Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/XQH6M8DZ2SjCEWZpLUNQCl7_wtI.roa
File: XQH6M8DZ2SjCEWZpLUNQCl7_wtI.roa (raw, json)
Hash identifier: TxAgRgqgldVage91ycpVdCsYHeGeeaBXaxq0hHxwHGA=
Subject key identifier: 5D:01:FA:33:C0:D9:D9:28:C2:11:66:69:2D:43:50:0A:5E:FF:C2:D2
Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad
Certificate serial: 019F00C807A0669C155B414F4062966452D1
Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/XQH6M8DZ2SjCEWZpLUNQCl7_wtI.roa
Signing time: Thu 25 Jun 2026 21:55:36 +0000
ROA not before: Thu 25 Jun 2026 21:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 72.56.16.0/20 maxlen: 32
72.56.64.0/19 maxlen: 32
72.56.96.0/19 maxlen: 32
201.24.48.0/21 maxlen: 32
201.24.56.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 18:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:00:c8:07:a0:66:9c:15:5b:41:4f:40:62:96:64:52:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad
Validity
Not Before: Jun 25 21:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d01fa33c0d9d928c21166692d43500a5effc2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:54:94:b1:fa:3b:6f:6f:c3:f2:10:eb:f7:23:
03:41:4b:c1:a4:cf:41:ed:f4:20:d8:53:cb:b3:6b:
01:93:79:fc:76:56:98:8e:e0:a9:9a:ef:cb:4d:8b:
37:3f:84:72:4f:d2:9e:19:2c:65:15:5f:27:e1:ed:
53:a1:70:6a:4d:85:ff:ff:af:cd:87:f4:0d:1e:87:
f0:03:bd:9d:d3:cc:32:f0:92:be:87:3b:b2:fd:b9:
83:25:1e:e7:fa:b1:4c:d0:89:cb:f5:dc:bf:e3:77:
ca:49:c1:09:5f:fd:21:f5:82:61:7d:6f:dc:27:77:
51:a6:55:4a:8c:ef:f5:9f:8a:9b:aa:6d:d5:fd:eb:
ac:7b:f4:09:36:a9:c8:c5:65:7f:11:9d:a9:3e:e4:
3a:b9:5f:0a:da:8a:5c:ce:98:5f:4f:e7:2d:ff:29:
64:a1:83:6d:25:c4:ca:4d:e1:a8:7c:e5:d8:30:35:
dc:62:51:fd:4c:7b:f6:6b:a6:d2:4c:13:41:6d:e7:
ab:aa:eb:80:f5:2d:8b:8a:88:01:86:6a:9e:ff:81:
32:bf:4c:b3:9f:ac:34:09:e9:73:d4:91:2c:64:0d:
10:55:aa:c6:c0:99:1c:b8:71:61:7c:f7:45:5b:71:
d5:bf:4b:2e:d3:ef:3d:9c:47:e5:99:75:14:f3:69:
a5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:01:FA:33:C0:D9:D9:28:C2:11:66:69:2D:43:50:0A:5E:FF:C2:D2
X509v3 Authority Key Identifier:
keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/XQH6M8DZ2SjCEWZpLUNQCl7_wtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.56.16.0/20
72.56.64.0/18
201.24.48.0-201.24.57.255
Signature Algorithm: sha256WithRSAEncryption
c6:0d:46:1d:9b:7d:72:aa:d1:ed:08:5d:9d:79:d0:a1:1d:9c:
8a:e7:43:c3:cf:a0:79:a5:f9:21:e7:03:de:1b:89:36:10:35:
b4:d3:78:b2:43:ee:ba:ff:8b:3a:4e:db:81:78:e1:44:9d:f1:
7e:76:b0:c5:7b:2a:09:94:67:22:ba:ea:25:f7:59:e8:6a:5e:
ac:0c:bc:e5:bf:e8:d6:e0:b3:e6:03:43:61:6e:94:b8:56:7e:
89:e0:e9:92:c5:e4:09:cb:5b:e1:89:a2:27:3c:83:bd:4e:78:
50:8c:de:4e:c8:1a:09:cb:3e:9d:33:73:69:01:b2:99:92:c1:
d6:0b:9f:9d:ab:86:76:56:d4:3e:2a:b6:cf:f9:3e:73:58:6f:
33:4c:cc:ff:c3:c4:f1:c5:24:54:e6:9a:72:42:1d:ae:fb:a6:
0e:11:32:2e:2c:e0:dc:4b:9f:f9:22:05:26:e4:4c:b3:a8:9f:
a7:5d:24:87:71:eb:9e:43:0c:bb:d2:8b:fa:7e:73:98:2e:fa:
e1:05:65:5b:f8:84:8a:f2:a5:42:b0:5a:f1:b9:3d:50:a0:29:
82:99:f4:35:95:ed:95:3f:d0:21:e3:2c:4e:0f:7e:27:fc:35:
93:45:bc:40:44:ca:55:78:db:ca:e9:6b:7a:2e:a9:63:32:cf:
cf:45:eb:75
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ8AyAegZpwVW0FPQGKWZFLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0
MjVjYWQwHhcNMjYwNjI1MjE1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDAxZmEzM2MwZDlkOTI4YzIxMTY2NjkyZDQzNTAwYTVlZmZjMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lSUsfo7b2/D8hDr9yMDQUvBpM9B
7fQg2FPLs2sBk3n8dlaYjuCpmu/LTYs3P4RyT9KeGSxlFV8n4e1ToXBqTYX//6/N
h/QNHofwA72d08wy8JK+hzuy/bmDJR7n+rFM0InL9dy/43fKScEJX/0h9YJhfW/c
J3dRplVKjO/1n4qbqm3V/euse/QJNqnIxWV/EZ2pPuQ6uV8K2opczphfT+ct/ylk
oYNtJcTKTeGofOXYMDXcYlH9THv2a6bSTBNBbeerquuA9S2LiogBhmqe/4Eyv0yz
n6w0Celz1JEsZA0QVarGwJkcuHFhfPdFW3HVv0su0+89nEflmXUU82mlvQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF0B+jPA2dkowhFmaS1DUApe/8LSMB8GA1UdIwQY
MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt
ZTg3MWIyMTc5MGRlLzEvWFFINk04RFoyU2pDRVdacExVTlFDbDdfd3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl
LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQESDgQAwQG
SDhAMAwDBATJGDADBAHJGDgwDQYJKoZIhvcNAQELBQADggEBAMYNRh2bfXKq0e0I
XZ150KEdnIrnQ8PPoHml+SHnA94biTYQNbTTeLJD7rr/izpO24F44USd8X52sMV7
KgmUZyK66iX3WehqXqwMvOW/6Nbgs+YDQ2FulLhWfong6ZLF5AnLW+GJoic8g71O
eFCM3k7IGgnLPp0zc2kBspmSwdYLn52rhnZW1D4qts/5PnNYbzNMzP/DxPHFJFTm
mnJCHa77pg4RMi4s4NxLn/kiBSbkTLOon6ddJIdx655DDLvSi/p+c5gu+uEFZVv4
hIrypUKwWvG5PVCgKYKZ9DWV7ZU/0CHjLE4Pfif8NZNFvEBEylV428rpa3ouqWMy
z89F63U=
-----END CERTIFICATE-----
Generated at Sun Jun 28 04:10:52 2026 by rpki-client