Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/56T6zW4aSWrMfRdHfPjh6ZGGSao.roa
File: 56T6zW4aSWrMfRdHfPjh6ZGGSao.roa (raw, json)
Hash identifier: HRvdtCYIZPbv0zIOCx8/BNQolO+td6Hg8jXPnt+D8yc=
Subject key identifier: E7:A4:FA:CD:6E:1A:49:6A:CC:7D:17:47:7C:F8:E1:E9:91:86:49:AA
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01965D890C69C5AA371047ED474374BC32E0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/56T6zW4aSWrMfRdHfPjh6ZGGSao.roa
Signing time: Tue 22 Apr 2025 12:46:24 +0000
ROA not before: Tue 22 Apr 2025 12:46:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:89:0c:69:c5:aa:37:10:47:ed:47:43:74:bc:32:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 22 12:46:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7a4facd6e1a496acc7d17477cf8e1e9918649aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:e7:92:e5:1a:1c:3d:dd:ea:5f:5b:13:2f:
3f:1c:01:d2:2f:1a:02:c2:8d:b4:d1:b4:ad:42:09:
f0:99:90:19:ff:9e:56:16:53:9f:71:db:bd:a4:8c:
db:a3:65:8e:f4:04:91:17:3c:33:b5:09:da:9b:52:
8a:df:d7:d9:be:85:c3:5b:81:5e:19:77:96:4b:39:
bb:80:90:da:5f:bf:20:d7:52:62:c5:48:fe:a8:54:
2f:98:57:94:a4:69:24:9b:a1:43:c9:e5:25:dd:98:
44:43:92:66:81:ce:a6:64:96:6c:de:d0:a9:83:11:
0e:9b:5a:08:6a:69:2a:78:31:1f:b3:2f:66:4a:8d:
ed:97:ca:23:49:a6:af:bc:97:57:e3:b1:b0:d0:b8:
4f:d1:81:7e:38:59:ad:67:c5:3a:a1:b8:71:b6:fd:
06:ee:10:99:ba:4a:36:32:db:e8:9e:7e:8f:fd:eb:
ff:2c:4a:77:6a:07:b3:17:8e:a8:db:41:c1:00:8f:
10:66:1a:51:d7:a5:ed:aa:c9:ae:b9:46:b5:68:53:
36:57:1a:89:8b:f5:7e:5a:49:3f:ce:b7:56:85:9a:
5c:92:eb:27:0f:5f:7a:a1:ef:50:a8:38:70:0a:0d:
a4:ac:06:4c:d5:d0:e7:95:6c:c7:72:18:01:e9:c5:
46:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A4:FA:CD:6E:1A:49:6A:CC:7D:17:47:7C:F8:E1:E9:91:86:49:AA
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/56T6zW4aSWrMfRdHfPjh6ZGGSao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.216.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c7:59:6b:49:d1:f5:fb:d1:ba:67:38:37:cd:2a:b2:af:ad:
08:db:0a:80:00:3d:51:bc:96:b9:71:a0:ab:e1:91:d9:1c:1e:
fc:08:f0:9a:ac:1b:2e:e4:84:cf:79:06:45:20:86:68:44:e7:
80:2b:43:59:50:27:bd:68:2f:54:cf:17:85:26:dc:01:97:ab:
e7:5e:d9:de:af:e2:0b:5f:20:72:13:7b:1f:ff:34:c8:30:4f:
21:94:77:ab:b9:b2:3f:9c:94:89:7c:41:03:30:a4:e8:f8:a9:
fd:54:a8:da:80:11:8a:cc:da:53:03:16:14:72:db:75:5d:2b:
b0:a9:ce:0d:4f:a5:7e:a6:98:e2:30:4f:dc:b4:54:9c:90:d6:
f2:46:61:6e:93:2e:e4:8a:73:0a:63:15:f1:96:00:ff:4e:fc:
98:35:c0:f7:6b:5d:10:38:11:d4:a8:8c:5c:21:3e:37:7d:b9:
91:ff:79:f6:2c:45:30:1c:e4:94:57:31:33:6d:c6:35:5e:ad:
6b:9f:62:ca:9c:d2:56:c0:de:d3:54:ac:71:e9:d6:00:98:3c:
95:42:89:86:ad:8a:b9:37:5a:02:a6:58:44:97:c7:0e:1a:09:
46:04:95:c7:8c:77:54:c6:95:1e:5a:cb:e1:d3:c1:e4:6d:bb:
5f:30:32:a3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZdiQxpxao3EEftR0N0vDLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNDIyMTI0NjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2E0ZmFjZDZlMWE0OTZhY2M3ZDE3NDc3Y2Y4ZTFlOTkxODY0OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr3nkuUaHD3d6l9bEy8/HAHSLxoC
wo200bStQgnwmZAZ/55WFlOfcdu9pIzbo2WO9ASRFzwztQnam1KK39fZvoXDW4Fe
GXeWSzm7gJDaX78g11JixUj+qFQvmFeUpGkkm6FDyeUl3ZhEQ5Jmgc6mZJZs3tCp
gxEOm1oIamkqeDEfsy9mSo3tl8ojSaavvJdX47Gw0LhP0YF+OFmtZ8U6obhxtv0G
7hCZuko2Mtvonn6P/ev/LEp3agezF46o20HBAI8QZhpR16XtqsmuuUa1aFM2VxqJ
i/V+Wkk/zrdWhZpckusnD196oe9QqDhwCg2krAZM1dDnlWzHchgB6cVGuwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOek+s1uGklqzH0XR3z44emRhkmqMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvNTZUNnpXNGFTV3JNZlJkSGZQamg2WkdHU2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYXBAwQA
VYXYMAwDBAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAHbHWWtJ
0fX70bpnODfNKrKvrQjbCoAAPVG8lrlxoKvhkdkcHvwI8JqsGy7khM95BkUghmhE
54ArQ1lQJ71oL1TPF4Um3AGXq+de2d6v4gtfIHITex//NMgwTyGUd6u5sj+clIl8
QQMwpOj4qf1UqNqAEYrM2lMDFhRy23VdK7Cpzg1PpX6mmOIwT9y0VJyQ1vJGYW6T
LuSKcwpjFfGWAP9O/Jg1wPdrXRA4EdSojFwhPjd9uZH/efYsRTAc5JRXMTNtxjVe
rWufYsqc0lbA3tNUrHHp1gCYPJVCiYatirk3WgKmWESXxw4aCUYElceMd1TGlR5a
y+HTweRtu18wMqM=
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:57:37 2025 by rpki-client