Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NBdPQa-wvhCcNUR62UijOKmqLb4.roa
File: NBdPQa-wvhCcNUR62UijOKmqLb4.roa (raw, json)
Hash identifier: FBuWOoWqS3kDovQ4RTLJifcKo3Lt+KtJgveTvXA1/PY=
Subject key identifier: 34:17:4F:41:AF:B0:BE:10:9C:35:44:7A:D9:48:A3:38:A9:AA:2D:BE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747AC1835F227043D541644EFD72EA8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NBdPQa-wvhCcNUR62UijOKmqLb4.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 77.90.158.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
213.209.131.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ac:18:35:f2:27:04:3d:54:16:44:ef:d7:2e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34174f41afb0be109c35447ad948a338a9aa2dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a8:3e:ed:d1:22:a3:42:08:f2:a5:fe:5b:38:
f0:bc:85:0d:7a:55:07:6b:0c:4e:4e:68:21:c0:bc:
47:5a:b9:35:82:7a:f1:bc:aa:db:f6:29:f8:53:25:
50:94:d8:14:78:39:10:d9:fa:6e:4e:78:20:71:1b:
25:ea:51:ff:15:01:cf:c0:b2:ca:b1:63:7c:a1:f9:
42:61:52:4f:58:d1:bb:bb:db:18:84:e4:e0:df:c5:
ad:2d:d4:4d:22:db:bf:22:39:25:56:49:4c:85:ed:
c5:f9:f2:f5:ea:7c:39:df:2a:bf:56:8d:ec:ed:ff:
13:a5:1e:b7:25:ae:2c:56:da:15:9e:f2:44:d3:f6:
af:52:50:81:d2:1b:8f:13:45:42:24:3b:83:e3:df:
5d:32:88:cd:f1:60:16:b9:58:d5:4f:1a:20:df:c1:
8e:ce:35:58:a8:b0:08:5c:0d:76:19:8f:5b:8a:81:
69:e4:4c:dc:8c:0b:4e:75:4d:8d:5e:f4:5d:ca:5b:
ef:57:0c:4a:c2:41:6e:b4:23:d7:7e:b4:04:8f:e8:
96:68:f8:84:80:b4:b6:5b:5b:1d:86:8e:62:73:d9:
ef:29:5d:68:98:fc:e9:7f:0e:40:73:64:a4:f9:3d:
5a:5b:df:4f:71:92:9d:6e:a7:58:bf:84:09:0e:96:
a1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:17:4F:41:AF:B0:BE:10:9C:35:44:7A:D9:48:A3:38:A9:AA:2D:BE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NBdPQa-wvhCcNUR62UijOKmqLb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.158.0-77.90.163.255
77.90.165.0/24
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.182.0/24
77.90.186.0/24
213.209.131.0/24
213.209.137.0/24
213.209.139.0/24
213.209.141.0/24
213.209.152.0/22
Signature Algorithm: sha256WithRSAEncryption
74:76:fe:0a:fe:aa:d1:2a:1e:3f:9e:96:c8:16:4e:6a:9c:94:
c4:be:4c:bd:7a:0e:49:92:44:87:bb:c8:14:5a:cd:d3:80:51:
3f:d8:6d:57:11:20:b7:89:52:b5:02:b7:b5:49:df:fd:39:45:
3a:6b:ec:98:eb:21:47:18:cb:6d:1a:f6:4a:e8:da:d4:36:3b:
6c:cb:29:c7:78:41:f1:5c:26:86:28:9d:d5:d1:63:30:ac:ab:
2b:bc:cb:14:f1:34:3f:2c:f9:8e:bd:68:96:cb:21:ad:c9:69:
76:05:4a:c2:e6:69:23:ff:b9:9e:89:da:44:8e:ad:2b:86:47:
4d:b3:b0:4f:07:aa:3c:fc:3e:a0:37:5c:b7:4f:26:a6:ba:34:
93:a4:c2:ff:56:ea:6d:ed:c0:3f:7f:5f:be:1b:35:ee:9f:fb:
22:28:22:84:d2:4a:33:45:b6:13:92:bf:6c:c1:7e:d8:c4:a9:
16:7f:c2:27:4d:c6:8f:07:52:eb:48:75:1e:5a:f5:9c:64:5d:
a4:4a:49:02:98:69:02:27:b5:c6:35:79:d4:8f:1d:eb:4c:16:
40:17:de:c6:08:81:e4:a2:19:a9:cb:65:ed:59:bb:56:c3:41:
72:0f:ad:b1:ae:7a:7a:a5:82:d9:2e:46:ca:60:10:57:87:fb:
10:06:c1:f5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZQnR6wYNfInBD1UFkTv1y6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE3NGY0MWFmYjBiZTEwOWMzNTQ0N2FkOTQ4YTMzOGE5YWEyZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqag+7dEio0II8qX+WzjwvIUNelUH
awxOTmghwLxHWrk1gnrxvKrb9in4UyVQlNgUeDkQ2fpuTnggcRsl6lH/FQHPwLLK
sWN8oflCYVJPWNG7u9sYhOTg38WtLdRNItu/IjklVklMhe3F+fL16nw53yq/Vo3s
7f8TpR63Ja4sVtoVnvJE0/avUlCB0huPE0VCJDuD499dMojN8WAWuVjVTxog38GO
zjVYqLAIXA12GY9bioFp5EzcjAtOdU2NXvRdylvvVwxKwkFutCPXfrQEj+iWaPiE
gLS2W1sdho5ic9nvKV1omPzpfw5Ac2Sk+T1aW99PcZKdbqdYv4QJDpahhQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDQXT0GvsL4QnDVEetlIozipqi2+MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTkJkUFFhLXd2aENjTlVSNjJVaWpPS21xTGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAFNWp4D
BAJNWqADBABNWqUwDAMEAE1aqQMEAE1arAMEAE1arwMEAE1asQMEAE1atgMEAE1a
ugMEANXRgwMEANXRiQMEANXRiwMEANXRjQMEAtXRmDANBgkqhkiG9w0BAQsFAAOC
AQEAdHb+Cv6q0SoeP56WyBZOapyUxL5MvXoOSZJEh7vIFFrN04BRP9htVxEgt4lS
tQK3tUnf/TlFOmvsmOshRxjLbRr2Suja1DY7bMspx3hB8Vwmhiid1dFjMKyrK7zL
FPE0Pyz5jr1olsshrclpdgVKwuZpI/+5nonaRI6tK4ZHTbOwTweqPPw+oDdct08m
pro0k6TC/1bqbe3AP39fvhs17p/7IigihNJKM0W2E5K/bMF+2MSpFn/CJ03GjwdS
60h1Hlr1nGRdpEpJAphpAie1xjV51I8d60wWQBfexgiB5KIZqctl7Vm7VsNBcg+t
sa56eqWC2S5GymAQV4f7EAbB9Q==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:29:42 2025 by rpki-client