Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JCG4Vl3fbOa9WJMpBV3HxQY8vG8.roa
File: JCG4Vl3fbOa9WJMpBV3HxQY8vG8.roa (raw, json)
Hash identifier: DVY6txHaBjZO0JDN5lhSbMf8eYewf7vw0sSsJO7sDMA=
Subject key identifier: 24:21:B8:56:5D:DF:6C:E6:BD:58:93:29:05:5D:C7:C5:06:3C:BC:6F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019D71EB01CF9548806BDB6B6E3589F31E06
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JCG4Vl3fbOa9WJMpBV3HxQY8vG8.roa
Signing time: Thu 09 Apr 2026 11:05:20 +0000
ROA not before: Thu 09 Apr 2026 11:05:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205960
IP address blocks: 77.90.166.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
213.209.131.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:eb:01:cf:95:48:80:6b:db:6b:6e:35:89:f3:1e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 9 11:05:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2421b8565ddf6ce6bd589329055dc7c5063cbc6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:39:b4:8f:b1:4c:a5:22:e0:e5:08:a0:3d:32:
44:51:e2:ca:96:4d:01:8f:e3:e3:5f:8a:39:69:a1:
f1:2c:12:a3:8f:c9:95:0a:f8:b3:2f:fa:b8:b9:1b:
db:18:25:cb:01:ea:9b:9d:e9:f6:a4:52:ab:be:ce:
38:45:70:3b:ee:62:a9:b7:06:9e:00:61:61:7a:3b:
23:49:c2:68:28:73:53:1b:5c:46:f4:a0:d9:f0:6d:
fd:d0:21:3e:ce:9d:c7:ce:df:59:92:e9:7b:a4:41:
2d:5d:b0:47:81:f8:b5:12:7e:ca:83:d6:c5:cf:e2:
b0:8e:53:94:91:11:07:7e:be:37:e3:6c:64:a4:aa:
b3:d6:9b:d8:b3:07:68:c8:03:ce:65:e6:63:72:9b:
7b:63:c1:84:4e:f9:5c:23:5c:83:75:8d:4f:d6:59:
9b:7f:eb:86:bc:c3:c4:74:dc:a0:79:69:82:8b:16:
17:6c:8a:d7:77:9e:6e:2f:f8:b6:ca:a1:e0:ff:23:
b3:21:7b:c4:cc:6c:37:3d:62:bf:fe:3e:78:cf:3d:
27:ba:36:e0:44:db:24:96:17:82:cc:c3:0f:1b:c9:
32:e7:b6:78:8c:6d:90:f7:81:70:72:36:2e:f5:8c:
ce:9a:78:57:05:47:76:5d:35:f1:24:03:c9:50:09:
c0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:21:B8:56:5D:DF:6C:E6:BD:58:93:29:05:5D:C7:C5:06:3C:BC:6F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JCG4Vl3fbOa9WJMpBV3HxQY8vG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.166.0/24
77.90.168.0/24
77.90.173.0/24
77.90.181.0/24
77.90.190.0/23
185.230.12.0/24
213.209.131.0/24
213.209.133.0-213.209.135.255
213.209.139.0/24
213.209.141.0/24
213.209.144.0/24
213.209.147.0/24
213.209.152.0-213.209.154.255
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:b5:bd:ca:1b:72:31:32:59:da:52:3c:0e:ba:60:e8:3e:49:
b4:6a:af:47:b4:dc:67:6d:49:ac:44:bb:ff:07:34:e6:9a:16:
3a:ca:fb:4a:49:08:68:52:58:da:c6:e8:50:f1:d7:7f:81:d4:
d5:6d:4e:04:dd:78:ef:18:5f:d6:8e:ed:ee:7f:ab:1c:15:ab:
27:29:65:5f:56:b0:27:bf:57:e0:4d:2a:86:45:24:72:55:cf:
b3:2e:14:69:23:a7:16:58:97:e5:40:9c:22:09:23:a7:1b:b0:
eb:fd:ae:12:30:bc:7b:8a:6c:94:b5:f0:e1:46:e7:00:f5:0f:
ed:df:6d:e0:47:91:b0:60:78:f0:8a:22:db:de:fc:86:a6:fc:
5e:12:ee:6d:cf:5b:fb:54:4c:89:f8:68:f3:e0:19:8c:4f:15:
a0:bb:89:5a:4e:ad:90:6c:37:0d:16:3a:31:e3:3d:fb:9f:f9:
30:c3:ba:06:ec:b4:9f:00:53:55:43:12:49:f1:25:9e:5b:c5:
3d:44:08:ff:a1:d6:f4:92:c6:ad:25:3c:50:ea:e2:36:ab:5f:
61:b4:1c:a9:07:98:a2:2d:dc:8f:c7:43:2b:e6:57:1f:c8:42:
49:f1:3b:a4:7c:6b:f3:80:e5:f0:69:da:0a:a5:4c:f8:0d:94:
dd:60:4e:2b
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ1x6wHPlUiAa9trbjWJ8x4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjYwNDA5MTEwNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDIxYjg1NjVkZGY2Y2U2YmQ1ODkzMjkwNTVkYzdjNTA2M2NiYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujm0j7FMpSLg5QigPTJEUeLKlk0B
j+PjX4o5aaHxLBKjj8mVCvizL/q4uRvbGCXLAeqbnen2pFKrvs44RXA77mKptwae
AGFhejsjScJoKHNTG1xG9KDZ8G390CE+zp3Hzt9Zkul7pEEtXbBHgfi1En7Kg9bF
z+KwjlOUkREHfr4342xkpKqz1pvYswdoyAPOZeZjcpt7Y8GETvlcI1yDdY1P1lmb
f+uGvMPEdNygeWmCixYXbIrXd55uL/i2yqHg/yOzIXvEzGw3PWK//j54zz0nujbg
RNsklheCzMMPG8ky57Z4jG2Q94FwcjYu9YzOmnhXBUd2XTXxJAPJUAnACQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCQhuFZd32zmvViTKQVdx8UGPLxvMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSkNHNFZsM2ZiT2E5V0pNcEJWM0h4UVk4dkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQATVqmAwQA
TVqoAwQATVqtAwQATVq1AwQBTVq+AwQAueYMAwQA1dGDMAwDBADV0YUDBAPV0YAD
BADV0YsDBADV0Y0DBADV0ZADBADV0ZMwDAMEA9XRmAMEANXRmgMEANXRnjANBgkq
hkiG9w0BAQsFAAOCAQEAp7W9yhtyMTJZ2lI8Drpg6D5JtGqvR7TcZ21JrES7/wc0
5poWOsr7SkkIaFJY2sboUPHXf4HU1W1OBN147xhf1o7t7n+rHBWrJyllX1awJ79X
4E0qhkUkclXPsy4UaSOnFliX5UCcIgkjpxuw6/2uEjC8e4pslLXw4UbnAPUP7d9t
4EeRsGB48Ioi2978hqb8XhLubc9b+1RMifho8+AZjE8VoLuJWk6tkGw3DRY6MeM9
+5/5MMO6Buy0nwBTVUMSSfElnlvFPUQI/6HW9JLGrSU8UOriNqtfYbQcqQeYoi3c
j8dDK+ZXH8hCSfE7pHxr84Dl8GnaCqVM+A2U3WBOKw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:42:55 2026 by rpki-client