Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d0QPUb9bw255FbDfGbVwKoJI6bE.roa
File: d0QPUb9bw255FbDfGbVwKoJI6bE.roa (raw, json)
Hash identifier: jrR/WoS1SZ3m1OaPCDPsHF9pj1zBDeNV31JSvSAQwFQ=
Subject key identifier: 77:44:0F:51:BF:5B:C3:6E:79:15:B0:DF:19:B5:70:2A:82:48:E9:B1
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0198747D5C37BA5AE4BCC02DD18C523FCF9F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d0QPUb9bw255FbDfGbVwKoJI6bE.roa
Signing time: Mon 04 Aug 2025 09:50:29 +0000
ROA not before: Mon 04 Aug 2025 09:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 77.90.168.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:7d:5c:37:ba:5a:e4:bc:c0:2d:d1:8c:52:3f:cf:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 4 09:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77440f51bf5bc36e7915b0df19b5702a8248e9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1d:39:ca:58:3d:43:e6:42:e5:08:80:0d:a5:
96:c7:93:b0:04:54:40:93:45:8c:c3:ad:e4:d3:8c:
52:9b:64:00:a9:8a:5a:fc:6e:cf:0e:a1:90:e0:97:
90:7a:49:c5:d8:d5:66:57:44:38:63:64:e9:08:74:
65:b0:cc:9d:42:91:a8:75:13:0c:d5:3f:bc:5b:de:
f1:ad:41:0a:03:a7:75:a0:fc:9d:a2:b8:42:28:94:
8c:f8:8b:cb:db:d1:27:2d:92:7e:f3:e3:22:bf:92:
0b:d4:a9:a4:09:e4:35:0d:61:13:d4:31:9b:ce:88:
78:eb:18:30:a2:46:64:5b:36:6e:f1:1d:d0:cf:18:
78:1a:54:07:82:1e:11:fb:b1:73:d5:4b:78:ae:7f:
e3:51:69:03:20:16:1a:6f:3d:62:ce:37:75:06:1d:
bb:79:67:e0:c3:01:3a:28:e2:e1:c9:2f:b2:4f:74:
7f:3a:28:17:de:fd:94:2a:c2:e3:50:26:44:f7:de:
0c:e2:bc:a2:66:9f:c9:4d:af:0a:98:56:56:dd:a8:
20:4b:44:e6:94:89:81:9d:1c:b1:c6:85:52:d2:e7:
a4:43:6d:4e:6a:f9:8e:d3:9c:d4:be:70:fc:b1:8d:
2f:53:4e:44:cf:00:8c:c6:ce:74:b0:13:b4:65:d2:
4f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:44:0F:51:BF:5B:C3:6E:79:15:B0:DF:19:B5:70:2A:82:48:E9:B1
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d0QPUb9bw255FbDfGbVwKoJI6bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.168.0/24
77.90.174.0/24
Signature Algorithm: sha256WithRSAEncryption
77:71:e1:69:28:1e:7e:33:cf:bd:9f:80:85:fa:a9:81:79:69:
2d:c7:87:61:fa:2c:59:0a:f4:b4:43:a5:5a:1d:4b:c0:86:91:
65:93:ad:a6:1a:98:5a:8e:a8:81:8d:60:c8:5d:82:11:63:06:
7e:a9:29:a2:c9:6e:fa:9e:0d:e8:fa:cd:ff:6b:9b:db:b5:12:
fd:78:9b:f5:8c:f4:86:cb:16:b9:80:5c:18:e0:a3:48:eb:a4:
ba:ee:8a:7e:44:a5:4c:dd:3a:2e:93:8a:74:63:86:a8:d8:36:
80:f9:34:6f:f5:4d:03:d3:4d:54:3b:3f:57:3c:a2:39:c9:71:
92:cf:83:fd:62:be:a9:dc:6f:34:c4:d5:df:dc:cd:2b:10:a7:
fb:50:1d:d8:d6:a0:94:8a:9b:06:d1:de:6f:e3:cb:a6:cf:b4:
0e:60:23:32:2d:2a:8c:ee:64:bb:b8:f2:23:5f:0c:a8:7c:6e:
bc:a3:4f:9e:b5:2f:88:56:ba:1b:3a:03:1f:cd:0d:6a:48:1c:
93:a1:1e:24:c1:55:5a:e8:33:85:f7:3a:97:a8:28:c9:46:bd:
e6:c9:e6:fc:59:6f:b9:f4:58:f5:7c:36:bf:2b:fd:02:0f:44:
f6:7e:7b:03:72:7a:a7:30:ed:78:6a:f8:f5:d4:c0:6a:aa:cd:
a4:b7:40:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZh0fVw3ulrkvMAt0YxSP8+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwODA0MDk1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ0MGY1MWJmNWJjMzZlNzkxNWIwZGYxOWI1NzAyYTgyNDhlOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix05ylg9Q+ZC5QiADaWWx5OwBFRA
k0WMw63k04xSm2QAqYpa/G7PDqGQ4JeQeknF2NVmV0Q4Y2TpCHRlsMydQpGodRMM
1T+8W97xrUEKA6d1oPydorhCKJSM+IvL29EnLZJ+8+Miv5IL1KmkCeQ1DWET1DGb
zoh46xgwokZkWzZu8R3Qzxh4GlQHgh4R+7Fz1Ut4rn/jUWkDIBYabz1izjd1Bh27
eWfgwwE6KOLhyS+yT3R/OigX3v2UKsLjUCZE994M4ryiZp/JTa8KmFZW3aggS0Tm
lImBnRyxxoVS0uekQ21OavmO05zUvnD8sY0vU05EzwCMxs50sBO0ZdJPfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdED1G/W8NueRWw3xm1cCqCSOmxMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZDBRUFViOWJ3MjU1RmJEZkdiVndLb0pJNmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqoAwQA
TVquMA0GCSqGSIb3DQEBCwUAA4IBAQB3ceFpKB5+M8+9n4CF+qmBeWktx4dh+ixZ
CvS0Q6VaHUvAhpFlk62mGphajqiBjWDIXYIRYwZ+qSmiyW76ng3o+s3/a5vbtRL9
eJv1jPSGyxa5gFwY4KNI66S67op+RKVM3Touk4p0Y4ao2DaA+TRv9U0D001UOz9X
PKI5yXGSz4P9Yr6p3G80xNXf3M0rEKf7UB3Y1qCUipsG0d5v48umz7QOYCMyLSqM
7mS7uPIjXwyofG68o0+etS+IVrobOgMfzQ1qSByToR4kwVVa6DOF9zqXqCjJRr3m
yeb8WW+59Fj1fDa/K/0CD0T2fnsDcnqnMO14avj11MBqqs2kt0C2
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:33:50 2025 by rpki-client