Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lLJ9T7FvPak9W6G9PVhEvaIhBiw.roa
File: lLJ9T7FvPak9W6G9PVhEvaIhBiw.roa (raw, json)
Hash identifier: vtj7GHqsPc7Ntb+cAgSQd14sWMQgJykEAhKGf/PR0/s=
Subject key identifier: 94:B2:7D:4F:B1:6F:3D:A9:3D:5B:A1:BD:3D:58:44:BD:A2:21:06:2C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01985ACE09CAF95B94DB0F970665EFBD7E9E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lLJ9T7FvPak9W6G9PVhEvaIhBiw.roa
Signing time: Wed 30 Jul 2025 10:08:29 +0000
ROA not before: Wed 30 Jul 2025 10:08:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.151.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 06:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:ce:09:ca:f9:5b:94:db:0f:97:06:65:ef:bd:7e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 30 10:08:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94b27d4fb16f3da93d5ba1bd3d5844bda221062c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a7:2e:7f:f5:15:69:ae:87:c1:38:6f:44:f7:
63:c5:81:8f:d1:ec:04:cf:3d:3e:4d:f4:78:33:e5:
5b:54:94:4e:12:98:f3:8b:24:d9:7d:de:a7:da:09:
03:84:a3:90:8f:cd:5e:82:da:4d:8a:99:28:af:e9:
c1:d5:b9:f0:1e:ff:53:e5:5b:32:c7:32:2f:39:1d:
48:f2:47:45:66:38:d0:26:fa:59:f6:d1:fc:f7:b9:
60:c7:30:59:92:8a:60:6e:44:50:43:2e:db:bc:bd:
68:2b:a8:f6:ae:76:6a:3b:c9:49:69:a2:a9:61:d5:
04:bd:dd:1f:31:59:3f:5a:7a:21:5b:b3:5f:95:43:
80:0c:3d:6e:c6:db:29:8f:aa:30:0a:52:95:ce:02:
fb:a9:c3:88:c0:76:0b:de:66:55:be:25:9c:27:4a:
5a:03:69:d2:5e:0c:8c:25:da:3a:cf:62:14:b0:92:
5a:2b:ce:a9:3b:44:f5:67:c7:aa:a2:58:fc:15:82:
79:73:28:88:c4:50:dc:0f:53:01:23:7d:cd:e0:76:
57:d1:89:91:53:32:7d:8a:4f:35:69:db:ad:4f:f5:
57:19:d5:c2:8c:1f:bb:6f:42:cd:e5:0b:5f:04:0a:
45:19:6b:2f:40:f7:de:82:91:b1:45:b6:11:fb:87:
68:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B2:7D:4F:B1:6F:3D:A9:3D:5B:A1:BD:3D:58:44:BD:A2:21:06:2C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lLJ9T7FvPak9W6G9PVhEvaIhBiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.143.0-77.90.144.255
77.90.146.0/23
77.90.151.0/24
185.230.13.0/24
185.230.15.0/24
213.209.138.0/24
213.209.146.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
63:dd:99:59:c9:60:9d:64:18:de:34:5e:5b:9c:a4:08:49:0e:
ab:d7:91:e9:09:c8:1b:41:04:45:38:a7:82:89:4d:d1:26:2b:
db:b1:59:f4:64:92:f6:e1:05:ca:e6:a8:2a:c8:cb:6a:88:70:
3f:d0:8d:6d:3b:55:41:41:04:32:e9:05:9c:99:68:3e:5b:a3:
fa:ec:67:7d:00:e7:47:74:bf:c5:2b:30:56:04:4b:98:16:2e:
b2:4e:63:ef:27:72:c1:a9:a5:ca:a4:29:b0:02:51:62:b3:74:
bc:fe:fc:bd:aa:d7:11:83:b2:f5:c7:85:52:81:b4:66:5a:6c:
48:0b:cb:bd:39:66:08:b4:77:01:12:8a:9c:f0:03:08:79:f8:
e3:ed:3d:92:21:f3:09:f5:49:db:5e:0e:23:3b:bd:6e:2c:c0:
05:fd:22:2a:20:10:9d:c5:15:d2:9c:ed:34:70:64:d7:eb:69:
2c:ed:3d:ab:10:bd:15:6e:3a:03:80:64:50:52:47:62:e0:d9:
db:ab:44:1d:75:f4:8d:67:25:b0:78:99:e1:40:e1:e9:0c:bf:
c7:0e:5b:70:8c:db:42:01:63:07:69:f9:04:1e:16:53:4f:43:
0a:0b:1f:3d:26:06:2f:91:ce:3e:7b:60:2b:9b:d0:cd:52:1b:
74:42:ac:a2
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZhazgnK+VuU2w+XBmXvvX6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwNzMwMTAwODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGIyN2Q0ZmIxNmYzZGE5M2Q1YmExYmQzZDU4NDRiZGEyMjEwNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6cuf/UVaa6HwThvRPdjxYGP0ewE
zz0+TfR4M+VbVJROEpjziyTZfd6n2gkDhKOQj81egtpNipkor+nB1bnwHv9T5Vsy
xzIvOR1I8kdFZjjQJvpZ9tH897lgxzBZkopgbkRQQy7bvL1oK6j2rnZqO8lJaaKp
YdUEvd0fMVk/WnohW7NflUOADD1uxtspj6owClKVzgL7qcOIwHYL3mZVviWcJ0pa
A2nSXgyMJdo6z2IUsJJaK86pO0T1Z8eqolj8FYJ5cyiIxFDcD1MBI33N4HZX0YmR
UzJ9ik81adutT/VXGdXCjB+7b0LN5QtfBApFGWsvQPfegpGxRbYR+4dogwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJSyfU+xbz2pPVuhvT1YRL2iIQYsMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbExKOVQ3RnZQYWs5VzZHOVBWaEV2YUloQml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQATVqPAwQATVqQ
AwQBTVqSAwQATVqXAwQAueYNAwQAueYPAwQA1dGKAwQA1dGSMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAY92ZWclgnWQY3jReW5ykCEkO
q9eR6QnIG0EERTingolN0SYr27FZ9GSS9uEFyuaoKsjLaohwP9CNbTtVQUEEMukF
nJloPluj+uxnfQDnR3S/xSswVgRLmBYusk5j7ydywamlyqQpsAJRYrN0vP78varX
EYOy9ceFUoG0ZlpsSAvLvTlmCLR3ARKKnPADCHn44+09kiHzCfVJ214OIzu9bizA
Bf0iKiAQncUV0pztNHBk1+tpLO09qxC9FW46A4BkUFJHYuDZ26tEHXX0jWclsHiZ
4UDh6Qy/xw5bcIzbQgFjB2n5BB4WU09DCgsfPSYGL5HOPntgK5vQzVIbdEKsog==
-----END CERTIFICATE-----
Generated at Wed Aug 6 12:32:46 2025 by rpki-client