Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/GvYifLwvM0onUM_cQoICJOzBlKU.roa
File: GvYifLwvM0onUM_cQoICJOzBlKU.roa (raw, json)
Hash identifier: byeAApg6AZ/UJbcZvvU1vuf6D8tGxt+RINj6bF6jhqY=
Subject key identifier: 1A:F6:22:7C:BC:2F:33:4A:27:50:CF:DC:42:82:02:24:EC:C1:94:A5
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019EC1804DB1B251D6F59CE24D540782953E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/GvYifLwvM0onUM_cQoICJOzBlKU.roa
Signing time: Sat 13 Jun 2026 15:01:11 +0000
ROA not before: Sat 13 Jun 2026 15:01:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 15:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c1:80:4d:b1:b2:51:d6:f5:9c:e2:4d:54:07:82:95:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 13 15:01:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1af6227cbc2f334a2750cfdc42820224ecc194a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:91:da:b3:e9:f5:a1:83:a2:5a:8a:d2:48:
f8:d2:8c:cf:e6:0c:a1:9a:1f:96:f7:0b:20:17:ce:
b9:e9:0f:f3:c3:19:f4:d5:fd:68:e2:28:e9:54:48:
32:38:a2:f7:97:0a:97:33:3c:a6:0b:fd:63:fe:be:
1a:2b:e1:cb:21:a2:f4:12:00:39:79:87:16:ba:90:
f6:2f:17:20:64:e6:d7:84:59:8b:69:d6:52:4a:9f:
0f:de:6e:20:23:6e:68:82:d6:3d:96:ba:45:98:ce:
95:76:51:94:84:1a:2e:66:db:1a:af:41:11:10:5c:
61:8a:1d:da:c2:64:0a:a8:aa:f5:fd:aa:e4:4e:33:
47:58:fc:9b:b5:f6:d1:1c:63:a9:7e:73:26:f1:11:
36:77:cd:27:65:9a:be:21:7e:ed:86:78:22:bd:e2:
6e:55:22:e8:d3:e7:eb:cd:a1:6a:7f:3e:af:1b:2c:
d6:1a:63:d2:b5:03:6e:67:c2:ee:9a:3b:65:d1:55:
28:72:56:66:30:71:fb:bf:04:ba:86:4f:e8:20:8f:
4e:54:ba:e4:58:2b:28:28:9e:2b:57:14:80:9f:4e:
58:9a:d2:ad:bb:ce:75:11:a4:03:17:75:cc:6a:d1:
88:54:30:d9:9b:93:08:e9:25:ce:8b:6f:ec:55:2b:
8e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F6:22:7C:BC:2F:33:4A:27:50:CF:DC:42:82:02:24:EC:C1:94:A5
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/GvYifLwvM0onUM_cQoICJOzBlKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0-85.133.139.255
85.133.141.0-85.133.152.255
85.133.154.0-85.133.159.255
85.133.164.0-85.133.192.255
85.133.200.0/24
85.133.204.0/24
85.133.207.0/24
85.133.209.0-85.133.213.255
85.133.215.0-85.133.218.255
85.133.222.0-85.133.224.255
85.133.226.0/24
85.133.228.0/24
85.133.231.0-85.133.232.255
85.133.235.0-85.133.236.255
85.133.238.0/24
85.133.244.0/23
85.133.247.0/24
85.133.251.0/24
85.133.255.0/24
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:ba:5b:35:d7:e5:a6:b7:8f:31:d4:17:2c:a5:2d:aa:70:c0:
5a:ba:76:49:d0:fc:46:65:72:ae:99:3e:20:6b:64:af:bb:03:
40:82:3a:75:0e:cf:77:03:bb:63:c2:4a:48:09:06:d7:48:f6:
bd:31:f8:ce:88:f5:cc:86:6d:3b:85:4d:55:b2:df:af:5e:7a:
f2:0d:b0:b8:7a:4e:4c:9f:8b:2d:9d:98:60:73:44:63:1b:fe:
b6:24:ee:8b:e9:9a:37:2d:08:cf:5e:4e:33:43:8c:59:4b:36:
0a:c3:16:4e:92:d2:3d:76:74:0f:f8:29:12:50:5c:e6:95:4a:
f1:cb:60:57:d2:69:11:71:1c:cc:71:2f:1e:57:d8:40:ca:48:
89:ad:6d:bc:df:17:88:d0:3e:bc:f5:96:78:cb:aa:2b:e8:c2:
a6:74:e0:23:34:b6:e6:d8:1c:b8:1f:ca:29:ff:54:8f:91:f9:
d5:d3:46:07:5d:74:58:78:fa:38:ab:a2:98:be:cb:ad:fa:38:
77:d0:5e:cd:a2:db:88:c2:48:5e:5f:1b:43:cf:f6:8e:3c:35:
b4:b9:e1:f4:ce:79:4c:17:a0:69:58:00:bf:cf:4f:59:f2:79:
19:71:41:72:af:1f:3b:3e:70:32:87:35:33:a6:8f:f8:f6:86:
77:f7:0c:cc
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAZ7BgE2xslHW9ZziTVQHgpU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjYwNjEzMTUwMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY2MjI3Y2JjMmYzMzRhMjc1MGNmZGM0MjgyMDIyNGVjYzE5NGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBqR2rPp9aGDolqK0kj40ozP5gyh
mh+W9wsgF8656Q/zwxn01f1o4ijpVEgyOKL3lwqXMzymC/1j/r4aK+HLIaL0EgA5
eYcWupD2LxcgZObXhFmLadZSSp8P3m4gI25ogtY9lrpFmM6VdlGUhBouZtsar0ER
EFxhih3awmQKqKr1/arkTjNHWPybtfbRHGOpfnMm8RE2d80nZZq+IX7thngiveJu
VSLo0+frzaFqfz6vGyzWGmPStQNuZ8Lumjtl0VUoclZmMHH7vwS6hk/oII9OVLrk
WCsoKJ4rVxSAn05YmtKtu851EaQDF3XMatGIVDDZm5MI6SXOi2/sVSuOOwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFBr2Iny8LzNKJ1DP3EKCAiTswZSlMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvR3ZZaWZMd3ZNMG9uVU1fY1FvSUNKT3pCbEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBwQQCAAEwgbowDAME
B1WFgAMEAlWFiDAMAwQAVYWNAwQAVYWYMAwDBAFVhZoDBAVVhYAwDAMEAlWFpAME
AFWFwAMEAFWFyAMEAFWFzAMEAFWFzzAMAwQAVYXRAwQBVYXUMAwDBABVhdcDBABV
hdowDAMEAVWF3gMEAFWF4AMEAFWF4gMEAFWF5DAMAwQAVYXnAwQAVYXoMAwDBABV
hesDBABVhewDBABVhe4DBAFVhfQDBABVhfcDBABVhfsDBABVhf8wDQQCAAIwBwMF
AyoEh8AwDQYJKoZIhvcNAQELBQADggEBAGy6WzXX5aa3jzHUFyylLapwwFq6dknQ
/EZlcq6ZPiBrZK+7A0CCOnUOz3cDu2PCSkgJBtdI9r0x+M6I9cyGbTuFTVWy369e
evINsLh6Tkyfiy2dmGBzRGMb/rYk7ovpmjctCM9eTjNDjFlLNgrDFk6S0j12dA/4
KRJQXOaVSvHLYFfSaRFxHMxxLx5X2EDKSImtbbzfF4jQPrz1lnjLqivowqZ04CM0
tubYHLgfyin/VI+R+dXTRgdddFh4+jiropi+y636OHfQXs2i24jCSF5fG0PP9o48
NbS54fTOeUwXoGlYAL/PT1nyeRlxQXKvHzs+cDKHNTOmj/j2hnf3DMw=
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:12:14 2026 by rpki-client