Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5U7IE4mItmEJQybajMLicoJaq0s.roa
File: 5U7IE4mItmEJQybajMLicoJaq0s.roa (raw, json)
Hash identifier: 2OhWR8eCC/upHQ7TL7CEYQrfGqJzxh4sdcmiGXyehnQ=
Subject key identifier: E5:4E:C8:13:89:88:B6:61:09:43:26:DA:8C:C2:E2:72:82:5A:AB:4B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01980AC8CE698D17FB04A9AC08B3AA498EFC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5U7IE4mItmEJQybajMLicoJaq0s.roa
Signing time: Mon 14 Jul 2025 21:13:08 +0000
ROA not before: Mon 14 Jul 2025 21:13:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0a:c8:ce:69:8d:17:fb:04:a9:ac:08:b3:aa:49:8e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 14 21:13:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e54ec8138988b661094326da8cc2e272825aab4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:63:c5:de:ae:0f:1f:18:23:37:25:8d:bd:8d:
0c:a4:45:ac:ff:62:3d:70:e6:ca:56:f2:28:2d:dd:
19:e5:4d:4f:44:bd:bd:7a:7b:81:20:6e:90:62:1d:
ce:44:11:df:c1:ee:c9:b2:5b:c6:c6:ab:d7:5f:a9:
9a:53:76:2d:fc:d1:19:1d:31:6e:db:c8:cc:7d:36:
1b:70:e7:23:b2:23:01:14:29:88:26:90:0c:6e:d6:
53:85:78:dc:ce:10:04:aa:df:26:c4:ed:05:0d:dd:
20:73:32:32:5b:5b:17:6a:e2:6e:bf:1a:d0:13:92:
22:5e:96:e0:05:58:71:45:dd:54:27:fe:81:e6:96:
c0:5e:ed:67:19:1a:f5:e0:99:d7:c0:ff:b8:c7:8e:
8b:bc:34:20:17:b2:82:92:8d:48:a5:0a:ec:4a:ac:
da:d0:54:e9:0f:a6:93:29:a3:22:51:d7:52:f4:20:
26:b7:ca:1f:c4:9f:b3:44:f7:79:73:38:5e:d4:dd:
70:10:ac:63:9e:69:98:0e:57:e8:4c:ce:61:b8:2d:
82:98:4a:1f:d6:7c:da:f2:81:e0:50:24:63:30:95:
82:7b:ef:6c:b2:6c:33:d1:ef:74:c5:17:9e:40:f7:
38:8f:f6:8e:d7:11:25:e3:c4:c2:80:c0:63:62:af:
5d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4E:C8:13:89:88:B6:61:09:43:26:DA:8C:C2:E2:72:82:5A:AB:4B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5U7IE4mItmEJQybajMLicoJaq0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.142.0/24
77.90.145.0/24
77.90.148.0/24
77.90.164.0/24
77.90.188.0/24
185.230.15.0/24
213.209.157.0/24
Signature Algorithm: sha256WithRSAEncryption
01:81:a1:f5:48:42:51:43:d9:11:8e:6f:05:09:eb:f2:33:15:
b3:8b:e9:98:23:7e:81:f2:d0:d5:a3:18:9d:4d:fb:f8:24:e6:
70:8a:8e:b0:5f:4a:57:f1:c7:fd:81:28:7a:61:ac:de:a8:0a:
24:57:ee:6f:b6:77:98:55:fc:38:ce:7d:d2:6f:4b:2d:c4:96:
62:64:65:43:e1:a6:02:8c:0e:d7:1d:95:ac:c5:bf:7f:34:85:
87:f1:b3:06:a6:84:b5:2d:dd:26:d6:b7:27:d0:1b:b2:e5:07:
57:a1:46:19:55:6b:64:39:59:ab:ba:e7:a6:8d:6f:f5:b6:cf:
1b:10:13:33:df:9c:da:bd:a3:1b:08:8f:30:7e:de:4b:59:a7:
d2:16:0e:4b:54:a6:8e:b6:96:6b:10:28:fa:b5:f0:bb:d6:73:
7a:3c:47:4a:33:63:fc:e3:84:65:7f:ce:d9:e5:40:f2:b9:92:
2d:c5:98:d0:7c:0a:b6:68:5d:ad:ff:e8:8f:8d:99:b3:5f:1e:
a2:b5:de:c3:ae:22:34:fe:ad:07:5d:11:3b:64:51:6d:e5:3f:
63:98:8b:7c:9d:d5:35:f2:35:f7:9e:c4:6e:87:aa:b2:d1:ad:
9d:50:c5:3d:c6:6a:74:14:28:e1:7a:29:12:1a:c3:7b:16:17:
ba:f1:4b:21
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgKyM5pjRf7BKmsCLOqSY78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwNzE0MjExMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRlYzgxMzg5ODhiNjYxMDk0MzI2ZGE4Y2MyZTI3MjgyNWFhYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WPF3q4PHxgjNyWNvY0MpEWs/2I9
cObKVvIoLd0Z5U1PRL29enuBIG6QYh3ORBHfwe7JslvGxqvXX6maU3Yt/NEZHTFu
28jMfTYbcOcjsiMBFCmIJpAMbtZThXjczhAEqt8mxO0FDd0gczIyW1sXauJuvxrQ
E5IiXpbgBVhxRd1UJ/6B5pbAXu1nGRr14JnXwP+4x46LvDQgF7KCko1IpQrsSqza
0FTpD6aTKaMiUddS9CAmt8ofxJ+zRPd5czhe1N1wEKxjnmmYDlfoTM5huC2CmEof
1nza8oHgUCRjMJWCe+9ssmwz0e90xReeQPc4j/aO1xEl48TCgMBjYq9dpwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOVOyBOJiLZhCUMm2ozC4nKCWqtLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNVU3SUU0bUl0bUVKUXliYWpNTGljb0phcTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATVqOAwQA
TVqRAwQATVqUAwQATVqkAwQATVq8AwQAueYPAwQA1dGdMA0GCSqGSIb3DQEBCwUA
A4IBAQABgaH1SEJRQ9kRjm8FCevyMxWzi+mYI36B8tDVoxidTfv4JOZwio6wX0pX
8cf9gSh6YazeqAokV+5vtneYVfw4zn3Sb0stxJZiZGVD4aYCjA7XHZWsxb9/NIWH
8bMGpoS1Ld0m1rcn0Buy5QdXoUYZVWtkOVmruuemjW/1ts8bEBMz35zavaMbCI8w
ft5LWafSFg5LVKaOtpZrECj6tfC71nN6PEdKM2P844Rlf87Z5UDyuZItxZjQfAq2
aF2t/+iPjZmzXx6itd7DriI0/q0HXRE7ZFFt5T9jmIt8ndU18jX3nsRuh6qy0a2d
UMU9xmp0FCjheikSGsN7Fhe68Ush
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:55:20 2025 by rpki-client