Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/nV0RGA8YeIAJC8r564YsBz3tWb0.roa
File: nV0RGA8YeIAJC8r564YsBz3tWb0.roa (raw, json)
Hash identifier: FRyDhevAMb9Jk+hqGXSfT9bbfYtcdvEV1kNPuTHLMzc=
Subject key identifier: 9D:5D:11:18:0F:18:78:80:09:0B:CA:F9:EB:86:2C:07:3D:ED:59:BD
Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad
Certificate serial: 019D1CE58CA26DE27527D354FB26752EBA9E
Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/nV0RGA8YeIAJC8r564YsBz3tWb0.roa
Signing time: Mon 23 Mar 2026 22:51:38 +0000
ROA not before: Mon 23 Mar 2026 22:51:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 72.56.0.0/20 maxlen: 24
72.56.232.0/21 maxlen: 24
72.56.240.0/21 maxlen: 24
72.56.248.0/22 maxlen: 24
72.56.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:e5:8c:a2:6d:e2:75:27:d3:54:fb:26:75:2e:ba:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad
Validity
Not Before: Mar 23 22:51:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d5d11180f187880090bcaf9eb862c073ded59bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b6:6b:ad:96:5a:1f:ae:b4:20:d0:c4:1f:ce:
e7:82:16:08:00:68:6e:d6:3d:64:5e:20:07:46:4b:
c7:22:51:ac:e1:f2:5b:5a:01:ef:22:3d:5f:81:1c:
0e:e5:15:11:27:d7:0d:88:4b:bf:4b:25:3c:65:4b:
d3:96:7c:9e:7d:f8:63:e9:a1:9a:fe:81:3d:ae:e7:
b6:30:45:bf:d1:1e:ec:00:a3:89:b0:a4:06:6b:05:
40:bd:8b:e7:b0:bd:48:57:43:fe:d6:7b:9c:3d:9a:
d5:b1:06:f0:0a:f2:39:b1:7c:64:75:38:c0:71:74:
79:23:52:18:20:1d:85:8f:8a:5f:55:94:5e:b2:4c:
2e:14:76:70:48:97:07:e3:8f:15:4d:ba:66:ad:fc:
bb:40:e3:a9:54:fc:17:27:5e:0e:8d:e8:9a:02:04:
aa:ee:ae:1c:19:92:d3:0f:1c:fc:39:a7:1b:9e:42:
c0:5f:93:ae:37:15:3a:84:0e:a0:47:3e:b7:26:0b:
6f:a8:95:e7:37:25:0a:32:44:76:0b:a2:5c:4c:9a:
d6:af:9f:3d:6d:93:47:81:23:e9:ff:d9:4b:d4:49:
2a:a5:cd:1c:2a:96:86:77:57:4d:41:88:12:95:a6:
d1:74:08:2d:6e:a8:bb:25:8f:bc:77:88:e0:e2:0b:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5D:11:18:0F:18:78:80:09:0B:CA:F9:EB:86:2C:07:3D:ED:59:BD
X509v3 Authority Key Identifier:
keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/nV0RGA8YeIAJC8r564YsBz3tWb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.56.0.0/20
72.56.232.0-72.56.253.255
Signature Algorithm: sha256WithRSAEncryption
42:15:76:62:72:85:72:89:93:05:ea:e4:f1:09:43:aa:78:9b:
fc:b7:f1:f0:31:77:dc:a8:ca:99:bb:76:e6:ae:3a:41:41:c0:
7d:36:90:46:f1:47:9b:46:55:92:07:b3:5d:54:87:e6:fc:9e:
b2:80:a8:ec:69:71:08:8b:97:1a:31:bf:ce:0a:ac:be:56:e6:
68:7f:1e:92:13:1d:9a:ff:b6:26:de:de:ce:02:4b:b4:da:79:
bf:f7:a8:49:2f:c7:dd:a0:4f:f3:92:42:fe:e3:34:45:53:a6:
8f:91:68:b2:aa:b3:ff:80:17:d3:c6:ca:10:07:d9:d7:ef:bd:
36:55:85:5c:c4:3f:3e:31:1e:2a:e1:4e:ab:30:a8:53:57:7b:
06:a8:92:56:bd:a8:18:7b:47:86:3c:95:1d:ff:18:71:52:66:
2d:10:eb:04:a9:54:6e:fa:35:b7:bf:76:da:e5:f7:fc:f7:b5:
5c:0b:71:af:d0:df:90:f3:c6:0f:1f:20:34:ac:73:ca:44:ac:
93:26:05:af:e8:ba:9e:e7:91:0e:20:6e:f5:e5:27:6e:e3:ca:
50:a4:fe:6c:a1:b0:e6:50:66:9b:23:07:ba:08:c1:c8:99:b4:
7a:2a:60:e6:dd:31:6f:01:02:cb:07:c9:b3:a3:6a:54:47:5b:
72:9e:db:7d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ0c5YyibeJ1J9NU+yZ1LrqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0
MjVjYWQwHhcNMjYwMzIzMjI1MTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDVkMTExODBmMTg3ODgwMDkwYmNhZjllYjg2MmMwNzNkZWQ1OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrZrrZZaH660INDEH87nghYIAGhu
1j1kXiAHRkvHIlGs4fJbWgHvIj1fgRwO5RURJ9cNiEu/SyU8ZUvTlnyeffhj6aGa
/oE9rue2MEW/0R7sAKOJsKQGawVAvYvnsL1IV0P+1nucPZrVsQbwCvI5sXxkdTjA
cXR5I1IYIB2Fj4pfVZReskwuFHZwSJcH448VTbpmrfy7QOOpVPwXJ14OjeiaAgSq
7q4cGZLTDxz8OacbnkLAX5OuNxU6hA6gRz63JgtvqJXnNyUKMkR2C6JcTJrWr589
bZNHgSPp/9lL1Ekqpc0cKpaGd1dNQYgSlabRdAgtbqi7JY+8d4jg4gtnAQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ1dERgPGHiACQvK+euGLAc97Vm9MB8GA1UdIwQY
MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt
ZTg3MWIyMTc5MGRlLzEvblYwUkdBOFllSUFKQzhyNTY0WXNCejN0V2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl
LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQESDgAMAwD
BANIOOgDBAFIOPwwDQYJKoZIhvcNAQELBQADggEBAEIVdmJyhXKJkwXq5PEJQ6p4
m/y38fAxd9yoypm7duauOkFBwH02kEbxR5tGVZIHs11Uh+b8nrKAqOxpcQiLlxox
v84KrL5W5mh/HpITHZr/tibe3s4CS7Taeb/3qEkvx92gT/OSQv7jNEVTpo+RaLKq
s/+AF9PGyhAH2dfvvTZVhVzEPz4xHirhTqswqFNXewaokla9qBh7R4Y8lR3/GHFS
Zi0Q6wSpVG76Nbe/dtrl9/z3tVwLca/Q35Dzxg8fIDSsc8pErJMmBa/oup7nkQ4g
bvXlJ27jylCk/myhsOZQZpsjB7oIwciZtHoqYObdMW8BAssHybOjalRHW3Ke230=
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:52:35 2026 by rpki-client