Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/4ixCkpC4PAjo3ryPct4fDXCh1yI.roa
File: 4ixCkpC4PAjo3ryPct4fDXCh1yI.roa (raw, json)
Hash identifier: NsB/7zv1XmGFOxvpa0P6MbNZyKTvKYmFECUhx5eAhv4=
Subject key identifier: E2:2C:42:92:90:B8:3C:08:E8:DE:BC:8F:72:DE:1F:0D:70:A1:D7:22
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 019D25068A6BE38C4FE7877CB5ED4C560B77
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/4ixCkpC4PAjo3ryPct4fDXCh1yI.roa
Signing time: Wed 25 Mar 2026 12:44:38 +0000
ROA not before: Wed 25 Mar 2026 12:44:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209854
IP address blocks: 92.249.36.0/24 maxlen: 24
92.249.37.0/24 maxlen: 24
92.249.38.0/24 maxlen: 24
92.249.39.0/24 maxlen: 24
172.216.0.0/16 maxlen: 16
172.216.0.0/24 maxlen: 24
172.216.1.0/24 maxlen: 24
172.216.2.0/24 maxlen: 24
172.216.3.0/24 maxlen: 24
172.216.4.0/24 maxlen: 24
172.216.5.0/24 maxlen: 24
172.216.6.0/24 maxlen: 24
172.216.7.0/24 maxlen: 24
172.216.8.0/24 maxlen: 24
172.216.9.0/24 maxlen: 24
172.216.10.0/24 maxlen: 24
172.216.11.0/24 maxlen: 24
172.216.12.0/24 maxlen: 24
172.216.13.0/24 maxlen: 24
172.216.14.0/24 maxlen: 24
172.216.15.0/24 maxlen: 24
172.216.16.0/24 maxlen: 24
172.216.17.0/24 maxlen: 24
172.216.18.0/24 maxlen: 24
172.216.19.0/24 maxlen: 24
203.21.66.0/24 maxlen: 24
2a09:a700::/29 maxlen: 48
2a09:a702:b4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:06:8a:6b:e3:8c:4f:e7:87:7c:b5:ed:4c:56:0b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Mar 25 12:44:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e22c429290b83c08e8debc8f72de1f0d70a1d722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:13:b2:bd:7e:30:41:00:40:fa:e0:8d:5d:
b4:6c:49:2c:7a:44:41:a3:1a:96:36:5c:6c:70:88:
00:e3:4e:4a:91:29:02:ab:5c:34:e5:07:f0:39:05:
a8:53:64:24:f9:b6:32:42:65:dd:a5:27:db:0f:dd:
b4:20:20:89:7f:f8:c0:ca:b0:af:ca:e8:ee:6e:6b:
b3:bb:55:6e:f7:1a:4d:29:99:d2:ec:46:bf:66:29:
eb:14:a5:e1:fe:b2:79:9c:af:06:49:99:22:36:52:
36:73:fd:7e:63:c1:a4:78:e3:2d:af:8c:9f:6b:23:
68:d8:6b:b7:82:e8:33:1d:e2:69:15:4f:68:4b:62:
29:df:53:bc:3e:13:7b:a4:70:4b:00:6b:56:95:5a:
a9:82:24:08:87:4d:53:3c:e5:22:76:80:7a:88:67:
6b:a7:42:ec:a7:ff:2f:a9:3e:23:0a:ab:ca:17:35:
54:3c:57:44:a7:0e:2d:a1:86:63:95:2c:98:ca:77:
90:3e:1f:3b:14:26:6e:3c:6d:fe:53:10:14:b2:2a:
04:c2:de:48:63:88:5c:aa:9a:7b:01:47:90:c2:04:
ad:7a:f1:5c:ef:91:04:10:b5:96:3a:62:e3:de:fe:
84:e4:e5:23:d1:d7:8b:ff:af:80:d6:25:3e:82:c2:
24:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2C:42:92:90:B8:3C:08:E8:DE:BC:8F:72:DE:1F:0D:70:A1:D7:22
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/4ixCkpC4PAjo3ryPct4fDXCh1yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.36.0/22
172.216.0.0/16
203.21.66.0/24
IPv6:
2a09:a700::/29
Signature Algorithm: sha256WithRSAEncryption
2a:4d:bc:33:96:4d:0e:85:2e:a2:98:59:ad:d3:9c:48:e0:3b:
71:f0:80:26:cf:df:c3:3f:b9:6f:1d:b0:70:b4:d9:5c:ba:d9:
6c:12:86:18:a1:39:6e:97:cd:51:b0:e3:0f:d9:dd:18:dd:46:
28:9c:9a:ae:0f:98:81:a8:a3:52:b7:e2:aa:bc:54:6c:c7:b2:
7b:e7:0f:8f:d6:5a:fe:8f:a3:67:a5:bb:6b:58:1e:68:48:8e:
04:de:1e:8a:d8:44:aa:ac:85:49:c1:6c:a2:ee:9a:74:4c:2d:
10:ea:62:59:b4:68:c0:f6:b5:a4:12:df:9e:76:e8:e3:c8:2a:
ac:0c:8c:34:79:b0:64:96:f9:90:ed:27:82:e9:26:aa:17:e2:
e4:71:e3:d4:57:e4:56:a4:61:76:c8:ac:aa:8b:ec:fe:e4:17:
13:c9:25:65:e6:a2:a3:5b:1f:ef:83:9b:88:6a:d3:8c:6c:f4:
ca:2b:7c:9b:29:a5:70:9a:54:2c:35:b0:bf:c8:06:ed:b6:b2:
8d:8c:e8:60:81:c5:e8:ff:c1:f3:7a:bb:8e:3d:f8:ba:ee:5f:
7f:71:a8:32:c1:de:2f:05:bf:97:3a:6f:84:cf:04:27:39:cf:
ff:ae:be:fc:cd:39:35:0b:17:19:4f:42:c9:9b:37:53:b5:3a:
99:b7:07:3f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ0lBopr44xP54d8te1MVgt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjYwMzI1MTI0NDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjJjNDI5MjkwYjgzYzA4ZThkZWJjOGY3MmRlMWYwZDcwYTFkNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsboTsr1+MEEAQPrgjV20bEksekRB
oxqWNlxscIgA405KkSkCq1w05QfwOQWoU2Qk+bYyQmXdpSfbD920ICCJf/jAyrCv
yujubmuzu1Vu9xpNKZnS7Ea/ZinrFKXh/rJ5nK8GSZkiNlI2c/1+Y8GkeOMtr4yf
ayNo2Gu3gugzHeJpFU9oS2Ip31O8PhN7pHBLAGtWlVqpgiQIh01TPOUidoB6iGdr
p0Lsp/8vqT4jCqvKFzVUPFdEpw4toYZjlSyYyneQPh87FCZuPG3+UxAUsioEwt5I
Y4hcqpp7AUeQwgStevFc75EEELWWOmLj3v6E5OUj0deL/6+A1iU+gsIkawIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOIsQpKQuDwI6N68j3LeHw1wodciMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvNGl4Q2twQzRQQWpvM3J5UGN0NGZEWENoMXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCXPkkAwMA
rNgDBADLFUIwDQQCAAIwBwMFAyoJpwAwDQYJKoZIhvcNAQELBQADggEBACpNvDOW
TQ6FLqKYWa3TnEjgO3HwgCbP38M/uW8dsHC02Vy62WwShhihOW6XzVGw4w/Z3Rjd
Riicmq4PmIGoo1K34qq8VGzHsnvnD4/WWv6Po2elu2tYHmhIjgTeHorYRKqshUnB
bKLumnRMLRDqYlm0aMD2taQS35526OPIKqwMjDR5sGSW+ZDtJ4LpJqoX4uRx49RX
5FakYXbIrKqL7P7kFxPJJWXmoqNbH++Dm4hq04xs9MorfJsppXCaVCw1sL/IBu22
so2M6GCBxej/wfN6u449+LruX39xqDLB3i8Fv5c6b4TPBCc5z/+uvvzNOTULFxlP
QsmbN1O1Opm3Bz8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:29 2026 by rpki-client