Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/175bf7-6147-4389-8afc-69108f7e6771/1/V9-Z8E1IQV9_tH2htia-ec8O5Gk.roa
File: V9-Z8E1IQV9_tH2htia-ec8O5Gk.roa (raw, json)
Hash identifier: pXEBrNZstZMPvOQ8nOcN1BqbNN7mgSlBT6dfG8b4hPw=
Subject key identifier: 57:DF:99:F0:4D:48:41:5F:7F:B4:7D:A1:B6:26:BE:79:CF:0E:E4:69
Certificate issuer: /CN=3491c0929a26e8d9919f4957cf7a7644f680dd2a
Certificate serial: 019B7C7FFF862305B0672397B03482ABE1A5
Authority key identifier: 34:91:C0:92:9A:26:E8:D9:91:9F:49:57:CF:7A:76:44:F6:80:DD:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJHAkpom6NmRn0lXz3p2RPaA3So.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/175bf7-6147-4389-8afc-69108f7e6771/1/V9-Z8E1IQV9_tH2htia-ec8O5Gk.roa
Signing time: Fri 02 Jan 2026 02:18:41 +0000
ROA not before: Fri 02 Jan 2026 02:18:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49823
IP address blocks: 109.72.208.0/20 maxlen: 20
109.72.208.0/21 maxlen: 21
109.72.208.0/24 maxlen: 24
109.72.209.0/24 maxlen: 24
109.72.210.0/24 maxlen: 24
109.72.211.0/24 maxlen: 24
109.72.212.0/24 maxlen: 24
109.72.213.0/24 maxlen: 24
109.72.214.0/24 maxlen: 24
109.72.215.0/24 maxlen: 24
109.72.216.0/21 maxlen: 21
109.72.217.0/24 maxlen: 24
109.72.218.0/24 maxlen: 24
109.72.219.0/24 maxlen: 24
109.72.220.0/24 maxlen: 24
109.72.221.0/24 maxlen: 24
109.72.222.0/24 maxlen: 24
109.72.223.0/24 maxlen: 24
194.1.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/175bf7-6147-4389-8afc-69108f7e6771/1/NJHAkpom6NmRn0lXz3p2RPaA3So.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/175bf7-6147-4389-8afc-69108f7e6771/1/NJHAkpom6NmRn0lXz3p2RPaA3So.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJHAkpom6NmRn0lXz3p2RPaA3So.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:ff:86:23:05:b0:67:23:97:b0:34:82:ab:e1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3491c0929a26e8d9919f4957cf7a7644f680dd2a
Validity
Not Before: Jan 2 02:18:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=57df99f04d48415f7fb47da1b626be79cf0ee469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9d:73:66:1f:cf:53:c8:1d:9c:39:ce:2e:a5:
3f:5f:31:0c:79:13:39:ee:c7:2c:c3:30:e5:dd:7a:
84:34:8c:a4:2d:ea:f4:fd:fe:41:bd:ae:be:27:42:
5f:46:fb:31:97:c9:b9:70:c4:65:e4:e5:58:83:7e:
e9:a7:6e:d0:01:72:58:4e:dd:b7:a9:56:80:1e:00:
01:fb:af:e2:36:78:be:80:8d:0d:3e:c9:b4:9c:df:
b9:4e:39:27:c3:68:86:47:5b:d8:fc:35:a3:96:32:
8d:2e:0f:f1:45:66:7d:78:12:57:50:a2:f3:b4:8e:
9a:39:48:a6:16:0e:8b:c3:e3:50:3b:77:69:97:12:
8a:ff:10:b6:74:dd:79:88:bd:7e:19:32:bd:8a:40:
ce:a4:eb:10:34:fc:3e:e7:6b:cb:ee:1d:57:e2:d5:
ba:c3:b8:7b:df:75:ae:5e:b1:8e:c2:84:ac:94:33:
f1:c7:6a:84:2a:9c:03:3d:e5:39:7a:6c:40:d4:bb:
4b:07:8e:3f:c2:56:00:81:67:15:d5:85:90:ce:63:
e4:f1:78:1f:1c:ba:7a:54:2a:bb:0f:e7:ae:10:1c:
c5:a7:a4:6a:d1:b3:d1:2c:78:5b:2f:25:19:97:af:
d8:98:f7:a8:e1:eb:93:65:7b:31:02:90:9b:58:b4:
b7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:DF:99:F0:4D:48:41:5F:7F:B4:7D:A1:B6:26:BE:79:CF:0E:E4:69
X509v3 Authority Key Identifier:
keyid:34:91:C0:92:9A:26:E8:D9:91:9F:49:57:CF:7A:76:44:F6:80:DD:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJHAkpom6NmRn0lXz3p2RPaA3So.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/175bf7-6147-4389-8afc-69108f7e6771/1/V9-Z8E1IQV9_tH2htia-ec8O5Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/175bf7-6147-4389-8afc-69108f7e6771/1/NJHAkpom6NmRn0lXz3p2RPaA3So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.208.0/20
194.1.180.0/24
Signature Algorithm: sha256WithRSAEncryption
15:03:a8:54:a8:e1:64:c6:ca:bd:42:a7:36:aa:0d:95:26:9e:
53:40:d1:f5:dc:28:3e:28:ef:63:3f:20:15:b2:62:41:19:a6:
f7:b7:d6:0c:61:d1:89:fe:f6:3b:cb:8d:1d:2e:21:25:e9:a6:
f0:96:f0:45:38:d3:00:a4:64:9e:22:7e:b5:20:ae:a6:69:02:
31:dd:c6:cd:61:1f:ce:2c:a6:9c:8e:ec:4e:14:de:48:2b:92:
86:c3:d7:69:b2:9e:7e:1d:62:a2:24:21:fe:92:78:8a:14:7c:
bd:61:94:bd:74:d2:e3:0b:f7:88:aa:0c:59:ac:8c:0b:e7:a1:
2e:e5:1a:43:7b:f1:a3:be:d4:70:99:63:6b:f8:fd:ba:82:16:
07:14:c9:2d:f1:8d:80:87:cc:b4:93:3f:98:22:38:9c:4c:5d:
de:61:9e:ab:b4:cc:20:d1:fd:23:1a:33:ce:a9:6f:37:ad:19:
11:a7:7b:07:86:89:77:2d:19:5d:49:e1:ae:08:28:5c:56:ac:
08:9d:a2:83:6e:96:fe:10:58:fa:b8:df:1c:86:c8:8c:6a:5d:
e7:97:45:8a:86:f7:d4:97:3e:ed:8f:a1:a4:80:69:ef:c1:0c:
fc:0a:90:16:14:18:c8:17:2a:f0:0d:21:d4:64:92:a2:a0:28:
06:5e:ab:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt8f/+GIwWwZyOXsDSCq+GlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTFjMDkyOWEyNmU4ZDk5MTlmNDk1N2NmN2E3NjQ0ZjY4
MGRkMmEwHhcNMjYwMTAyMDIxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2RmOTlmMDRkNDg0MTVmN2ZiNDdkYTFiNjI2YmU3OWNmMGVlNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy51zZh/PU8gdnDnOLqU/XzEMeRM5
7scswzDl3XqENIykLer0/f5Bva6+J0JfRvsxl8m5cMRl5OVYg37pp27QAXJYTt23
qVaAHgAB+6/iNni+gI0NPsm0nN+5Tjknw2iGR1vY/DWjljKNLg/xRWZ9eBJXUKLz
tI6aOUimFg6Lw+NQO3dplxKK/xC2dN15iL1+GTK9ikDOpOsQNPw+52vL7h1X4tW6
w7h733WuXrGOwoSslDPxx2qEKpwDPeU5emxA1LtLB44/wlYAgWcV1YWQzmPk8Xgf
HLp6VCq7D+euEBzFp6Rq0bPRLHhbLyUZl6/YmPeo4euTZXsxApCbWLS3DQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFffmfBNSEFff7R9obYmvnnPDuRpMB8GA1UdIwQY
MBaAFDSRwJKaJujZkZ9JV896dkT2gN0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpIQWtwb202Tm1SbjBsWHozcDJSUGFBM1NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNzViZjctNjE0Ny00Mzg5LThhZmMt
NjkxMDhmN2U2NzcxLzEvVjktWjhFMUlRVjlfdEgyaHRpYS1lYzhPNUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNzViZjctNjE0Ny00Mzg5LThhZmMtNjkxMDhmN2U2Nzcx
LzEvTkpIQWtwb202Tm1SbjBsWHozcDJSUGFBM1NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbUjQAwQA
wgG0MA0GCSqGSIb3DQEBCwUAA4IBAQAVA6hUqOFkxsq9Qqc2qg2VJp5TQNH13Cg+
KO9jPyAVsmJBGab3t9YMYdGJ/vY7y40dLiEl6abwlvBFONMApGSeIn61IK6maQIx
3cbNYR/OLKacjuxOFN5IK5KGw9dpsp5+HWKiJCH+kniKFHy9YZS9dNLjC/eIqgxZ
rIwL56Eu5RpDe/GjvtRwmWNr+P26ghYHFMkt8Y2Ah8y0kz+YIjicTF3eYZ6rtMwg
0f0jGjPOqW83rRkRp3sHhol3LRldSeGuCChcVqwInaKDbpb+EFj6uN8chsiMal3n
l0WKhvfUlz7tj6GkgGnvwQz8CpAWFBjIFyrwDSHUZJKioCgGXqsx
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:38:33 2026 by rpki-client