Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oMVUugxzWQV8CTV8CsCSyXRaVrM.roa
File: oMVUugxzWQV8CTV8CsCSyXRaVrM.roa (raw, json)
Hash identifier: pMKFMHKU1JhFpXnjr6tLo7AocNPXia8Qa3GSVsF74/E=
Subject key identifier: A0:C5:54:BA:0C:73:59:05:7C:09:35:7C:0A:C0:92:C9:74:5A:56:B3
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01966CFDBD747ADD965272F558D666EBA36F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oMVUugxzWQV8CTV8CsCSyXRaVrM.roa
Signing time: Fri 25 Apr 2025 12:48:10 +0000
ROA not before: Fri 25 Apr 2025 12:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 77.90.149.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 21:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:fd:bd:74:7a:dd:96:52:72:f5:58:d6:66:eb:a3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 25 12:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0c554ba0c7359057c09357c0ac092c9745a56b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a5:c0:cb:41:e7:b7:22:98:ef:0d:3e:1a:70:
a4:5b:1c:b0:a6:bd:ca:72:5c:41:3d:8e:27:fd:1f:
f6:88:38:d0:58:69:e2:a0:21:9e:db:26:c3:4f:27:
5b:94:82:c7:24:26:e0:71:27:54:7b:8c:b1:94:22:
bf:60:68:3b:26:dd:a7:35:25:70:20:b7:1a:a1:e3:
d5:81:80:ad:f5:5a:92:3f:46:d5:27:33:41:6c:cf:
64:88:4a:c9:b8:1a:c0:66:3a:3f:64:56:44:ba:dc:
45:52:82:df:fb:fe:34:a9:57:ce:ec:4f:e0:ea:13:
6d:45:05:b5:41:e6:fd:3d:24:03:03:d7:4c:4c:c9:
9b:03:12:19:88:ff:1d:45:1c:79:69:a2:2a:a1:2c:
31:c2:eb:8a:99:59:01:fb:12:3d:fe:7c:cc:48:53:
6a:f3:3b:33:a1:76:6c:a3:1a:69:34:55:c8:63:0f:
78:ed:8c:95:8c:c2:9f:37:e7:5d:9c:8f:0c:ce:88:
7e:4c:0f:66:02:73:0c:93:da:2b:bb:e6:26:61:f7:
a0:d7:ca:54:9d:ed:66:6f:f4:54:66:2d:86:70:48:
37:d9:60:5e:cb:66:ae:35:cf:13:e9:d7:3a:02:fc:
b7:b6:76:74:b7:db:c0:24:77:70:84:4c:0f:e3:5d:
b8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C5:54:BA:0C:73:59:05:7C:09:35:7C:0A:C0:92:C9:74:5A:56:B3
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oMVUugxzWQV8CTV8CsCSyXRaVrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0/24
77.90.152.0/24
77.90.155.0/24
77.90.167.0/24
77.90.179.0-77.90.181.255
213.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
67:bb:7c:f4:81:24:2b:1c:a2:7e:59:68:5e:5b:f8:7b:7e:fc:
26:87:47:51:b3:78:73:45:eb:60:da:b0:eb:1a:15:e5:f2:2f:
fa:6b:a7:56:ff:21:91:1c:8b:81:0f:8c:74:f4:a1:26:d1:a4:
ab:48:4f:9c:61:36:ec:0b:b9:97:7e:54:20:a1:89:51:7f:89:
22:47:e2:d1:c6:79:04:1f:c1:e8:9a:e1:75:ab:74:a2:4c:00:
bb:51:72:2b:5c:16:9a:90:78:d3:37:9f:3f:eb:a6:a4:24:ed:
7b:cf:3e:49:bf:f9:db:29:89:c2:f3:27:86:ac:00:39:16:ba:
63:ab:6b:2c:0a:57:f6:51:ac:7e:c3:15:00:bd:5f:57:11:46:
b0:45:2b:36:f0:a0:ab:68:45:d6:d1:56:92:92:55:9e:f6:c9:
a2:60:6f:ce:f4:69:4c:75:aa:f5:ba:4f:a6:63:50:51:4d:32:
7d:a9:20:49:57:da:d7:22:16:64:3b:13:0d:16:34:e9:0a:fb:
08:4e:8e:0a:b8:39:a8:a8:50:b1:3a:4e:1e:da:d3:9c:14:6e:
27:8a:85:0b:db:84:c3:e8:ff:85:11:8d:82:a0:e9:e2:92:e6:
80:fe:6e:76:76:80:ab:4e:5a:c7:ca:94:fa:99:a1:2a:3a:01:
71:98:0f:bb
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZZs/b10et2WUnL1WNZm66NvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwNDI1MTI0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM1NTRiYTBjNzM1OTA1N2MwOTM1N2MwYWMwOTJjOTc0NWE1NmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46XAy0HntyKY7w0+GnCkWxywpr3K
clxBPY4n/R/2iDjQWGnioCGe2ybDTydblILHJCbgcSdUe4yxlCK/YGg7Jt2nNSVw
ILcaoePVgYCt9VqSP0bVJzNBbM9kiErJuBrAZjo/ZFZEutxFUoLf+/40qVfO7E/g
6hNtRQW1Qeb9PSQDA9dMTMmbAxIZiP8dRRx5aaIqoSwxwuuKmVkB+xI9/nzMSFNq
8zszoXZsoxppNFXIYw947YyVjMKfN+ddnI8Mzoh+TA9mAnMMk9oru+YmYfeg18pU
ne1mb/RUZi2GcEg32WBey2auNc8T6dc6Avy3tnZ0t9vAJHdwhEwP4124lwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKDFVLoMc1kFfAk1fArAksl0WlazMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvb01WVXVneHpXUVY4Q1RWOENzQ1N5WFJhVnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATVqVAwQA
TVqYAwQATVqbAwQATVqnMAwDBABNWrMDBAFNWrQDBADV0YcwDQYJKoZIhvcNAQEL
BQADggEBAGe7fPSBJCscon5ZaF5b+Ht+/CaHR1GzeHNF62DasOsaFeXyL/prp1b/
IZEci4EPjHT0oSbRpKtIT5xhNuwLuZd+VCChiVF/iSJH4tHGeQQfweia4XWrdKJM
ALtRcitcFpqQeNM3nz/rpqQk7XvPPkm/+dspicLzJ4asADkWumOraywKV/ZRrH7D
FQC9X1cRRrBFKzbwoKtoRdbRVpKSVZ72yaJgb870aUx1qvW6T6ZjUFFNMn2pIElX
2tciFmQ7Ew0WNOkK+whOjgq4OaioULE6Th7a05wUbieKhQvbhMPo/4URjYKg6eKS
5oD+bnZ2gKtOWsfKlPqZoSo6AXGYD7s=
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:27:57 2025 by rpki-client