Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mmKz5eWbi9QRsWIEG2amdp-45xY.roa
File: mmKz5eWbi9QRsWIEG2amdp-45xY.roa (raw, json)
Hash identifier: kEXUQutyuTSPl9CnJwgtGOfss4KUFJCUYJtTnTzPgs4=
Subject key identifier: 9A:62:B3:E5:E5:9B:8B:D4:11:B1:62:04:1B:66:A6:76:9F:B8:E7:16
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0198C6680CA80E5C50D1EE9286D1D2911682
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mmKz5eWbi9QRsWIEG2amdp-45xY.roa
Signing time: Wed 20 Aug 2025 07:36:04 +0000
ROA not before: Wed 20 Aug 2025 07:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:68:0c:a8:0e:5c:50:d1:ee:92:86:d1:d2:91:16:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 20 07:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a62b3e5e59b8bd411b162041b66a6769fb8e716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:d3:75:27:b3:32:24:de:49:b6:10:90:af:
ba:3d:cc:e2:ef:5c:89:ed:7b:ee:41:98:83:bb:73:
7f:4d:50:c6:f1:21:5e:0a:75:3c:b0:e4:dd:d0:fd:
45:75:50:e9:99:35:99:ef:94:43:63:ff:ea:dc:2c:
e0:8b:f1:69:92:75:df:99:82:37:d8:76:ac:25:ae:
27:2a:85:28:db:a2:51:2a:ed:96:5a:fa:99:99:ac:
24:1a:4f:ed:18:19:7c:83:f0:b6:d1:de:96:7e:dc:
60:38:f2:91:a0:ec:e2:d6:c1:eb:0e:c6:7a:59:7f:
2f:1d:06:a2:6a:7d:bc:6c:d9:19:cb:c7:05:09:06:
64:9e:e6:c9:72:d6:93:bf:01:13:76:7f:01:49:f1:
89:d6:57:b7:18:bc:c9:f6:ff:c6:8a:96:e6:44:17:
06:f0:f8:3a:81:af:4f:f1:9f:3f:67:40:8f:bd:54:
e7:2a:fa:15:9e:e1:49:55:09:98:6d:49:1f:e1:9c:
8e:48:e4:52:c2:fa:96:f1:8a:44:db:58:df:28:e0:
34:d7:b1:b9:10:5a:b7:a1:91:96:31:34:9a:a8:e0:
c9:9b:5d:4e:02:34:c0:e5:b2:73:39:7b:75:f7:a6:
4c:e7:5d:8a:ab:e6:5d:a0:7e:06:c2:1d:80:81:40:
6b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:62:B3:E5:E5:9B:8B:D4:11:B1:62:04:1B:66:A6:76:9F:B8:E7:16
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mmKz5eWbi9QRsWIEG2amdp-45xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.143.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.156.0/24
77.90.164.0/24
77.90.184.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
13:a3:36:bf:dc:78:be:5c:9f:32:cd:66:6e:89:ae:1b:66:0e:
2f:c5:65:be:c5:ec:56:cd:06:9a:82:fe:67:c1:85:77:07:e2:
dc:5c:8e:9b:d4:80:5d:07:2e:e7:8c:f1:3d:90:86:b5:7d:ab:
88:ea:1a:1b:26:cf:ab:ac:8e:c7:8a:51:20:86:e7:8c:64:e4:
b3:53:e5:aa:e2:4b:dc:bf:7e:4f:7f:a4:52:c7:fd:1e:07:7e:
da:7e:69:4f:bc:f5:9c:f8:28:a9:38:15:65:c6:3b:36:ee:38:
d5:fd:9e:1e:b7:96:c9:6d:81:06:cc:43:4c:df:30:dd:78:4a:
f9:cb:6b:bb:d7:5e:55:1d:f6:96:b3:36:c8:93:84:b2:59:7c:
9c:88:fe:fe:bf:a8:5d:1f:ea:da:f4:6d:d2:55:03:6e:d0:8d:
a6:d4:88:ad:bd:a3:3c:60:44:93:77:e7:94:15:b3:e9:4e:d8:
d9:51:aa:f5:5b:0e:f6:eb:c2:1b:6f:99:a4:a6:c9:41:26:08:
04:79:92:d2:bd:4b:6f:48:be:6e:29:84:df:1a:1b:55:13:d1:
e1:48:a2:2a:e9:ad:de:e6:23:c2:2f:91:41:74:4a:98:9c:4d:
10:ef:2e:49:c8:b8:ac:79:9f:32:a3:17:a6:41:48:cb:96:ca:
56:22:a8:d7
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZjGaAyoDlxQ0e6ShtHSkRaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwODIwMDczNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYyYjNlNWU1OWI4YmQ0MTFiMTYyMDQxYjY2YTY3NjlmYjhlNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6jTdSezMiTeSbYQkK+6Pczi71yJ
7XvuQZiDu3N/TVDG8SFeCnU8sOTd0P1FdVDpmTWZ75RDY//q3Czgi/FpknXfmYI3
2HasJa4nKoUo26JRKu2WWvqZmawkGk/tGBl8g/C20d6WftxgOPKRoOzi1sHrDsZ6
WX8vHQaian28bNkZy8cFCQZknubJctaTvwETdn8BSfGJ1le3GLzJ9v/GipbmRBcG
8Pg6ga9P8Z8/Z0CPvVTnKvoVnuFJVQmYbUkf4ZyOSORSwvqW8YpE21jfKOA017G5
EFq3oZGWMTSaqODJm11OAjTA5bJzOXt196ZM512Kq+ZdoH4Gwh2AgUBrXQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFJpis+Xlm4vUEbFiBBtmpnafuOcWMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbW1LejVlV2JpOVFSc1dJRUcyYW1kcC00NXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBABN
Wo8DBABNWpAwDAMEAU1akgMEAE1alAMEAE1anAMEAE1apAMEAE1auAMEANXRijAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBABOjNr/ceL5c
nzLNZm6JrhtmDi/FZb7F7FbNBpqC/mfBhXcH4txcjpvUgF0HLueM8T2QhrV9q4jq
Ghsmz6usjseKUSCG54xk5LNT5ariS9y/fk9/pFLH/R4Hftp+aU+89Zz4KKk4FWXG
OzbuONX9nh63lsltgQbMQ0zfMN14SvnLa7vXXlUd9pazNsiThLJZfJyI/v6/qF0f
6tr0bdJVA27QjabUiK29ozxgRJN355QVs+lO2NlRqvVbDvbrwhtvmaSmyUEmCAR5
ktK9S29Ivm4phN8aG1UT0eFIoirprd7mI8IvkUF0SpicTRDvLknIuKx5nzKjF6ZB
SMuWylYiqNc=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:15:38 2025 by rpki-client