Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zIIfu8DaVVMD0XsvOwpHzYoyB-g.roa
File: zIIfu8DaVVMD0XsvOwpHzYoyB-g.roa (raw, json)
Hash identifier: nAFu8qJSmPstdE0SpXNpv/f9vO79bXQFH0mxColfbbw=
Subject key identifier: CC:82:1F:BB:C0:DA:55:53:03:D1:7B:2F:3B:0A:47:CD:8A:32:07:E8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019C37E8DB623D4EA7D1346DF3F97D05DA2B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zIIfu8DaVVMD0XsvOwpHzYoyB-g.roa
Signing time: Sat 07 Feb 2026 11:42:13 +0000
ROA not before: Sat 07 Feb 2026 11:42:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209372
IP address blocks: 77.90.149.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.158.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.166.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
213.209.131.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:37:e8:db:62:3d:4e:a7:d1:34:6d:f3:f9:7d:05:da:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 7 11:42:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cc821fbbc0da555303d17b2f3b0a47cd8a3207e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:02:a0:e7:7f:ec:31:ec:a0:80:75:0a:be:59:
3a:27:e2:5c:7e:57:19:6b:e4:08:a3:dc:3f:3b:9f:
2f:c8:22:26:f6:fd:f8:eb:4b:0c:0f:85:cb:4d:52:
2e:21:3f:34:eb:ea:81:4c:3c:f2:c2:db:91:ca:33:
7b:f7:35:33:52:00:09:62:f3:72:08:2b:7c:f7:ed:
d7:c5:93:de:e9:7a:9e:b1:ac:dc:82:f0:47:82:35:
a7:fe:fc:26:e7:f3:fb:63:b3:33:38:9b:73:f0:f7:
90:ba:46:37:59:57:b1:76:bd:8b:27:a8:42:ee:a2:
a0:67:31:d7:3d:c0:9e:36:eb:28:a9:a3:bc:03:63:
53:b9:63:26:75:ee:1e:98:c9:b2:d0:17:d8:4e:02:
c7:0b:f3:ae:00:9b:80:67:59:27:9b:47:00:b4:cd:
a6:c9:8a:69:fb:05:8e:ac:b6:2c:59:de:92:0f:dc:
35:3d:72:3d:36:ae:80:da:00:0a:8f:28:3c:d6:b3:
48:a2:d2:b1:01:e0:11:e3:ec:c2:41:02:42:67:1d:
a5:88:8c:38:ff:65:a0:d7:ae:f9:2b:24:10:b8:fd:
3a:57:68:9f:53:a2:49:67:ea:3d:9d:dd:9d:d3:6e:
42:b2:6b:81:c3:bd:81:32:71:d7:2f:01:f9:d4:9b:
24:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:82:1F:BB:C0:DA:55:53:03:D1:7B:2F:3B:0A:47:CD:8A:32:07:E8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zIIfu8DaVVMD0XsvOwpHzYoyB-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0-77.90.150.255
77.90.152.0/24
77.90.155.0/24
77.90.157.0-77.90.163.255
77.90.165.0-77.90.175.255
77.90.177.0/24
77.90.179.0-77.90.182.255
77.90.186.0/24
77.90.190.0/23
185.230.12.0/24
213.209.131.0/24
213.209.133.0-213.209.135.255
213.209.137.0/24
213.209.139.0/24
213.209.141.0/24
213.209.144.0/24
213.209.147.0/24
213.209.152.0/22
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
10:54:4f:7a:27:eb:08:a1:bf:d1:8a:ab:66:01:b8:9c:47:6b:
ce:15:d4:68:03:12:8a:9d:8e:c7:26:1f:eb:f2:69:be:14:cc:
7f:71:6a:ad:f0:80:c3:6d:fe:8a:7a:f6:ac:2b:a3:9a:6b:6c:
f5:c6:ff:94:88:b8:fa:8c:8e:fb:ae:b5:a0:4d:14:a0:8f:7c:
0a:3a:c5:df:24:72:1e:f6:c6:7a:a7:15:0f:bf:41:94:7f:73:
c7:d7:f0:c9:42:8c:77:57:de:3f:45:5d:b0:5d:f3:89:3a:82:
f9:42:41:82:63:a0:e0:88:32:a0:e4:f1:55:e8:e3:43:d9:a2:
24:7b:2b:8f:af:8d:63:74:a8:81:94:e9:56:5c:06:0d:5d:3a:
d2:7d:35:00:a7:30:d7:b6:31:b8:e2:83:27:2a:3b:22:5f:7e:
48:a1:c6:d4:84:27:46:5c:d0:ee:a3:50:1b:f4:09:f8:f0:97:
22:b6:fd:e5:8d:b0:4d:0f:9a:0f:98:e0:eb:cd:5b:6e:f8:4e:
44:8b:f4:a3:c1:00:e5:91:79:88:8c:8d:39:78:f9:25:c6:b5:
11:3c:0c:04:56:71:22:6b:e6:f5:e9:0b:c1:c3:92:0a:5e:b7:
0f:b1:3e:61:15:e9:b5:2b:bb:2b:f8:a0:d6:fa:a4:04:11:ed:
f7:78:56:6f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZw36NtiPU6n0TRt8/l9BdorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjYwMjA3MTE0MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzgyMWZiYmMwZGE1NTUzMDNkMTdiMmYzYjBhNDdjZDhhMzIwN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gKg53/sMeyggHUKvlk6J+JcflcZ
a+QIo9w/O58vyCIm9v3460sMD4XLTVIuIT806+qBTDzywtuRyjN79zUzUgAJYvNy
CCt89+3XxZPe6XqesazcgvBHgjWn/vwm5/P7Y7MzOJtz8PeQukY3WVexdr2LJ6hC
7qKgZzHXPcCeNusoqaO8A2NTuWMmde4emMmy0BfYTgLHC/OuAJuAZ1knm0cAtM2m
yYpp+wWOrLYsWd6SD9w1PXI9Nq6A2gAKjyg81rNIotKxAeAR4+zCQQJCZx2liIw4
/2Wg1675KyQQuP06V2ifU6JJZ+o9nd2d025CsmuBw72BMnHXLwH51Jsk5wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFMyCH7vA2lVTA9F7LzsKR82KMgfoMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveklJZnU4RGFWVk1EMFhzdk93cEh6WW95Qi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AE1alQMEAE1algMEAE1amAMEAE1amzAMAwQATVqdAwQCTVqgMAwDBABNWqUDBARN
WqADBABNWrEwDAMEAE1aswMEAE1atgMEAE1augMEAU1avgMEALnmDAMEANXRgzAM
AwQA1dGFAwQD1dGAAwQA1dGJAwQA1dGLAwQA1dGNAwQA1dGQAwQA1dGTAwQC1dGY
AwQA1dGeMA0GCSqGSIb3DQEBCwUAA4IBAQAQVE96J+sIob/RiqtmAbicR2vOFdRo
AxKKnY7HJh/r8mm+FMx/cWqt8IDDbf6KevasK6Oaa2z1xv+UiLj6jI77rrWgTRSg
j3wKOsXfJHIe9sZ6pxUPv0GUf3PH1/DJQox3V94/RV2wXfOJOoL5QkGCY6DgiDKg
5PFV6OND2aIkeyuPr41jdKiBlOlWXAYNXTrSfTUApzDXtjG44oMnKjsiX35IocbU
hCdGXNDuo1Ab9An48Jcitv3ljbBND5oPmODrzVtu+E5Ei/SjwQDlkXmIjI05ePkl
xrURPAwEVnEia+b16QvBw5IKXrcPsT5hFem1K7sr+KDW+qQEEe33eFZv
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:24:53 2026 by rpki-client