Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/A-MjjJdW168iNYqFkfwYGzw1LrY.roa
File: A-MjjJdW168iNYqFkfwYGzw1LrY.roa (raw, json)
Hash identifier: pU3BwRk+qKL3/FyjcbXvFLD4nBJ15y59tp8mnTfCJIg=
Subject key identifier: 03:E3:23:8C:97:56:D7:AF:22:35:8A:85:91:FC:18:1B:3C:35:2E:B6
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019E9DBD58FFB38A43E8DB786D7DBCE695A9
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/A-MjjJdW168iNYqFkfwYGzw1LrY.roa
Signing time: Sat 06 Jun 2026 16:21:32 +0000
ROA not before: Sat 06 Jun 2026 16:21:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211507
IP address blocks: 2a14:c380:50::/44 maxlen: 44
2a14:c380:60::/44 maxlen: 44
2a14:c380:70::/44 maxlen: 44
2a14:c380:80::/44 maxlen: 44
2a14:c380:90::/44 maxlen: 44
2a14:c380:130::/44 maxlen: 44
2a14:c380:c70::/44 maxlen: 44
2a14:c380:d50::/44 maxlen: 44
2a14:c380:d70::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9d:bd:58:ff:b3:8a:43:e8:db:78:6d:7d:bc:e6:95:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Jun 6 16:21:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=03e3238c9756d7af22358a8591fc181b3c352eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bd:c4:e9:af:db:bc:41:a6:05:10:66:5f:36:
67:67:c3:44:24:3c:78:b0:e5:fe:79:90:62:fc:5a:
2c:90:b0:8c:d7:7c:1c:e2:01:23:c1:cc:50:58:80:
52:d8:22:e5:0e:d5:9c:7a:20:62:f5:18:60:04:f4:
d7:6c:8d:b6:18:7e:9b:2a:d0:7b:42:d8:5d:75:8f:
eb:56:c2:49:60:36:0e:f3:ec:92:3f:0b:93:17:89:
a3:2a:3a:16:75:e6:0a:a2:5f:fe:df:c5:1f:57:f6:
e8:7c:a4:10:ae:e3:50:3e:06:00:9b:9b:90:40:80:
13:81:ab:13:c1:57:a0:e7:fc:94:93:83:ce:e3:03:
f0:17:38:f0:43:2f:06:f0:bc:8a:49:a1:d4:bb:c7:
5a:c5:85:63:48:d5:1d:07:bd:30:ef:ef:96:6a:93:
ba:b9:37:2c:71:b5:1c:87:95:95:79:cb:08:5e:cc:
47:8c:89:ec:51:1a:bb:81:44:12:fb:5f:6e:ba:55:
04:cc:57:11:9f:67:9a:0b:be:b5:44:7f:47:d4:f2:
28:b8:65:69:a6:d4:e1:52:4d:8c:81:81:c2:46:b4:
7b:d2:61:ee:12:51:49:58:8a:ca:49:01:82:46:fa:
15:8e:b4:9d:83:64:27:dd:b8:86:cf:46:6f:cd:0c:
dd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E3:23:8C:97:56:D7:AF:22:35:8A:85:91:FC:18:1B:3C:35:2E:B6
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/A-MjjJdW168iNYqFkfwYGzw1LrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:50::-2a14:c380:9f:ffff:ffff:ffff:ffff:ffff
2a14:c380:130::/44
2a14:c380:c70::/44
2a14:c380:d50::/44
2a14:c380:d70::/44
Signature Algorithm: sha256WithRSAEncryption
7f:3b:fe:1b:ad:4b:30:5f:78:52:46:34:b3:44:5b:51:ba:76:
28:bd:1c:c5:15:83:74:c7:e1:c7:34:29:b0:ba:0c:c2:19:1c:
c9:f0:37:ac:b9:b8:0c:49:7b:32:60:c1:ea:1c:13:aa:97:c3:
e4:7d:3e:4e:7c:72:49:29:1d:59:75:66:70:a7:17:22:35:19:
99:bb:99:a2:21:ed:6a:b8:b0:ee:58:4e:16:26:2d:69:cb:c2:
b0:a1:30:9c:0b:96:46:71:22:70:d1:e4:8a:ad:a4:44:4b:73:
e3:d7:7b:1c:33:f4:2f:4b:52:31:7f:b2:93:1b:0a:f9:f9:d4:
20:18:4f:62:4f:2e:95:a1:e6:63:e9:ce:6d:1c:05:4d:4b:c8:
6a:3d:d3:47:f1:37:f1:99:9e:5a:c2:8c:8d:a2:93:c2:a2:d8:
1a:5b:44:1d:02:7d:8d:c8:20:68:ad:b4:cf:c9:ed:92:ec:f3:
35:e4:5e:89:49:13:50:33:e8:63:b1:83:d1:84:2d:92:29:95:
e1:1b:9d:4a:b6:9c:dd:61:b2:f5:93:41:62:c9:bf:44:1b:91:
0f:31:e9:2e:22:da:91:b0:b2:82:ed:7b:4b:60:a7:43:8f:22:
eb:68:23:e4:bf:a1:72:b1:11:5e:ca:cb:26:db:67:c9:d0:65:
b8:23:70:e6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ6dvVj/s4pD6Nt4bX285pWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjYwNjA2MTYyMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2UzMjM4Yzk3NTZkN2FmMjIzNThhODU5MWZjMTgxYjNjMzUyZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr3E6a/bvEGmBRBmXzZnZ8NEJDx4
sOX+eZBi/FoskLCM13wc4gEjwcxQWIBS2CLlDtWceiBi9RhgBPTXbI22GH6bKtB7
QthddY/rVsJJYDYO8+ySPwuTF4mjKjoWdeYKol/+38UfV/bofKQQruNQPgYAm5uQ
QIATgasTwVeg5/yUk4PO4wPwFzjwQy8G8LyKSaHUu8daxYVjSNUdB70w7++WapO6
uTcscbUch5WVecsIXsxHjInsURq7gUQS+19uulUEzFcRn2eaC761RH9H1PIouGVp
ptThUk2MgYHCRrR70mHuElFJWIrKSQGCRvoVjrSdg2Qn3biGz0ZvzQzdwQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAPjI4yXVtevIjWKhZH8GBs8NS62MB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvQS1NampKZFcxNjhpTllxRmtmd1lHencxTHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4MBIDBwQqFMOA
AFADBwUqFMOAAIADBwQqFMOAATADBwQqFMOADHADBwQqFMOADVADBwQqFMOADXAw
DQYJKoZIhvcNAQELBQADggEBAH87/hutSzBfeFJGNLNEW1G6dii9HMUVg3TH4cc0
KbC6DMIZHMnwN6y5uAxJezJgweocE6qXw+R9Pk58ckkpHVl1ZnCnFyI1GZm7maIh
7Wq4sO5YThYmLWnLwrChMJwLlkZxInDR5IqtpERLc+PXexwz9C9LUjF/spMbCvn5
1CAYT2JPLpWh5mPpzm0cBU1LyGo900fxN/GZnlrCjI2ik8Ki2BpbRB0CfY3IIGit
tM/J7ZLs8zXkXolJE1Az6GOxg9GELZIpleEbnUq2nN1hsvWTQWLJv0QbkQ8x6S4i
2pGwsoLte0tgp0OPIutoI+S/oXKxEV7KyybbZ8nQZbgjcOY=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:19:48 2026 by rpki-client