Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/IVZBRFdSJY29zLQZ1_9wiAyBY3s.roa
File: IVZBRFdSJY29zLQZ1_9wiAyBY3s.roa (raw, json)
Hash identifier: xXi2DYhCr9UQ0TOmKNZR/7z5N9pMzwYqtN9+5h1VndQ=
Subject key identifier: 21:56:41:44:57:52:25:8D:BD:CC:B4:19:D7:FF:70:88:0C:81:63:7B
Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad
Certificate serial: 019D1CE58D875B7271B7A47931100B995DD3
Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/IVZBRFdSJY29zLQZ1_9wiAyBY3s.roa
Signing time: Mon 23 Mar 2026 22:51:39 +0000
ROA not before: Mon 23 Mar 2026 22:51:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 72.56.16.0/20 maxlen: 24
72.56.32.0/21 maxlen: 24
72.56.40.0/23 maxlen: 24
72.56.64.0/19 maxlen: 24
72.56.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:e5:8d:87:5b:72:71:b7:a4:79:31:10:0b:99:5d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad
Validity
Not Before: Mar 23 22:51:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=215641445752258dbdccb419d7ff70880c81637b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:46:12:0f:04:50:fe:2d:64:ca:f4:14:8a:66:
b9:c5:c6:8c:db:2c:d1:9b:c8:45:c2:17:5e:21:c3:
cc:85:3d:94:64:a2:62:ff:80:6d:1a:cc:15:26:07:
6e:30:ea:bc:c8:49:78:da:6c:fc:35:85:9f:46:cd:
e9:e2:e6:15:0e:4b:db:4e:0a:39:91:8d:01:b2:94:
65:f1:8c:3c:42:30:89:cf:04:b2:b5:7a:6a:ee:ca:
65:6e:13:60:19:0c:d8:3a:7d:0f:1e:60:26:a2:50:
f8:d0:c6:43:39:81:0e:17:f6:e2:55:7a:76:d7:03:
e8:dd:72:3c:a2:c9:5c:d2:1b:61:6d:de:3f:49:88:
7b:aa:9c:89:89:65:9f:f1:f4:ff:19:7a:c5:2d:51:
ca:eb:91:ae:2a:1f:07:c1:93:a0:22:3b:67:04:74:
ba:ff:72:4d:2e:1a:5b:8e:33:ac:ef:74:0a:4b:b2:
3b:10:fe:a8:a4:23:0e:91:fe:c8:11:b8:4c:8c:70:
9b:cb:d7:5b:f2:64:19:da:96:70:01:f0:4f:6a:dc:
38:1a:19:e7:57:20:e0:97:43:d6:db:aa:44:bf:31:
ec:20:41:00:3d:40:97:66:bb:d9:eb:3f:a9:6a:9a:
8d:67:fb:99:10:e7:a6:ab:00:0a:7d:84:76:35:e3:
00:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:56:41:44:57:52:25:8D:BD:CC:B4:19:D7:FF:70:88:0C:81:63:7B
X509v3 Authority Key Identifier:
keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/IVZBRFdSJY29zLQZ1_9wiAyBY3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.56.16.0-72.56.41.255
72.56.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:80:35:6e:6c:63:26:9f:34:ab:59:9c:95:69:94:52:fc:20:
f5:81:75:b0:99:5d:7e:bf:fb:7a:af:d3:71:e1:a6:ef:e3:8e:
6d:b7:73:46:63:52:99:65:80:1a:71:1d:55:06:dd:58:21:63:
11:74:d0:c1:3a:67:68:d3:61:01:87:0f:fe:02:9c:bd:80:b1:
45:3f:fa:56:3d:51:9f:17:bc:ec:15:ca:78:31:27:6c:89:d1:
55:77:32:65:e1:6b:c5:a7:63:e2:5a:fd:84:cf:25:f0:d4:43:
d3:87:93:e0:3b:ab:0a:c6:56:b3:2a:27:0b:7c:de:9c:c0:c4:
ce:38:97:f9:d8:11:50:21:7b:52:ee:e7:01:aa:d3:d6:1e:b9:
4a:02:7a:ca:c5:64:72:7e:00:84:da:3c:b4:b2:66:72:a4:bf:
96:92:6b:42:42:d5:39:34:24:a6:a4:0f:e2:15:e1:63:17:a3:
ec:7b:04:e0:aa:e1:df:8e:19:bd:bf:23:bf:2d:aa:ab:48:f9:
35:4b:5e:a6:97:1d:7b:17:3d:49:c4:1f:dc:d6:f9:27:5e:b9:
79:00:4c:46:26:48:9b:8f:ac:c6:7a:a1:4a:01:a4:d3:01:ec:
a7:9a:d2:5a:a9:12:ec:17:83:f2:1a:4d:79:ba:ca:81:80:ee:
ab:0f:12:3f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ0c5Y2HW3Jxt6R5MRALmV3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0
MjVjYWQwHhcNMjYwMzIzMjI1MTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU2NDE0NDU3NTIyNThkYmRjY2I0MTlkN2ZmNzA4ODBjODE2MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+EYSDwRQ/i1kyvQUima5xcaM2yzR
m8hFwhdeIcPMhT2UZKJi/4BtGswVJgduMOq8yEl42mz8NYWfRs3p4uYVDkvbTgo5
kY0BspRl8Yw8QjCJzwSytXpq7splbhNgGQzYOn0PHmAmolD40MZDOYEOF/biVXp2
1wPo3XI8oslc0hthbd4/SYh7qpyJiWWf8fT/GXrFLVHK65GuKh8HwZOgIjtnBHS6
/3JNLhpbjjOs73QKS7I7EP6opCMOkf7IEbhMjHCby9db8mQZ2pZwAfBPatw4Ghnn
VyDgl0PW26pEvzHsIEEAPUCXZrvZ6z+papqNZ/uZEOemqwAKfYR2NeMA4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCFWQURXUiWNvcy0Gdf/cIgMgWN7MB8GA1UdIwQY
MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt
ZTg3MWIyMTc5MGRlLzEvSVZaQlJGZFNKWTI5ekxRWjFfOXdpQXlCWTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl
LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARIOBAD
BAFIOCgDBAZIOEAwDQYJKoZIhvcNAQELBQADggEBAF+ANW5sYyafNKtZnJVplFL8
IPWBdbCZXX6/+3qv03Hhpu/jjm23c0ZjUpllgBpxHVUG3VghYxF00ME6Z2jTYQGH
D/4CnL2AsUU/+lY9UZ8XvOwVyngxJ2yJ0VV3MmXha8WnY+Ja/YTPJfDUQ9OHk+A7
qwrGVrMqJwt83pzAxM44l/nYEVAhe1Lu5wGq09YeuUoCesrFZHJ+AITaPLSyZnKk
v5aSa0JC1Tk0JKakD+IV4WMXo+x7BOCq4d+OGb2/I78tqqtI+TVLXqaXHXsXPUnE
H9zW+SdeuXkATEYmSJuPrMZ6oUoBpNMB7Kea0lqpEuwXg/IaTXm6yoGA7qsPEj8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:59:03 2026 by rpki-client