Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/iMagr2JhNrn6UcBo9-V-8mQcTn4.roa
File: iMagr2JhNrn6UcBo9-V-8mQcTn4.roa (raw, json)
Hash identifier: mQklS7JkHJd3eY4Nb4US8i0zJjbD5uDxAwa3Ul/Mehk=
Subject key identifier: 88:C6:A0:AF:62:61:36:B9:FA:51:C0:68:F7:E5:7E:F2:64:1C:4E:7E
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 019D861869AAF059E3C9636B1E63F50173A2
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/iMagr2JhNrn6UcBo9-V-8mQcTn4.roa
Signing time: Mon 13 Apr 2026 09:07:20 +0000
ROA not before: Mon 13 Apr 2026 09:07:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 172.216.205.0/24 maxlen: 24
172.216.206.0/24 maxlen: 24
172.216.226.0/24 maxlen: 24
172.216.227.0/24 maxlen: 24
172.216.228.0/24 maxlen: 24
172.216.229.0/24 maxlen: 24
172.216.245.0/24 maxlen: 24
2a09:a702:6e::/48 maxlen: 48
2a09:a702:6f::/48 maxlen: 48
2a09:a702:70::/48 maxlen: 48
2a09:a702:71::/48 maxlen: 48
2a09:a702:74::/48 maxlen: 48
2a09:a702:75::/48 maxlen: 48
2a09:a702:78::/48 maxlen: 48
2a09:a702:79::/48 maxlen: 48
2a09:a702:7a::/48 maxlen: 48
2a09:a702:7b::/48 maxlen: 48
2a09:a702:7c::/48 maxlen: 48
2a09:a702:7d::/48 maxlen: 48
2a09:a702:7e::/48 maxlen: 48
2a09:a702:7f::/48 maxlen: 48
2a09:a702:80::/48 maxlen: 48
2a09:a702:81::/48 maxlen: 48
2a09:a702:82::/48 maxlen: 48
2a09:a702:83::/48 maxlen: 48
2a09:a702:84::/48 maxlen: 48
2a09:a702:85::/48 maxlen: 48
2a09:a702:86::/48 maxlen: 48
2a09:a702:87::/48 maxlen: 48
2a09:a702:88::/48 maxlen: 48
2a09:a702:89::/48 maxlen: 48
2a09:a702:8a::/48 maxlen: 48
2a09:a702:8b::/48 maxlen: 48
2a09:a702:8c::/48 maxlen: 48
2a09:a702:8d::/48 maxlen: 48
2a09:a702:8e::/48 maxlen: 48
2a09:a702:8f::/48 maxlen: 48
2a09:a702:90::/48 maxlen: 48
2a09:a702:91::/48 maxlen: 48
2a09:a702:96::/48 maxlen: 48
2a09:a702:97::/48 maxlen: 48
2a09:a702:98::/48 maxlen: 48
2a09:a702:99::/48 maxlen: 48
2a09:a702:9a::/48 maxlen: 48
2a09:a702:9b::/48 maxlen: 48
2a09:a702:9c::/48 maxlen: 48
2a09:a702:9d::/48 maxlen: 48
2a09:a702:9e::/48 maxlen: 48
2a09:a702:9f::/48 maxlen: 48
2a09:a702:a2::/48 maxlen: 48
2a09:a702:a3::/48 maxlen: 48
2a09:a702:a4::/48 maxlen: 48
2a09:a702:a5::/48 maxlen: 48
2a09:a702:a6::/48 maxlen: 48
2a09:a702:a7::/48 maxlen: 48
2a09:a702:ac::/48 maxlen: 48
2a09:a702:ad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:18:69:aa:f0:59:e3:c9:63:6b:1e:63:f5:01:73:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Apr 13 09:07:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88c6a0af626136b9fa51c068f7e57ef2641c4e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:25:ae:42:5a:59:bf:59:8d:c7:d9:9f:75:62:
40:d3:b4:49:51:e6:1c:01:d3:c0:c5:9e:2d:8a:1b:
38:f9:57:2d:95:5d:26:cb:c0:66:18:15:ff:79:58:
d3:33:da:4e:cd:26:d7:ca:3e:b5:ab:ca:a9:7f:5a:
9e:ff:71:64:90:3a:f7:18:aa:7e:18:25:2c:37:ba:
33:fb:29:9d:d3:53:50:f8:79:f2:72:87:13:03:ac:
17:30:15:e3:6c:d0:82:e0:38:d1:5d:b1:39:af:f1:
a6:40:8b:01:bd:8a:02:41:e0:ce:40:5b:cb:9f:84:
b2:83:38:0a:f5:17:d2:40:d8:48:89:45:6a:38:19:
57:c7:62:16:d7:c5:85:a5:90:6c:cf:3d:51:11:36:
ab:79:3b:95:2c:72:1a:b2:ba:d3:19:d4:52:5c:bd:
33:96:5d:aa:d5:84:8c:35:38:8d:53:2e:08:c3:d1:
d6:0d:e3:9e:90:a6:cb:b3:9a:6a:f4:c2:07:3f:db:
92:92:d3:a1:7c:d1:63:02:73:34:52:e4:24:34:49:
44:c1:72:2e:64:e9:5e:6e:8e:70:82:7f:3b:e8:17:
8b:4f:82:30:24:09:76:ab:08:7c:51:44:a7:8a:33:
2d:8b:be:be:8c:80:2f:87:fd:4b:5c:ed:32:68:f9:
81:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:A0:AF:62:61:36:B9:FA:51:C0:68:F7:E5:7E:F2:64:1C:4E:7E
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/iMagr2JhNrn6UcBo9-V-8mQcTn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
172.216.205.0-172.216.206.255
172.216.226.0-172.216.229.255
172.216.245.0/24
IPv6:
2a09:a702:6e::-2a09:a702:71:ffff:ffff:ffff:ffff:ffff
2a09:a702:74::/47
2a09:a702:78::-2a09:a702:91:ffff:ffff:ffff:ffff:ffff
2a09:a702:96::-2a09:a702:9f:ffff:ffff:ffff:ffff:ffff
2a09:a702:a2::-2a09:a702:a7:ffff:ffff:ffff:ffff:ffff
2a09:a702:ac::/47
Signature Algorithm: sha256WithRSAEncryption
99:92:7b:bc:eb:a4:bc:48:49:53:f6:a3:cf:21:c0:93:61:d3:
99:a4:23:16:1d:5e:e9:07:e3:61:1c:c1:49:27:df:a6:fd:82:
a3:c5:02:75:bd:cf:05:c6:fc:bd:e3:d2:29:20:57:fa:36:e8:
1a:d5:5b:13:c1:4c:27:51:cf:b4:8c:6f:73:fd:81:4a:22:3f:
e6:0b:2b:33:68:a2:a8:e1:66:a2:42:b9:fb:36:ea:68:f3:e4:
fa:8d:9f:28:b6:25:05:6d:29:e8:b8:36:77:a4:e2:14:b3:93:
3e:83:ee:56:ff:0e:cd:12:e0:15:9c:f0:c5:05:f0:8f:db:26:
8b:4b:3b:6a:0f:73:e9:5c:41:93:54:95:88:b8:29:64:8f:44:
5a:eb:45:fe:fd:a7:6d:fa:93:79:19:66:d3:db:ad:db:ad:e2:
2b:54:15:7f:aa:68:40:50:12:3e:1e:a1:bb:0d:4f:4f:b7:ed:
14:1c:2d:27:d4:08:4e:67:e0:7c:b0:44:6b:52:dd:f9:d5:2b:
89:15:3b:4c:83:b8:ae:3d:42:f4:9a:f2:0d:cc:96:e9:91:a7:
31:47:94:d4:86:1a:d5:f5:f6:df:ac:85:3d:23:cd:8f:c5:b9:
26:6f:5c:f5:e9:f7:e5:ff:99:0e:57:c3:ee:14:a2:a4:33:a3:
2a:47:b9:6e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ2GGGmq8FnjyWNrHmP1AXOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjYwNDEzMDkwNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM2YTBhZjYyNjEzNmI5ZmE1MWMwNjhmN2U1N2VmMjY0MWM0ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SWuQlpZv1mNx9mfdWJA07RJUeYc
AdPAxZ4tihs4+VctlV0my8BmGBX/eVjTM9pOzSbXyj61q8qpf1qe/3FkkDr3GKp+
GCUsN7oz+ymd01NQ+HnycocTA6wXMBXjbNCC4DjRXbE5r/GmQIsBvYoCQeDOQFvL
n4SygzgK9RfSQNhIiUVqOBlXx2IW18WFpZBszz1RETareTuVLHIasrrTGdRSXL0z
ll2q1YSMNTiNUy4Iw9HWDeOekKbLs5pq9MIHP9uSktOhfNFjAnM0UuQkNElEwXIu
ZOlebo5wgn876BeLT4IwJAl2qwh8UUSnijMti76+jIAvh/1LXO0yaPmBUwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFIjGoK9iYTa5+lHAaPflfvJkHE5+MB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvaU1hZ3IySmhOcm42VWNCbzktVi04bVFjVG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDAoBAIAATAiMAwDBACs
2M0DBACs2M4wDAMEAazY4gMEAazY5AMEAKzY9TBoBAIAAjBiMBIDBwEqCacCAG4D
BwEqCacCAHADBwEqCacCAHQwEgMHAyoJpwIAeAMHASoJpwIAkDASAwcBKgmnAgCW
AwcFKgmnAgCAMBIDBwEqCacCAKIDBwMqCacCAKADBwEqCacCAKwwDQYJKoZIhvcN
AQELBQADggEBAJmSe7zrpLxISVP2o88hwJNh05mkIxYdXukH42EcwUkn36b9gqPF
AnW9zwXG/L3j0ikgV/o26BrVWxPBTCdRz7SMb3P9gUoiP+YLKzNooqjhZqJCufs2
6mjz5PqNnyi2JQVtKei4Nnek4hSzkz6D7lb/Ds0S4BWc8MUF8I/bJotLO2oPc+lc
QZNUlYi4KWSPRFrrRf79p236k3kZZtPbrdut4itUFX+qaEBQEj4eobsNT0+37RQc
LSfUCE5n4HywRGtS3fnVK4kVO0yDuK49QvSa8g3MlumRpzFHlNSGGtX19t+shT0j
zY/FuSZvXPXp9+X/mQ5Xw+4UoqQzoypHuW4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:33:42 2026 by rpki-client