7HkEiMrXx6nn+s9Oj314z2/K4O5aD/4LHGaSR+rPMbnnWzirUzVR
yw1xb6BBfIhP2Ebhl+pmBGtOWYmgjsJtwyfdLgmH2zJM+7yZBPJfQqPitooOtKir
50o9Ozse+ekRjIL3QUlvcy1ZODX9x3BvMw0r5CevpbUz/wUFskHdMDn9K7x8tyyv
iNlXWR7GjMgul5l+SCoLUh+y4IWIPpOghSLAQL9GpwmL5Th7/2A5X1tdm2lFKbsQ
wj3xRtaMG5VFyqV1VVzVn9vgtKgaJ6IbIeC2udcAXil8dfSuy9XcmxYJDwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL/yXK5fS5lt3WyIYDl84eoWMZeTMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdl9KY3JsOUxtVzNkYkloZ09Yemg2aFl4bDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVhckD
BABVhcwDBABVheQDBABVhe4wDQYJKoZIhvcNAQELBQADggEBAG7YSm0YaKLo5UW4
9N4FpgPh7cmKsZZXRX9TO98Y3G+F6Zezte3GlwQInltbYDTBjmiMGs2rkPSymMy4
4naR67yPv2q0j6Gm2KWfmex3q3Hxk0JnnOZQqzuEhOk9rOx7djngst3m2iC8zKTZ
hzlimotGocNt1Yhb1OjzF6gAm+uxrQ39UEYgGcgM6ROum9pezkNe1M52fNrdlJ1R
/ZNwjXHh6/0DZjLHTouj9ztJKcp9NjPMEMpsuNzgrJxFmXn164GV6bwJImRo5Uzq
BLyqrcQHVNA3GQRE7z8VpbkSJsLWmZPFX+6WNZO+jqG6nX7KGZmMwP9KaixJnUqY
B+8W/FA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:15:30 2025 by rpki-client