Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DxgEUmzhCfbLGW1VYUfMpFa37nw.roa
File: DxgEUmzhCfbLGW1VYUfMpFa37nw.roa (raw, json)
Hash identifier: aTiJxBWDUefv6IrHKfkDtn+24ct4bHV07inB3EBckiI=
Subject key identifier: 0F:18:04:52:6C:E1:09:F6:CB:19:6D:55:61:47:CC:A4:56:B7:EE:7C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747B05777E805DC3B044BC51E2D9358
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DxgEUmzhCfbLGW1VYUfMpFa37nw.roa
Signing time: Thu 02 Jan 2025 13:49:57 +0000
ROA not before: Thu 02 Jan 2025 13:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 77.90.158.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
213.209.131.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b0:57:77:e8:05:dc:3b:04:4b:c5:1e:2d:93:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f1804526ce109f6cb196d556147cca456b7ee7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:67:2d:81:85:0a:2c:68:91:ae:2f:73:ea:97:
47:86:e5:fe:cf:da:79:2a:4f:d7:ec:e4:bf:10:db:
18:f3:6f:93:d4:3b:31:dd:eb:87:0c:72:69:66:c6:
17:84:a1:1a:84:1d:a9:8d:d4:8c:cf:61:c4:19:1f:
c7:d1:4b:c3:76:bb:b6:c7:72:cf:6d:33:88:77:11:
15:26:32:a8:db:c1:c0:e9:4a:bf:11:ea:24:83:7f:
95:c0:41:4f:68:5a:d4:52:49:e4:d0:03:bf:58:45:
36:93:1d:8b:2b:90:26:35:14:41:00:d6:2a:a8:bf:
1a:ff:82:5f:9e:22:80:86:af:51:aa:0f:20:a8:06:
10:6b:91:f1:04:aa:c0:45:96:a8:2e:3f:9b:05:ba:
c2:ff:fc:13:1d:96:e3:cf:6a:5d:70:b0:e1:e9:a1:
b8:cf:f3:ee:ad:66:7a:be:df:26:05:5a:95:bb:3d:
52:e8:b5:6f:73:95:61:80:2e:7e:59:42:a5:62:80:
a0:36:ac:7b:c4:c7:44:53:b4:51:fa:ed:9f:62:ac:
85:79:d2:04:db:59:e0:ae:89:ec:24:83:38:62:39:
de:d5:13:6d:c4:1a:fc:89:ad:1d:27:5b:a7:39:46:
e5:6f:bf:5a:a7:f3:cc:a5:82:61:7d:d6:03:6a:14:
38:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:18:04:52:6C:E1:09:F6:CB:19:6D:55:61:47:CC:A4:56:B7:EE:7C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DxgEUmzhCfbLGW1VYUfMpFa37nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.158.0-77.90.163.255
77.90.165.0/24
77.90.167.0-77.90.172.255
77.90.174.0/23
77.90.177.0/24
77.90.182.0/24
77.90.186.0/24
213.209.131.0/24
213.209.135.0/24
213.209.137.0/24
213.209.139.0/24
213.209.152.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:8d:3f:f7:32:d7:3f:8e:a2:04:d7:b2:f5:9d:9b:cc:3c:16:
d6:9b:bf:02:af:02:e7:59:60:7b:cd:73:c5:b0:ce:10:26:52:
30:89:91:88:b6:63:db:e8:92:1d:92:6d:d1:be:84:94:8c:fd:
f4:f0:80:eb:3b:2a:e9:10:94:4d:7a:02:35:5d:b1:27:50:73:
29:0b:91:ae:b7:61:bf:92:d9:0d:b0:05:11:56:46:34:ec:ac:
47:13:f9:85:c2:2a:10:16:f2:bf:2c:0e:0c:44:0c:11:4f:b7:
ba:ee:e5:f0:43:b1:29:4c:3c:f0:eb:4a:33:72:87:2b:8f:0f:
e7:69:dd:82:79:5d:48:6c:a1:97:f4:56:69:20:da:cc:fa:47:
0c:0f:ea:14:3e:05:29:d9:d8:27:41:56:57:3a:d4:eb:64:63:
c3:c9:e9:98:2a:71:51:68:52:f7:00:62:dc:2f:b9:8f:b3:4c:
3e:23:3b:95:5d:6d:25:4c:dc:89:f2:84:5e:56:96:6b:ba:dd:
bb:73:11:65:b2:6e:b7:82:75:46:f0:88:76:a7:2b:66:5a:48:
61:b7:0b:d2:49:b1:96:a7:8a:67:93:e9:a0:da:92:74:40:71:
ef:5d:fb:fb:56:a0:e7:e5:eb:30:ed:19:5b:bb:46:a2:e9:58:
89:74:04:8f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZQnR7BXd+gF3DsES8UeLZNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjE4MDQ1MjZjZTEwOWY2Y2IxOTZkNTU2MTQ3Y2NhNDU2YjdlZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGctgYUKLGiRri9z6pdHhuX+z9p5
Kk/X7OS/ENsY82+T1Dsx3euHDHJpZsYXhKEahB2pjdSMz2HEGR/H0UvDdru2x3LP
bTOIdxEVJjKo28HA6Uq/Eeokg3+VwEFPaFrUUknk0AO/WEU2kx2LK5AmNRRBANYq
qL8a/4JfniKAhq9Rqg8gqAYQa5HxBKrARZaoLj+bBbrC//wTHZbjz2pdcLDh6aG4
z/PurWZ6vt8mBVqVuz1S6LVvc5VhgC5+WUKlYoCgNqx7xMdEU7RR+u2fYqyFedIE
21ngronsJIM4Yjne1RNtxBr8ia0dJ1unOUblb79ap/PMpYJhfdYDahQ4nQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFA8YBFJs4Qn2yxltVWFHzKRWt+58MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRHhnRVVtemhDZmJMR1cxVllVZk1wRmEzN253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAFNWp4D
BAJNWqADBABNWqUwDAMEAE1apwMEAE1arAMEAU1argMEAE1asQMEAE1atgMEAE1a
ugMEANXRgwMEANXRhwMEANXRiQMEANXRiwMEAtXRmDANBgkqhkiG9w0BAQsFAAOC
AQEApo0/9zLXP46iBNey9Z2bzDwW1pu/Aq8C51lge81zxbDOECZSMImRiLZj2+iS
HZJt0b6ElIz99PCA6zsq6RCUTXoCNV2xJ1BzKQuRrrdhv5LZDbAFEVZGNOysRxP5
hcIqEBbyvywODEQMEU+3uu7l8EOxKUw88OtKM3KHK48P52ndgnldSGyhl/RWaSDa
zPpHDA/qFD4FKdnYJ0FWVzrU62Rjw8npmCpxUWhS9wBi3C+5j7NMPiM7lV1tJUzc
ifKEXlaWa7rdu3MRZbJut4J1RvCIdqcrZlpIYbcL0kmxlqeKZ5PpoNqSdEBx7137
+1ag5+XrMO0ZW7tGoulYiXQEjw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:58 2025 by rpki-client