Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/Fpers4ckw8vskaNRVclqUBp0SoI.roa
File: Fpers4ckw8vskaNRVclqUBp0SoI.roa (raw, json)
Hash identifier: /ASq7BRZjDqtnx4xF8bUwVqbxsy5sT2w1mwn2Hyex7s=
Subject key identifier: 16:97:AB:B3:87:24:C3:CB:EC:91:A3:51:55:C9:6A:50:1A:74:4A:82
Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad
Certificate serial: 019EE0007B367B2C29B08D96B487D28B064C
Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/Fpers4ckw8vskaNRVclqUBp0SoI.roa
Signing time: Fri 19 Jun 2026 13:09:48 +0000
ROA not before: Fri 19 Jun 2026 13:09:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205290
IP address blocks: 72.56.46.0/24 maxlen: 24
72.56.49.0/24 maxlen: 24
72.56.62.0/24 maxlen: 24
72.56.63.0/24 maxlen: 24
72.56.218.0/23 maxlen: 24
72.56.225.0/24 maxlen: 24
72.56.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 18:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e0:00:7b:36:7b:2c:29:b0:8d:96:b4:87:d2:8b:06:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad
Validity
Not Before: Jun 19 13:09:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1697abb38724c3cbec91a35155c96a501a744a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:30:91:f5:91:27:f0:dc:fe:09:86:87:37:
15:51:94:23:c5:cf:54:f9:e6:b5:b5:c4:30:a7:a0:
29:2c:25:48:81:83:05:f6:d0:05:24:de:ca:6d:02:
a3:83:e2:e8:3e:ea:ae:50:0f:a1:36:5b:eb:5d:c4:
7b:e5:ff:7b:3e:c5:ab:a6:1c:b0:04:20:5b:af:27:
55:45:59:5f:40:59:a7:13:9b:b6:31:b0:28:0c:e9:
31:fa:e9:bb:86:ed:33:c6:c0:ae:9c:5c:62:75:92:
ed:e3:b4:7a:58:eb:b0:bf:77:19:65:22:b0:4c:bb:
ab:54:04:74:d0:3a:55:a7:31:d0:5b:5f:8c:de:23:
dd:66:29:5f:7d:f4:77:07:e2:59:14:44:97:7d:0e:
59:65:70:3f:e2:6e:5e:94:48:4f:d3:6d:0f:aa:66:
a0:03:d6:ac:e1:e2:d6:99:8a:98:f7:d9:6a:12:5f:
3e:17:26:9c:07:3e:02:0a:8f:b1:b4:b5:4a:17:8e:
1d:41:a4:cf:e6:9f:a7:fe:c6:ad:3b:d9:bf:a6:21:
2f:16:39:8b:43:a8:e5:f1:c7:5d:f1:43:3a:7c:7b:
61:8f:c7:32:70:aa:66:8a:dd:82:25:1e:58:d5:91:
c2:d5:6b:af:50:87:83:22:06:c7:90:2d:54:d4:21:
a5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:97:AB:B3:87:24:C3:CB:EC:91:A3:51:55:C9:6A:50:1A:74:4A:82
X509v3 Authority Key Identifier:
keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/Fpers4ckw8vskaNRVclqUBp0SoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.56.46.0/24
72.56.49.0/24
72.56.62.0/23
72.56.218.0/23
72.56.225.0-72.56.226.255
Signature Algorithm: sha256WithRSAEncryption
0f:e1:fc:d9:aa:97:d3:28:9e:98:dd:02:78:3a:c4:4a:d3:a0:
f0:3e:13:67:1f:55:e1:32:bc:d9:55:97:21:b9:04:af:1b:10:
80:7c:1d:3c:bd:46:88:a0:9d:71:0c:ad:ab:c8:36:9b:78:8c:
28:23:22:90:1c:b9:de:85:1b:01:02:07:0f:d0:a2:7c:90:bb:
3a:1d:d4:fd:6e:da:7d:4e:38:4c:fa:6f:e6:e4:30:dc:62:78:
15:7a:12:05:57:9e:07:68:7d:a2:66:38:30:80:a3:04:1f:ba:
e8:97:8d:a6:c5:d9:36:04:95:7a:bf:a2:0a:d0:8a:d1:f5:d3:
c9:9d:e6:f5:64:b7:9f:36:04:a4:9d:fb:67:80:87:ce:26:79:
3d:c5:56:e4:c6:1a:cd:90:d3:af:cb:32:34:51:05:5f:01:87:
6f:24:7f:75:03:f6:e7:cb:c0:52:59:a3:27:e1:03:45:02:a8:
e2:cf:67:14:03:72:55:e6:95:d7:16:70:56:dd:e4:8f:ad:a4:
2c:d6:d3:0f:12:a6:02:a6:05:df:14:e6:2c:8b:e1:29:f5:d6:
11:1c:58:0c:16:91:38:05:3e:d5:ed:1d:10:52:f0:da:6d:40:
e1:76:84:49:58:fe:6a:63:04:1a:d1:e5:a9:3f:0c:d9:0a:74:
55:8a:7f:21
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ7gAHs2eywpsI2WtIfSiwZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0
MjVjYWQwHhcNMjYwNjE5MTMwOTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk3YWJiMzg3MjRjM2NiZWM5MWEzNTE1NWM5NmE1MDFhNzQ0YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY0wkfWRJ/Dc/gmGhzcVUZQjxc9U
+ea1tcQwp6ApLCVIgYMF9tAFJN7KbQKjg+LoPuquUA+hNlvrXcR75f97PsWrphyw
BCBbrydVRVlfQFmnE5u2MbAoDOkx+um7hu0zxsCunFxidZLt47R6WOuwv3cZZSKw
TLurVAR00DpVpzHQW1+M3iPdZilfffR3B+JZFESXfQ5ZZXA/4m5elEhP020Pqmag
A9as4eLWmYqY99lqEl8+FyacBz4CCo+xtLVKF44dQaTP5p+n/satO9m/piEvFjmL
Q6jl8cdd8UM6fHthj8cycKpmit2CJR5Y1ZHC1WuvUIeDIgbHkC1U1CGlHQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBaXq7OHJMPL7JGjUVXJalAadEqCMB8GA1UdIwQY
MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt
ZTg3MWIyMTc5MGRlLzEvRnBlcnM0Y2t3OHZza2FOUlZjbHFVQnAwU29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl
LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQASDguAwQA
SDgxAwQBSDg+AwQBSDjaMAwDBABIOOEDBABIOOIwDQYJKoZIhvcNAQELBQADggEB
AA/h/Nmql9MonpjdAng6xErToPA+E2cfVeEyvNlVlyG5BK8bEIB8HTy9RoignXEM
ravINpt4jCgjIpAcud6FGwECBw/QonyQuzod1P1u2n1OOEz6b+bkMNxieBV6EgVX
ngdofaJmODCAowQfuuiXjabF2TYElXq/ogrQitH108md5vVkt582BKSd+2eAh84m
eT3FVuTGGs2Q06/LMjRRBV8Bh28kf3UD9ufLwFJZoyfhA0UCqOLPZxQDclXmldcW
cFbd5I+tpCzW0w8SpgKmBd8U5iyL4Sn11hEcWAwWkTgFPtXtHRBS8NptQOF2hElY
/mpjBBrR5ak/DNkKdFWKfyE=
-----END CERTIFICATE-----
Generated at Sun Jun 28 04:10:51 2026 by rpki-client