Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zzbHWxJLsLUWNFdWT3RcsYaj87k.roa
File: zzbHWxJLsLUWNFdWT3RcsYaj87k.roa (raw, json)
Hash identifier: aYt8vEO0dk7Q0eIdeE/UvWjCj2uQYX3kR/4atzt1mVQ=
Subject key identifier: CF:36:C7:5B:12:4B:B0:B5:16:34:57:56:4F:74:5C:B1:86:A3:F3:B9
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019E1E27FB75027AD2C6155EBFC5789CA295
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zzbHWxJLsLUWNFdWT3RcsYaj87k.roa
Signing time: Tue 12 May 2026 21:46:37 +0000
ROA not before: Tue 12 May 2026 21:46:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213541
IP address blocks: 77.90.149.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:46:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:27:fb:75:02:7a:d2:c6:15:5e:bf:c5:78:9c:a2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 12 21:46:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf36c75b124bb0b5163457564f745cb186a3f3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:20:35:70:79:6e:24:60:f9:ff:5e:ee:c3:70:
c9:c1:6c:a9:dc:ac:14:79:d5:83:e7:e6:7b:27:41:
19:c0:c0:77:e3:21:00:a1:96:37:43:64:02:e8:29:
e4:c9:2b:6f:e4:fd:fc:c3:0e:9c:29:4f:fb:0f:c6:
60:bc:7d:13:85:44:24:4b:a1:4e:ee:20:66:dd:10:
6e:ae:2e:d6:cb:74:f6:d0:c5:32:02:63:b3:ad:3c:
04:74:6b:92:45:0b:6d:d2:79:c0:77:0e:ee:86:4c:
ee:09:09:fd:40:0a:d3:fe:37:79:dd:2a:09:2f:66:
36:19:8d:2c:21:c3:e8:90:1c:36:fb:a1:ce:ba:bd:
ff:5c:b7:37:bc:bd:2c:5f:5c:ea:0f:f7:ec:1b:33:
7a:ec:b3:83:0a:a0:50:dd:3e:e5:ee:f3:91:da:16:
e8:bf:64:99:45:99:89:67:5e:f8:74:90:56:4d:f3:
6e:d1:96:02:2b:c8:d1:9d:aa:13:2a:73:73:d7:81:
ff:3b:4c:d7:33:47:11:43:c9:e3:6d:54:34:8b:61:
c9:a3:d1:25:84:cb:bd:47:2a:f6:89:02:d3:20:e6:
19:16:e4:75:55:b3:97:c5:ca:21:f0:89:c9:22:c2:
33:79:03:1f:48:53:5a:83:b7:3e:42:2d:25:0a:c4:
22:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:36:C7:5B:12:4B:B0:B5:16:34:57:56:4F:74:5C:B1:86:A3:F3:B9
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zzbHWxJLsLUWNFdWT3RcsYaj87k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0-77.90.150.255
77.90.152.0/24
77.90.155.0/24
77.90.167.0-77.90.168.255
77.90.174.0/24
77.90.179.0-77.90.181.255
185.230.12.0/24
213.209.133.0-213.209.135.255
213.209.137.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
2b:b7:f2:ba:20:23:34:1b:a3:29:ca:e5:0a:c1:23:11:06:84:
05:74:16:46:4d:e4:6b:c2:0a:58:e1:42:15:e1:45:ae:20:ff:
b1:54:40:59:4f:1c:1d:e9:f3:d6:32:2a:c1:a4:f6:68:d9:d0:
09:ef:53:ad:73:b3:59:28:00:5d:77:37:df:13:88:e6:0c:44:
06:d4:30:d2:e4:d2:00:26:5f:ba:67:28:d6:ee:1f:99:12:1f:
2e:42:5d:81:24:76:53:ae:4b:bf:3c:b4:ef:1f:47:aa:9c:8c:
fb:7f:05:1b:1c:40:b5:6a:d3:77:ed:87:7f:1c:77:b3:fe:fb:
0f:40:26:1b:98:e0:d6:80:a8:f1:df:d2:d6:25:c7:54:4e:15:
51:4e:1c:7c:cf:62:62:95:1b:78:2e:30:2e:4b:fa:bd:58:b2:
a6:ad:5f:dc:6f:c7:83:0f:9a:1e:ed:36:5d:e0:e8:77:0b:13:
9e:82:af:e4:74:09:35:5e:b1:09:9c:99:a5:3d:a8:38:67:c6:
aa:97:60:0a:f8:13:9f:97:b3:dc:8c:fe:74:f5:b4:38:21:ac:
e6:8c:4a:06:f3:16:bd:c6:aa:bc:4e:08:ea:eb:9d:7e:f0:b7:
3b:53:e8:2a:62:dd:d0:81:97:20:4a:ee:e9:fb:d8:7f:85:22:
5d:9e:52:f9
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ4eJ/t1AnrSxhVev8V4nKKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjYwNTEyMjE0NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM2Yzc1YjEyNGJiMGI1MTYzNDU3NTY0Zjc0NWNiMTg2YTNmM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziA1cHluJGD5/17uw3DJwWyp3KwU
edWD5+Z7J0EZwMB34yEAoZY3Q2QC6CnkyStv5P38ww6cKU/7D8ZgvH0ThUQkS6FO
7iBm3RBuri7Wy3T20MUyAmOzrTwEdGuSRQtt0nnAdw7uhkzuCQn9QArT/jd53SoJ
L2Y2GY0sIcPokBw2+6HOur3/XLc3vL0sX1zqD/fsGzN67LODCqBQ3T7l7vOR2hbo
v2SZRZmJZ174dJBWTfNu0ZYCK8jRnaoTKnNz14H/O0zXM0cRQ8njbVQ0i2HJo9El
hMu9Ryr2iQLTIOYZFuR1VbOXxcoh8InJIsIzeQMfSFNag7c+Qi0lCsQiPQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFM82x1sSS7C1FjRXVk90XLGGo/O5MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvenpiSFd4SkxzTFVXTkZkV1QzUmNzWWFqODdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBABNWpUD
BABNWpYDBABNWpgDBABNWpswDAMEAE1apwMEAE1aqAMEAE1arjAMAwQATVqzAwQB
TVq0AwQAueYMMAwDBADV0YUDBAPV0YADBADV0YkwDAMEANXRmQMEANXRmjANBgkq
hkiG9w0BAQsFAAOCAQEAK7fyuiAjNBujKcrlCsEjEQaEBXQWRk3ka8IKWOFCFeFF
riD/sVRAWU8cHenz1jIqwaT2aNnQCe9TrXOzWSgAXXc33xOI5gxEBtQw0uTSACZf
umco1u4fmRIfLkJdgSR2U65Lvzy07x9HqpyM+38FGxxAtWrTd+2Hfxx3s/77D0Am
G5jg1oCo8d/S1iXHVE4VUU4cfM9iYpUbeC4wLkv6vViypq1f3G/Hgw+aHu02XeDo
dwsTnoKv5HQJNV6xCZyZpT2oOGfGqpdgCvgTn5ez3Iz+dPW0OCGs5oxKBvMWvcaq
vE4I6uudfvC3O1PoKmLd0IGXIEru6fvYf4UiXZ5S+Q==
-----END CERTIFICATE-----
Generated at Wed May 13 09:15:24 2026 by rpki-client