Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wlCqpCf6WqXLzJVszqz1Q1gTyss.roa
File: wlCqpCf6WqXLzJVszqz1Q1gTyss.roa (raw, json)
Hash identifier: VxRQNGxkKhRbXtEdjFiDmjDt1hmaWIKUoy1RTW4daSE=
Subject key identifier: C2:50:AA:A4:27:FA:5A:A5:CB:CC:95:6C:CE:AC:F5:43:58:13:CA:CB
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0198E06D6D1D1BA8B294FE987AEEF0B50AB1
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wlCqpCf6WqXLzJVszqz1Q1gTyss.roa
Signing time: Mon 25 Aug 2025 08:52:04 +0000
ROA not before: Mon 25 Aug 2025 08:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214526
IP address blocks: 85.133.194.0/24 maxlen: 24
85.133.195.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:6d:6d:1d:1b:a8:b2:94:fe:98:7a:ee:f0:b5:0a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 25 08:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c250aaa427fa5aa5cbcc956cceacf5435813cacb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:34:c4:6a:89:17:92:8c:45:b5:89:22:9e:
38:01:47:fe:3d:d2:ac:1c:1e:95:9f:50:ca:5a:d3:
f1:0b:41:55:e6:6d:a9:c5:48:b9:a5:90:29:4e:72:
49:6e:d8:62:3b:5f:21:f9:8e:78:da:82:46:aa:c7:
f4:97:87:bb:aa:61:3e:9d:21:c9:aa:72:2e:24:fc:
85:39:b1:d3:d6:d2:de:b1:bb:15:3c:18:9f:8a:83:
b6:f4:bd:fa:81:8b:1c:73:87:7c:fc:27:f5:cd:0f:
cd:81:e0:e9:5f:b3:3b:d5:1c:d1:40:2b:72:63:37:
ba:16:0f:92:db:46:8f:54:ac:a2:8a:27:8e:1d:d8:
13:d4:b3:7d:fc:c8:77:b9:70:2e:af:d3:c3:1f:32:
6c:de:b8:5b:d9:63:39:17:a8:d4:9a:e5:62:fa:b3:
92:55:8e:d5:b5:b0:27:79:96:13:71:7b:b4:d2:d6:
5f:b9:a3:02:1f:66:89:d1:60:98:3a:21:69:1a:2d:
7f:c4:71:ea:68:61:00:4b:26:a9:9e:05:2d:3c:01:
67:13:8f:90:8f:6d:b3:49:94:39:fd:42:27:e2:32:
44:7f:8d:7b:af:c2:14:6c:d2:73:cc:56:d1:5e:f9:
59:64:18:a1:3e:1a:9a:62:c4:73:27:d5:ed:f5:d4:
1f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:50:AA:A4:27:FA:5A:A5:CB:CC:95:6C:CE:AC:F5:43:58:13:CA:CB
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wlCqpCf6WqXLzJVszqz1Q1gTyss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.194.0/23
85.133.230.0/24
85.133.252.0/24
Signature Algorithm: sha256WithRSAEncryption
38:9d:5f:b7:9f:22:0a:03:a8:66:bd:40:25:05:80:93:64:67:
43:be:34:fd:ef:c8:e4:4e:95:b7:31:b9:dc:7e:27:d0:31:f4:
64:b6:18:a1:e6:cc:3e:c8:16:6c:ad:06:94:fd:e0:d2:e4:5e:
06:c3:a3:ee:07:21:b8:d3:3e:fe:1f:82:3e:15:d1:01:dd:5d:
7c:78:79:a3:3a:5f:c6:29:aa:68:17:7f:a0:f0:f3:e6:ef:f7:
3b:4e:22:42:14:99:ea:b9:dd:bc:b9:ad:60:0a:4f:bf:02:b2:
81:f4:b3:ef:21:c3:b4:cc:5b:ac:86:a9:b5:da:d4:66:80:59:
c8:42:78:42:a1:45:aa:af:a4:aa:b8:ae:5d:8d:a9:70:a5:18:
b5:b6:7c:f7:f4:26:a7:83:09:ca:fb:be:07:6b:08:12:a3:c6:
04:bf:89:62:5f:47:5b:c1:19:86:62:dd:b6:99:8d:6d:a0:c6:
b8:c8:d2:ca:b8:c9:9f:60:02:31:a9:41:2f:58:94:fe:00:ca:
05:64:11:7d:b7:3e:c7:b6:da:f0:86:81:f3:b0:34:02:22:7f:
be:7d:03:7e:c8:3d:8f:f6:c7:0d:0c:b3:bd:b3:9b:7e:4f:8a:
88:db:10:1b:9b:1f:7b:d4:63:05:d3:1b:6a:21:83:cf:df:90:
63:af:c9:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjgbW0dG6iylP6Yeu7wtQqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwODI1MDg1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjUwYWFhNDI3ZmE1YWE1Y2JjYzk1NmNjZWFjZjU0MzU4MTNjYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWs0xGqJF5KMRbWJIp44AUf+PdKs
HB6Vn1DKWtPxC0FV5m2pxUi5pZApTnJJbthiO18h+Y542oJGqsf0l4e7qmE+nSHJ
qnIuJPyFObHT1tLesbsVPBifioO29L36gYscc4d8/Cf1zQ/NgeDpX7M71RzRQCty
Yze6Fg+S20aPVKyiiieOHdgT1LN9/Mh3uXAur9PDHzJs3rhb2WM5F6jUmuVi+rOS
VY7VtbAneZYTcXu00tZfuaMCH2aJ0WCYOiFpGi1/xHHqaGEASyapngUtPAFnE4+Q
j22zSZQ5/UIn4jJEf417r8IUbNJzzFbRXvlZZBihPhqaYsRzJ9Xt9dQfGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMJQqqQn+lqly8yVbM6s9UNYE8rLMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvd2xDcXBDZjZXcVhMekpWc3pxejFRMWdUeXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVYXCAwQA
VYXmAwQAVYX8MA0GCSqGSIb3DQEBCwUAA4IBAQA4nV+3nyIKA6hmvUAlBYCTZGdD
vjT978jkTpW3MbncfifQMfRkthih5sw+yBZsrQaU/eDS5F4Gw6PuByG40z7+H4I+
FdEB3V18eHmjOl/GKapoF3+g8PPm7/c7TiJCFJnqud28ua1gCk+/ArKB9LPvIcO0
zFushqm12tRmgFnIQnhCoUWqr6SquK5djalwpRi1tnz39CangwnK+74HawgSo8YE
v4liX0dbwRmGYt22mY1toMa4yNLKuMmfYAIxqUEvWJT+AMoFZBF9tz7HttrwhoHz
sDQCIn++fQN+yD2P9scNDLO9s5t+T4qI2xAbmx971GMF0xtqIYPP35Bjr8mS
-----END CERTIFICATE-----
Generated at Tue Sep 9 23:12:25 2025 by rpki-client