Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/Gc-zxgRLIzAQa_iFPqWdSCs1AfA.roa
File: Gc-zxgRLIzAQa_iFPqWdSCs1AfA.roa (raw, json)
Hash identifier: knk2ar6caQbw//JlOcHZhkt4Z0WhcJB+DOpi0h0a7F4=
Subject key identifier: 19:CF:B3:C6:04:4B:23:30:10:6B:F8:85:3E:A5:9D:48:2B:35:01:F0
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 019D7262F15FA4BB9F7CF881DD2FCF61818A
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/Gc-zxgRLIzAQa_iFPqWdSCs1AfA.roa
Signing time: Thu 09 Apr 2026 13:16:20 +0000
ROA not before: Thu 09 Apr 2026 13:16:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25369
IP address blocks: 172.216.51.0/24 maxlen: 24
172.216.52.0/24 maxlen: 24
172.216.53.0/24 maxlen: 24
172.216.54.0/24 maxlen: 24
172.216.55.0/24 maxlen: 24
172.216.56.0/24 maxlen: 24
172.216.57.0/24 maxlen: 24
172.216.58.0/24 maxlen: 24
172.216.59.0/24 maxlen: 24
172.216.60.0/24 maxlen: 24
172.216.151.0/24 maxlen: 24
172.216.152.0/24 maxlen: 24
172.216.153.0/24 maxlen: 24
172.216.154.0/24 maxlen: 24
172.216.185.0/24 maxlen: 24
172.216.186.0/24 maxlen: 24
172.216.197.0/24 maxlen: 24
172.216.198.0/24 maxlen: 24
172.216.199.0/24 maxlen: 24
172.216.200.0/24 maxlen: 24
172.216.201.0/24 maxlen: 24
172.216.202.0/24 maxlen: 24
172.216.203.0/24 maxlen: 24
172.216.204.0/24 maxlen: 24
172.216.213.0/24 maxlen: 24
172.216.214.0/24 maxlen: 24
2a09:a702::/46 maxlen: 48
2a09:a702:6::/48 maxlen: 48
2a09:a702:7::/48 maxlen: 48
2a09:a702:8::/48 maxlen: 48
2a09:a702:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:62:f1:5f:a4:bb:9f:7c:f8:81:dd:2f:cf:61:81:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Apr 9 13:16:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19cfb3c6044b2330106bf8853ea59d482b3501f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:23:65:a8:69:51:71:77:32:b7:a7:0e:12:5c:
04:d9:2c:69:21:6d:04:c1:e4:73:a0:33:db:36:94:
9f:c3:4a:88:cc:7e:8d:55:3b:b6:16:45:9e:4b:c9:
ca:0c:ef:bc:19:10:0e:6d:94:8f:0c:7c:bd:aa:f6:
a7:3c:60:27:af:d5:7f:68:af:b1:5b:3d:c1:b6:df:
e8:e5:51:c6:b6:6d:2c:0a:b7:79:9c:21:e7:42:b8:
4d:b9:c3:98:7e:e8:4a:67:25:1c:c6:0f:6b:db:01:
d8:51:cd:8b:bd:9b:26:77:4f:79:3b:f3:09:0b:53:
a5:cb:88:2e:c3:cd:85:42:54:7c:df:13:63:19:63:
12:15:88:40:46:4d:70:06:b6:79:41:b9:2f:2f:59:
6a:78:82:e6:12:51:bf:f8:1a:a1:ff:c2:4d:57:80:
18:c3:39:38:d6:90:be:ee:67:83:57:f1:91:e7:af:
2d:ce:4c:65:6d:fe:01:ad:11:d3:08:46:36:0b:85:
79:34:56:80:07:f9:c5:89:c2:f2:d2:a2:2b:0c:20:
eb:ef:61:ac:17:82:3f:b1:2e:b8:b9:df:93:94:ac:
0d:7f:63:44:12:37:8d:2f:40:f8:d3:9f:29:63:d6:
3f:60:0a:61:aa:47:a1:8d:a6:22:29:40:87:d1:3c:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CF:B3:C6:04:4B:23:30:10:6B:F8:85:3E:A5:9D:48:2B:35:01:F0
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/Gc-zxgRLIzAQa_iFPqWdSCs1AfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
172.216.51.0-172.216.60.255
172.216.151.0-172.216.154.255
172.216.185.0-172.216.186.255
172.216.197.0-172.216.204.255
172.216.213.0-172.216.214.255
IPv6:
2a09:a702::/46
2a09:a702:6::-2a09:a702:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:c6:34:b9:75:cb:de:38:59:56:a7:06:9b:ac:e7:1f:1e:dd:
ee:dd:89:29:0c:ed:60:91:43:04:a7:09:4c:1c:51:62:51:3f:
81:bf:47:0a:3a:ac:6c:8c:ba:59:59:c8:c8:b8:69:a7:5c:8c:
2b:f4:75:45:81:f9:f7:84:ac:89:c4:0f:b3:9f:03:53:8c:33:
26:af:7a:0b:e8:d0:ef:88:9d:4c:fb:72:6e:0f:68:b5:48:67:
c6:e4:be:73:22:d2:dd:99:11:e4:02:b2:d5:83:98:c5:5e:2e:
ea:3e:be:fe:7c:00:18:0c:16:c7:c5:1c:1e:3c:a0:52:8c:dc:
4e:dd:3f:4b:fa:68:99:1c:71:4a:c9:68:51:9f:a4:f3:ff:65:
fa:d5:da:bf:33:a5:c4:f6:4b:e0:7b:aa:dc:e8:71:97:58:2e:
78:c1:17:97:b4:c8:4f:76:1a:fb:60:76:d1:f0:3a:8c:8b:3a:
49:c6:7c:cd:54:be:b1:24:82:e9:89:6b:81:48:12:fb:d1:56:
c4:0e:2b:b9:2c:3f:06:19:40:41:c1:a4:f8:74:31:78:57:6b:
6c:7c:7e:b4:d1:00:49:39:ce:a1:91:f7:4f:eb:40:84:24:f6:
46:00:be:d8:61:45:05:f9:b2:4b:ac:42:2a:af:64:aa:28:9c:
11:5d:e1:57
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZ1yYvFfpLuffPiB3S/PYYGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjYwNDA5MTMxNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNmYjNjNjA0NGIyMzMwMTA2YmY4ODUzZWE1OWQ0ODJiMzUwMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CNlqGlRcXcyt6cOElwE2SxpIW0E
weRzoDPbNpSfw0qIzH6NVTu2FkWeS8nKDO+8GRAObZSPDHy9qvanPGAnr9V/aK+x
Wz3Btt/o5VHGtm0sCrd5nCHnQrhNucOYfuhKZyUcxg9r2wHYUc2LvZsmd095O/MJ
C1Oly4guw82FQlR83xNjGWMSFYhARk1wBrZ5QbkvL1lqeILmElG/+Bqh/8JNV4AY
wzk41pC+7meDV/GR568tzkxlbf4BrRHTCEY2C4V5NFaAB/nFicLy0qIrDCDr72Gs
F4I/sS64ud+TlKwNf2NEEjeNL0D4058pY9Y/YAphqkehjaYiKUCH0TzuewIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFBnPs8YESyMwEGv4hT6lnUgrNQHwMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvR2MtenhnUkxJekFRYV9pRlBxV2RTQ3MxQWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwTAQCAAEwRjAMAwQArNgz
AwQArNg8MAwDBACs2JcDBACs2JowDAMEAKzYuQMEAKzYujAMAwQArNjFAwQArNjM
MAwDBACs2NUDBACs2NYwIwQCAAIwHQMHAioJpwIAADASAwcBKgmnAgAGAwcBKgmn
AgAIMA0GCSqGSIb3DQEBCwUAA4IBAQCLxjS5dcveOFlWpwabrOcfHt3u3YkpDO1g
kUMEpwlMHFFiUT+Bv0cKOqxsjLpZWcjIuGmnXIwr9HVFgfn3hKyJxA+znwNTjDMm
r3oL6NDviJ1M+3JuD2i1SGfG5L5zItLdmRHkArLVg5jFXi7qPr7+fAAYDBbHxRwe
PKBSjNxO3T9L+miZHHFKyWhRn6Tz/2X61dq/M6XE9kvge6rc6HGXWC54wReXtMhP
dhr7YHbR8DqMizpJxnzNVL6xJILpiWuBSBL70VbEDiu5LD8GGUBBwaT4dDF4V2ts
fH600QBJOc6hkfdP60CEJPZGAL7YYUUF+bJLrEIqr2SqKJwRXeFX
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:04:08 2026 by rpki-client