Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wEkeXxOYSGR-y3CW1yOLj2XTYJ8.roa
File: wEkeXxOYSGR-y3CW1yOLj2XTYJ8.roa (raw, json)
Hash identifier: YRmX+nG2q2LjuBQefSHzWGMt9DR2HFgV/XMAB2Upk+I=
Subject key identifier: C0:49:1E:5F:13:98:48:64:7E:CB:70:96:D7:23:8B:8F:65:D3:60:9F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01965EB34A44DCC905B02A753C012FC1C83E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wEkeXxOYSGR-y3CW1yOLj2XTYJ8.roa
Signing time: Tue 22 Apr 2025 18:12:10 +0000
ROA not before: Tue 22 Apr 2025 18:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5e:b3:4a:44:dc:c9:05:b0:2a:75:3c:01:2f:c1:c8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 22 18:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0491e5f139848647ecb7096d7238b8f65d3609f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:19:08:59:58:40:62:77:69:be:71:5e:b4:78:
f2:f1:aa:99:de:4a:d6:d0:2b:d2:84:49:60:8b:f4:
56:75:7c:dc:c4:d5:63:5c:3f:9b:cf:df:a5:9e:bf:
ee:b5:40:0c:0d:0b:29:8e:b3:31:cc:40:2a:0d:70:
95:a1:83:43:03:4c:05:d6:87:15:fe:d2:d6:28:cc:
2a:2f:e7:18:b5:0b:86:e4:a7:53:18:3a:09:2e:11:
04:d5:bc:1f:80:4f:f5:31:58:01:46:51:4e:2c:bb:
1e:db:5f:b7:bf:46:d9:13:3f:10:ad:b3:51:72:5c:
aa:fe:a3:99:17:60:31:e1:97:fc:d7:2a:24:45:18:
33:3b:28:fa:7b:81:b3:3b:0c:6f:eb:26:d9:50:36:
51:e0:3e:36:42:4a:ec:68:0a:f6:03:6c:e3:ab:ed:
49:82:87:11:ac:e6:12:74:93:66:40:a8:c3:d2:3c:
e1:fc:5e:2b:bd:c3:9b:f1:3c:86:fd:28:5c:51:75:
46:88:73:28:95:eb:7d:8d:fd:51:0a:25:89:31:21:
7f:16:12:94:cd:23:dc:ad:05:58:d5:eb:a5:51:4b:
b2:b2:73:0f:02:3e:e3:fe:39:ff:5a:57:08:54:b9:
8c:9b:b8:93:c6:7a:1a:da:54:1e:0a:a8:fb:f6:be:
ec:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:49:1E:5F:13:98:48:64:7E:CB:70:96:D7:23:8B:8F:65:D3:60:9F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wEkeXxOYSGR-y3CW1yOLj2XTYJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.164.0/24
185.230.13.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
b4:6f:db:dc:a0:5e:79:bb:3f:2d:7e:01:66:a3:20:1c:02:00:
c8:eb:15:22:c9:df:a3:6d:77:73:e3:22:b5:6b:03:28:36:c8:
9e:e3:19:27:8a:c2:08:e0:16:06:8d:d7:d5:a3:67:8f:60:69:
1b:09:4c:63:1f:06:91:c8:02:b4:3d:c8:72:cd:49:a0:1d:87:
0e:3b:ea:aa:e7:ac:33:46:fa:41:35:12:d4:13:1c:96:67:a6:
9a:a9:3a:ef:e1:ab:82:d5:4a:0b:d6:52:28:d8:7a:69:dc:07:
e7:a4:ec:53:5b:d5:c0:20:f2:05:5e:48:14:28:e9:9c:cf:93:
98:0d:72:2c:ae:5c:3f:17:7a:92:29:3d:a9:f6:f7:95:a5:bb:
af:87:74:de:0f:b7:7b:01:4f:08:67:c2:4c:0e:4e:4e:02:9e:
f2:a2:d3:5b:be:6e:2f:18:9e:ab:8e:2b:e7:3a:1c:ec:88:81:
e9:4b:38:19:c8:47:2a:a6:97:67:1b:a7:b8:9f:7c:da:44:73:
2a:3c:4a:1e:c4:89:5f:4d:32:8e:05:6d:82:36:e8:1e:76:6c:
e9:55:82:5c:28:cf:7c:9e:ae:fc:5b:76:25:86:4b:b9:cd:2c:
bc:9d:39:3e:48:e6:c8:08:96:fc:60:f3:10:15:d0:60:f4:b4:
f0:29:52:f6
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZZes0pE3MkFsCp1PAEvwcg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwNDIyMTgxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQ5MWU1ZjEzOTg0ODY0N2VjYjcwOTZkNzIzOGI4ZjY1ZDM2MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhkIWVhAYndpvnFetHjy8aqZ3krW
0CvShElgi/RWdXzcxNVjXD+bz9+lnr/utUAMDQspjrMxzEAqDXCVoYNDA0wF1ocV
/tLWKMwqL+cYtQuG5KdTGDoJLhEE1bwfgE/1MVgBRlFOLLse21+3v0bZEz8QrbNR
clyq/qOZF2Ax4Zf81yokRRgzOyj6e4GzOwxv6ybZUDZR4D42QkrsaAr2A2zjq+1J
gocRrOYSdJNmQKjD0jzh/F4rvcOb8TyG/ShcUXVGiHMolet9jf1RCiWJMSF/FhKU
zSPcrQVY1eulUUuysnMPAj7j/jn/WlcIVLmMm7iTxnoa2lQeCqj79r7sKQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFMBJHl8TmEhkfstwltcji49l02CfMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvd0VrZVh4T1lTR1IteTNDVzF5T0xqMlhUWUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQBTVqO
AwQATVqQMAwDBAFNWpIDBABNWpQDBABNWqQDBAC55g0DBADV0YowFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQC0b9vcoF55uz8tfgFmoyAc
AgDI6xUiyd+jbXdz4yK1awMoNsie4xknisII4BYGjdfVo2ePYGkbCUxjHwaRyAK0
PchyzUmgHYcOO+qq56wzRvpBNRLUExyWZ6aaqTrv4auC1UoL1lIo2Hpp3AfnpOxT
W9XAIPIFXkgUKOmcz5OYDXIsrlw/F3qSKT2p9veVpbuvh3TeD7d7AU8IZ8JMDk5O
Ap7yotNbvm4vGJ6rjivnOhzsiIHpSzgZyEcqppdnG6e4n3zaRHMqPEoexIlfTTKO
BW2CNugedmzpVYJcKM98nq78W3Ylhku5zSy8nTk+SObICJb8YPMQFdBg9LTwKVL2
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:34:20 2025 by rpki-client