Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YWHz3fxaOfoMOH5_cTNPFCF5TMk.roa
File: YWHz3fxaOfoMOH5_cTNPFCF5TMk.roa (raw, json)
Hash identifier: dI7KHHPfreh/FH6NLvFMGzIK4XeoytI7/bZBWshxj+s=
Subject key identifier: 61:61:F3:DD:FC:5A:39:FA:0C:38:7E:7F:71:33:4F:14:21:79:4C:C9
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0199868E646E534C271629EAD8378E481D52
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YWHz3fxaOfoMOH5_cTNPFCF5TMk.roa
Signing time: Fri 26 Sep 2025 15:05:02 +0000
ROA not before: Fri 26 Sep 2025 15:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.151.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:8e:64:6e:53:4c:27:16:29:ea:d8:37:8e:48:1d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 26 15:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6161f3ddfc5a39fa0c387e7f71334f1421794cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:01:06:28:23:53:70:55:16:b3:25:87:82:
cb:c6:26:dc:c1:13:54:63:64:0e:48:c5:04:6d:08:
32:8e:45:f5:89:27:cf:49:53:4a:e1:bf:ba:f2:60:
ca:b3:fc:f7:48:51:a6:7c:06:30:44:a8:43:d8:03:
ce:35:b8:39:01:8a:5e:68:4b:1a:49:1a:a5:f8:36:
6a:78:9e:6d:47:5d:de:6a:13:e4:ec:ed:b6:2e:90:
6b:aa:82:14:ef:fc:cb:74:67:25:7a:ed:4b:0d:c0:
fc:ed:e7:d4:bf:da:62:83:40:c5:de:a9:bd:cf:13:
47:16:ef:93:14:38:f9:15:e9:b2:c8:8a:d5:a3:c7:
31:96:02:b8:96:85:9f:89:27:d8:69:c1:5f:7b:9c:
50:fe:9c:3e:ef:27:57:b9:ff:65:f5:f8:a8:da:f7:
24:8b:bb:13:b9:ab:ff:15:16:bb:91:39:9c:a4:36:
de:1f:23:96:83:8e:b3:9e:62:0b:74:c5:20:83:23:
67:32:ba:44:8e:1e:0f:19:5c:70:aa:cf:a6:cd:b7:
cb:6e:f2:c2:f1:1e:c2:a5:2d:2a:58:b2:42:91:7b:
7f:56:b1:ad:62:cd:dc:b3:6f:2e:4c:2c:c5:1f:93:
4c:5d:dd:25:45:7c:e9:5c:b3:23:8b:fe:41:86:43:
f6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:61:F3:DD:FC:5A:39:FA:0C:38:7E:7F:71:33:4F:14:21:79:4C:C9
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YWHz3fxaOfoMOH5_cTNPFCF5TMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.135.0/24
77.90.138.0/24
77.90.145.0/24
77.90.151.0/24
77.90.153.0/24
77.90.164.0/24
77.90.184.0/24
185.230.13.0/24
185.230.15.0/24
213.209.146.0/24
213.209.149.0-213.209.150.255
Signature Algorithm: sha256WithRSAEncryption
19:72:0c:6d:81:84:fe:19:f6:95:27:87:34:f7:9e:26:b7:6f:
54:3a:8a:3c:d4:15:d8:5b:3a:19:1f:cf:5f:ff:f2:95:36:22:
25:c0:1b:b7:1a:27:8a:b4:6f:1d:62:6b:7d:df:40:ea:3f:3c:
e9:88:32:43:6c:82:a5:a4:97:d5:a8:10:07:ae:dd:9b:22:91:
c1:26:45:5b:d3:5d:5c:45:f4:3b:cf:91:90:13:29:47:50:34:
fe:23:c3:a3:69:c8:57:ec:31:af:33:ce:41:81:40:20:f8:b7:
47:f9:11:76:95:79:d2:0a:38:fb:99:1c:e4:89:c6:e3:c3:d5:
77:a5:fb:24:66:81:11:1a:ae:eb:69:04:2e:69:d0:ce:dd:94:
bb:68:ee:c4:b8:8e:e4:11:cc:b3:b5:d5:c4:8b:81:3b:0f:34:
b7:58:3a:09:eb:3f:e0:89:a9:0f:36:6d:2b:48:b7:27:d3:1a:
a1:c5:60:03:95:82:be:f1:03:1d:34:0e:83:64:45:ed:14:e7:
8c:91:8b:f5:20:bf:4c:f7:f0:72:24:5a:95:81:b7:49:8a:79:
dc:e8:ae:83:68:82:80:56:7b:6e:aa:d3:10:fa:56:f6:16:04:
3d:08:06:07:64:94:8d:2e:fa:ba:1f:d8:06:8c:1d:f5:ec:bf:
22:56:08:b7
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZmGjmRuU0wnFinq2DeOSB1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwOTI2MTUwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTYxZjNkZGZjNWEzOWZhMGMzODdlN2Y3MTMzNGYxNDIxNzk0Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNwBBigjU3BVFrMlh4LLxibcwRNU
Y2QOSMUEbQgyjkX1iSfPSVNK4b+68mDKs/z3SFGmfAYwRKhD2APONbg5AYpeaEsa
SRql+DZqeJ5tR13eahPk7O22LpBrqoIU7/zLdGcleu1LDcD87efUv9pig0DF3qm9
zxNHFu+TFDj5FemyyIrVo8cxlgK4loWfiSfYacFfe5xQ/pw+7ydXuf9l9fio2vck
i7sTuav/FRa7kTmcpDbeHyOWg46znmILdMUggyNnMrpEjh4PGVxwqs+mzbfLbvLC
8R7CpS0qWLJCkXt/VrGtYs3cs28uTCzFH5NMXd0lRXzpXLMji/5BhkP2GwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGFh8938Wjn6DDh+f3EzTxQheUzJMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWVdIejNmeGFPZm9NT0g1X2NUTlBGQ0Y1VE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQATVqHAwQA
TVqKAwQATVqRAwQATVqXAwQATVqZAwQATVqkAwQATVq4AwQAueYNAwQAueYPAwQA
1dGSMAwDBADV0ZUDBADV0ZYwDQYJKoZIhvcNAQELBQADggEBABlyDG2BhP4Z9pUn
hzT3nia3b1Q6ijzUFdhbOhkfz1//8pU2IiXAG7caJ4q0bx1ia33fQOo/POmIMkNs
gqWkl9WoEAeu3ZsikcEmRVvTXVxF9DvPkZATKUdQNP4jw6NpyFfsMa8zzkGBQCD4
t0f5EXaVedIKOPuZHOSJxuPD1Xel+yRmgREarutpBC5p0M7dlLto7sS4juQRzLO1
1cSLgTsPNLdYOgnrP+CJqQ82bStItyfTGqHFYAOVgr7xAx00DoNkRe0U54yRi/Ug
v0z38HIkWpWBt0mKedzoroNogoBWe26q0xD6VvYWBD0IBgdklI0u+rof2AaMHfXs
vyJWCLc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:39 2025 by rpki-client