Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QUSad9EfoyydrwUjL6UuKzZIeMg.roa
File: QUSad9EfoyydrwUjL6UuKzZIeMg.roa (raw, json)
Hash identifier: VHq9puEsGA44rdNujULet4x2g3yNOAEgK6THQ2HkMZQ=
Subject key identifier: 41:44:9A:77:D1:1F:A3:2C:9D:AF:05:23:2F:A5:2E:2B:36:48:78:C8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019C37E8DBD26017564118A9782DB3E2CDB9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QUSad9EfoyydrwUjL6UuKzZIeMg.roa
Signing time: Sat 07 Feb 2026 11:42:13 +0000
ROA not before: Sat 07 Feb 2026 11:42:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213541
IP address blocks: 77.90.149.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.158.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.166.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
213.209.131.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:37:e8:db:d2:60:17:56:41:18:a9:78:2d:b3:e2:cd:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 7 11:42:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=41449a77d11fa32c9daf05232fa52e2b364878c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:84:fe:cc:fe:88:99:e1:ba:eb:0e:39:d6:0d:
59:a9:94:46:1c:2f:1d:44:69:13:c9:99:92:cd:1c:
6d:0e:f8:77:4e:ed:f7:fe:da:22:0e:c6:eb:85:9b:
ba:b5:f8:c5:6a:4c:27:e1:3d:55:4c:5d:05:05:c3:
ab:bb:ab:18:d7:50:08:76:cb:32:c1:3c:23:0f:0b:
06:9f:1d:50:5a:29:d1:b3:40:02:0b:43:0b:43:cd:
71:40:eb:f5:62:1b:b2:ea:80:e6:9e:2a:c3:94:78:
28:2e:31:fc:94:c9:2e:e4:ee:ba:11:33:73:58:a2:
bc:f9:ee:bd:d4:63:a6:0f:48:08:44:0a:24:92:f6:
d7:a5:e2:6c:14:98:c3:6f:3f:71:d7:70:d7:31:1d:
54:3d:90:81:a5:eb:80:4c:43:4c:f8:d4:87:64:0b:
0a:32:f5:e5:88:9d:c7:c3:0c:7b:b4:36:8d:8f:78:
f6:a8:e5:ef:12:3b:bb:b6:58:9f:2d:9a:36:06:1a:
a1:73:86:8a:1c:c4:01:6b:f9:29:1d:df:93:24:55:
2e:1f:81:41:7d:02:95:a9:7d:9f:d8:14:74:b2:2e:
6b:71:7c:a1:22:4a:57:1e:23:a5:6c:99:f1:d2:92:
5a:f6:36:7c:db:33:6c:a2:8a:11:c1:d2:da:75:41:
aa:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:44:9A:77:D1:1F:A3:2C:9D:AF:05:23:2F:A5:2E:2B:36:48:78:C8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QUSad9EfoyydrwUjL6UuKzZIeMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0-77.90.150.255
77.90.152.0/24
77.90.155.0/24
77.90.157.0-77.90.163.255
77.90.165.0-77.90.175.255
77.90.177.0/24
77.90.179.0-77.90.182.255
77.90.186.0/24
77.90.190.0/23
185.230.12.0/24
213.209.131.0/24
213.209.133.0-213.209.135.255
213.209.137.0/24
213.209.139.0/24
213.209.141.0/24
213.209.144.0/24
213.209.147.0/24
213.209.152.0/22
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:56:a2:d3:18:99:32:44:ec:58:7d:2c:5e:07:8d:c8:fb:85:
98:bb:3c:21:66:ca:44:30:c9:90:05:82:2d:ef:e2:08:2b:6e:
08:d7:56:f1:18:0d:a7:f8:34:2a:c1:21:e7:d5:00:bd:ee:8f:
ef:8e:9b:f1:20:fd:5e:11:0b:5a:af:99:37:2f:6a:7c:9b:d0:
cc:60:db:0c:40:a2:06:0f:b0:5a:ab:53:c2:c3:4e:eb:56:00:
8d:5f:2d:22:ea:fe:33:e4:1e:be:84:55:07:04:b6:2a:ff:c5:
fc:c3:46:53:cc:cf:18:05:b8:0e:9a:d4:0d:53:3e:c7:ba:c2:
60:10:23:3a:17:89:a4:6e:bf:58:7b:90:13:5b:c1:74:82:e4:
62:f1:a7:16:0a:46:f7:d7:0e:6b:3d:2d:a2:b5:e1:a5:7e:cd:
d8:2b:18:1e:7d:3d:5d:c6:86:91:52:51:c9:29:c9:62:39:46:
56:4a:72:02:75:e3:b5:cf:cb:67:26:65:0d:cf:b1:6f:a6:34:
fa:7c:2e:7c:e2:51:4e:4a:6e:53:dc:22:79:02:80:d3:7d:6b:
39:bd:12:05:b4:fd:78:80:68:1d:85:00:c3:85:b3:cc:f2:b0:
a0:ca:c8:5c:0d:22:3e:dd:41:11:8d:f3:29:c0:60:04:d3:dc:
9e:eb:e9:99
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZw36NvSYBdWQRipeC2z4s25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjYwMjA3MTE0MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ0OWE3N2QxMWZhMzJjOWRhZjA1MjMyZmE1MmUyYjM2NDg3OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoT+zP6ImeG66w451g1ZqZRGHC8d
RGkTyZmSzRxtDvh3Tu33/toiDsbrhZu6tfjFakwn4T1VTF0FBcOru6sY11AIdssy
wTwjDwsGnx1QWinRs0ACC0MLQ81xQOv1Yhuy6oDmnirDlHgoLjH8lMku5O66ETNz
WKK8+e691GOmD0gIRAokkvbXpeJsFJjDbz9x13DXMR1UPZCBpeuATENM+NSHZAsK
MvXliJ3Hwwx7tDaNj3j2qOXvEju7tlifLZo2Bhqhc4aKHMQBa/kpHd+TJFUuH4FB
fQKVqX2f2BR0si5rcXyhIkpXHiOlbJnx0pJa9jZ82zNsoooRwdLadUGqlQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFEFEmnfRH6Msna8FIy+lLis2SHjIMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUVVTYWQ5RWZveXlkcndVakw2VXVLelpJZU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AE1alQMEAE1algMEAE1amAMEAE1amzAMAwQATVqdAwQCTVqgMAwDBABNWqUDBARN
WqADBABNWrEwDAMEAE1aswMEAE1atgMEAE1augMEAU1avgMEALnmDAMEANXRgzAM
AwQA1dGFAwQD1dGAAwQA1dGJAwQA1dGLAwQA1dGNAwQA1dGQAwQA1dGTAwQC1dGY
AwQA1dGeMA0GCSqGSIb3DQEBCwUAA4IBAQCkVqLTGJkyROxYfSxeB43I+4WYuzwh
ZspEMMmQBYIt7+IIK24I11bxGA2n+DQqwSHn1QC97o/vjpvxIP1eEQtar5k3L2p8
m9DMYNsMQKIGD7Baq1PCw07rVgCNXy0i6v4z5B6+hFUHBLYq/8X8w0ZTzM8YBbgO
mtQNUz7HusJgECM6F4mkbr9Ye5ATW8F0guRi8acWCkb31w5rPS2iteGlfs3YKxge
fT1dxoaRUlHJKcliOUZWSnICdeO1z8tnJmUNz7FvpjT6fC584lFOSm5T3CJ5AoDT
fWs5vRIFtP14gGgdhQDDhbPM8rCgyshcDSI+3UERjfMpwGAE09ye6+mZ
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:47:25 2026 by rpki-client