Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Fv-ztF2UG5zf6h5b12hXUB2uIfM.roa
File: Fv-ztF2UG5zf6h5b12hXUB2uIfM.roa (raw, json)
Hash identifier: vWzxaASZZO87hMUAoCYoH4niRZRjFfP7/pwFauJSL4Q=
Subject key identifier: 16:FF:B3:B4:5D:94:1B:9C:DF:EA:1E:5B:D7:68:57:50:1D:AE:21:F3
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019D9701F38C0770CD9F2A26069E922EE7C3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Fv-ztF2UG5zf6h5b12hXUB2uIfM.roa
Signing time: Thu 16 Apr 2026 15:56:20 +0000
ROA not before: Thu 16 Apr 2026 15:56:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 85.133.195.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 00:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:01:f3:8c:07:70:cd:9f:2a:26:06:9e:92:2e:e7:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 16 15:56:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16ffb3b45d941b9cdfea1e5bd76857501dae21f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e5:45:0f:48:b3:dd:4a:67:36:ef:f8:16:76:
0c:04:b5:37:28:11:92:ac:fe:66:2a:3d:19:56:8e:
90:3f:23:d9:5c:69:da:f7:a3:74:20:f1:5b:a8:d1:
19:66:90:0a:5b:2a:aa:a9:70:ff:d2:7b:8c:5d:10:
eb:fd:01:7e:9e:b4:85:05:31:10:5c:33:0f:d9:30:
42:9e:88:a1:0c:c4:23:ef:16:a5:16:3d:07:0b:ce:
44:c0:b1:05:db:41:53:46:12:05:d3:57:05:cb:2b:
a3:8d:7a:1b:16:63:f1:49:d4:ef:b1:e4:ae:6a:d1:
b5:2b:7a:a5:de:78:d8:d2:3d:02:f2:f4:5b:5e:52:
42:f7:4d:3e:bc:07:34:43:05:51:d6:df:01:10:21:
c2:6c:61:fe:b4:bf:ed:70:ae:62:86:0c:55:57:38:
12:f2:59:31:ab:39:1d:49:ca:26:fc:1b:2e:40:2e:
88:28:09:cf:73:8e:13:a7:14:8c:6e:7b:37:10:be:
14:9b:4f:3a:ea:63:d3:ed:11:a9:73:8f:dd:35:43:
f9:6b:2c:2a:5a:35:11:e6:66:c5:2e:2c:00:42:1a:
35:4f:1d:12:6e:b3:0e:b7:27:5b:76:72:d3:e3:f8:
5e:e8:fc:3b:97:b3:f3:9f:8a:2d:aa:38:55:fb:d6:
23:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:FF:B3:B4:5D:94:1B:9C:DF:EA:1E:5B:D7:68:57:50:1D:AE:21:F3
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Fv-ztF2UG5zf6h5b12hXUB2uIfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.195.0/24
85.133.221.0/24
85.133.225.0/24
85.133.230.0/24
85.133.248.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:52:bd:10:d9:09:a9:e6:a0:8c:3b:2f:05:f9:56:25:eb:6a:
a7:67:1e:2d:cf:b4:75:33:6d:32:77:16:0f:05:71:18:02:3a:
9c:14:90:19:57:31:a6:c7:91:30:ed:d4:c3:7a:bd:12:78:23:
d9:be:26:36:92:4e:1c:d9:cd:e3:c1:f1:55:45:0d:be:f2:70:
9a:a3:46:36:33:41:3a:d6:99:d6:10:52:fa:0c:7f:75:40:ab:
06:cf:43:18:92:77:1a:07:43:96:8d:15:0a:4e:b4:1a:3c:c5:
e5:cd:54:8d:35:ec:f1:96:51:3b:76:c4:59:0c:6f:4a:ba:16:
d4:6f:92:79:41:c7:d9:7b:46:50:9e:75:89:1c:b0:ce:6d:78:
e9:bb:dc:17:37:b1:d9:7a:5f:4a:a3:f9:8d:02:dd:e8:c7:22:
51:2e:a1:52:83:8f:86:cd:b9:3a:1d:4a:dc:58:7b:37:2a:fe:
2a:dd:a8:96:17:7c:c0:e2:7e:7e:58:68:8f:0d:ed:c4:93:fd:
93:87:90:a7:03:65:a9:1d:46:8a:30:52:2b:49:e1:15:d4:31:
12:c0:dc:f3:b2:e1:ce:91:5d:a0:6b:cd:e0:3f:6b:79:33:d1:
85:a6:56:18:1c:a4:74:77:fb:c7:d6:ef:6b:31:67:03:09:ea:
57:2f:aa:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ2XAfOMB3DNnyomBp6SLufDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjYwNDE2MTU1NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmZmYjNiNDVkOTQxYjljZGZlYTFlNWJkNzY4NTc1MDFkYWUyMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OVFD0iz3UpnNu/4FnYMBLU3KBGS
rP5mKj0ZVo6QPyPZXGna96N0IPFbqNEZZpAKWyqqqXD/0nuMXRDr/QF+nrSFBTEQ
XDMP2TBCnoihDMQj7xalFj0HC85EwLEF20FTRhIF01cFyyujjXobFmPxSdTvseSu
atG1K3ql3njY0j0C8vRbXlJC900+vAc0QwVR1t8BECHCbGH+tL/tcK5ihgxVVzgS
8lkxqzkdScom/BsuQC6IKAnPc44TpxSMbns3EL4Um0866mPT7RGpc4/dNUP5aywq
WjUR5mbFLiwAQho1Tx0SbrMOtydbdnLT4/he6Pw7l7Pzn4otqjhV+9YjdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBb/s7RdlBuc3+oeW9doV1AdriHzMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRnYtenRGMlVHNXpmNmg1YjEyaFhVQjJ1SWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVYXDAwQA
VYXdAwQAVYXhAwQAVYXmAwQAVYX4AwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQCf
Ur0Q2Qmp5qCMOy8F+VYl62qnZx4tz7R1M20ydxYPBXEYAjqcFJAZVzGmx5Ew7dTD
er0SeCPZviY2kk4c2c3jwfFVRQ2+8nCao0Y2M0E61pnWEFL6DH91QKsGz0MYknca
B0OWjRUKTrQaPMXlzVSNNezxllE7dsRZDG9KuhbUb5J5QcfZe0ZQnnWJHLDObXjp
u9wXN7HZel9Ko/mNAt3oxyJRLqFSg4+Gzbk6HUrcWHs3Kv4q3aiWF3zA4n5+WGiP
De3Ek/2Th5CnA2WpHUaKMFIrSeEV1DESwNzzsuHOkV2ga83gP2t5M9GFplYYHKR0
d/vH1u9rMWcDCepXL6r1
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:10:46 2026 by rpki-client