Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1TDu6AwFEuZk6iFh63BSeJ-oHdU.roa
File: 1TDu6AwFEuZk6iFh63BSeJ-oHdU.roa (raw, json)
Hash identifier: 7mjQvCIAF9mkg/uSDhpUro9MBvy3mVaxiI8SERweytA=
Subject key identifier: D5:30:EE:E8:0C:05:12:E6:64:EA:21:61:EB:70:52:78:9F:A8:1D:D5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019E96706A2FF0719BB92C7A9D74DC039B0E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1TDu6AwFEuZk6iFh63BSeJ-oHdU.roa
Signing time: Fri 05 Jun 2026 06:20:10 +0000
ROA not before: Fri 05 Jun 2026 06:20:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.166.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7:1880:24::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:96:70:6a:2f:f0:71:9b:b9:2c:7a:9d:74:dc:03:9b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 5 06:20:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d530eee80c0512e664ea2161eb7052789fa81dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c6:cc:3e:e3:8b:6d:3c:36:1f:51:61:2c:cf:
79:0f:09:3e:fc:66:84:48:83:6e:fe:d1:6c:18:4c:
aa:c4:fa:b1:03:f1:ce:59:30:0f:04:a9:74:b6:d7:
28:43:04:eb:ea:aa:ab:a6:61:14:b4:db:c1:b7:f1:
de:dd:27:3f:a7:43:63:91:fa:03:66:fc:7f:65:86:
12:69:e9:0b:23:4b:b3:3f:ae:6c:4e:53:0b:3f:85:
93:23:50:12:52:d1:8b:64:52:cc:ac:15:10:01:ed:
70:b9:36:96:d0:db:18:ac:78:a8:4d:ac:54:e2:88:
9f:9f:f3:e2:a7:ab:0f:22:e3:58:b4:a2:7a:4f:c3:
78:90:28:ac:fd:df:64:c2:76:ec:0b:db:f3:42:1e:
da:f6:55:d4:a0:ef:d0:99:25:2c:2a:a9:de:1e:f2:
70:ea:ac:54:24:4a:51:d9:b3:4c:d4:8d:7d:3e:79:
52:1b:bc:c7:f7:69:71:55:df:c3:19:55:a1:bc:5c:
38:3e:cc:aa:30:4a:ce:86:38:2b:58:c0:63:f9:0e:
e4:97:e7:c1:ef:2a:b3:e0:72:2e:95:f2:d7:f5:7c:
8f:20:23:d4:80:9d:d6:9c:39:6a:6d:ba:e0:90:5e:
f6:6b:b6:64:ba:dd:8e:7e:a1:0c:0c:79:8b:04:21:
f7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:30:EE:E8:0C:05:12:E6:64:EA:21:61:EB:70:52:78:9F:A8:1D:D5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1TDu6AwFEuZk6iFh63BSeJ-oHdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.143.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.157.0/24
77.90.159.0-77.90.163.255
77.90.166.0/24
77.90.169.0-77.90.173.255
77.90.190.0/23
213.209.138.0/23
213.209.141.0/24
213.209.144.0/24
213.209.147.0/24
213.209.158.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
7a:75:87:b0:94:61:70:35:ae:d0:b0:89:15:6d:f4:93:1d:d5:
da:25:c6:3f:9b:39:3a:89:2d:d6:2e:75:b4:98:a5:c0:a2:04:
97:68:b1:79:e2:85:b2:65:76:d8:06:6f:19:e5:61:31:f8:52:
e0:00:16:0f:82:1f:f1:c0:f5:2c:d0:17:cc:ae:5c:84:3c:0b:
6d:a8:aa:56:fe:cb:ac:b8:3c:00:86:da:76:49:5d:61:7f:68:
b9:80:39:b0:fb:2b:07:14:67:01:a4:1d:85:60:c4:44:3f:2a:
7a:89:de:49:aa:90:e8:7f:6f:a2:3d:15:33:7b:30:bf:db:63:
44:6f:ed:72:9e:42:4b:5a:9d:50:40:f4:30:a7:49:a0:89:d6:
13:5e:2f:9e:e4:a5:3d:53:7d:68:a6:ff:cd:cc:35:db:15:40:
de:f9:84:1c:c4:be:3e:a5:aa:60:32:92:00:e1:16:ee:80:4e:
d2:78:d8:f2:20:ed:b0:22:78:3a:a1:11:cc:13:99:9c:60:62:
82:52:e8:b3:b6:b6:3b:4c:61:2f:fc:39:18:49:fa:e9:58:67:
e5:bd:23:5d:cb:b2:29:36:ee:a0:40:10:39:72:76:91:ef:70:
9a:e8:ca:b8:36:31:a2:77:71:37:71:fa:67:77:83:7a:2e:9c:
67:bd:fc:30
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZ6WcGov8HGbuSx6nXTcA5sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjYwNjA1MDYyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTMwZWVlODBjMDUxMmU2NjRlYTIxNjFlYjcwNTI3ODlmYTgxZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcbMPuOLbTw2H1FhLM95Dwk+/GaE
SINu/tFsGEyqxPqxA/HOWTAPBKl0ttcoQwTr6qqrpmEUtNvBt/He3Sc/p0NjkfoD
Zvx/ZYYSaekLI0uzP65sTlMLP4WTI1ASUtGLZFLMrBUQAe1wuTaW0NsYrHioTaxU
4oifn/Pip6sPIuNYtKJ6T8N4kCis/d9kwnbsC9vzQh7a9lXUoO/QmSUsKqneHvJw
6qxUJEpR2bNM1I19PnlSG7zH92lxVd/DGVWhvFw4PsyqMErOhjgrWMBj+Q7kl+fB
7yqz4HIulfLX9XyPICPUgJ3WnDlqbbrgkF72a7Zkut2OfqEMDHmLBCH3RQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFNUw7ugMBRLmZOohYetwUnifqB3VMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMVREdTZBd0ZFdVprNmlGaDYzQlNlSi1vSGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgwDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqGAwQBTVqIMAwDBABNWosDBABNWowwDAME
AE1ajwMEAE1akDAMAwQBTVqSAwQATVqUAwQATVqdMAwDBABNWp8DBAJNWqADBABN
WqYwDAMEAE1aqQMEAU1arAMEAU1avgMEAdXRigMEANXRjQMEANXRkAMEANXRkwME
ANXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAHp1
h7CUYXA1rtCwiRVt9JMd1dolxj+bOTqJLdYudbSYpcCiBJdosXnihbJldtgGbxnl
YTH4UuAAFg+CH/HA9SzQF8yuXIQ8C22oqlb+y6y4PACG2nZJXWF/aLmAObD7KwcU
ZwGkHYVgxEQ/KnqJ3kmqkOh/b6I9FTN7ML/bY0Rv7XKeQktanVBA9DCnSaCJ1hNe
L57kpT1TfWim/83MNdsVQN75hBzEvj6lqmAykgDhFu6ATtJ42PIg7bAieDqhEcwT
mZxgYoJS6LO2tjtMYS/8ORhJ+ulYZ+W9I13Lsik27qBAEDlydpHvcJroyrg2MaJ3
cTdx+md3g3ounGe9/DA=
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:27:48 2026 by rpki-client