Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/vEnjalWGQNC9JTgNeiiGalT6R5w.roa
File: vEnjalWGQNC9JTgNeiiGalT6R5w.roa (raw, json)
Hash identifier: IkGdwOuUHbIVOTFRNRwMQ1UYGuFhLEk2X0M7V9Wz09I=
Subject key identifier: BC:49:E3:6A:55:86:40:D0:BD:25:38:0D:7A:28:86:6A:54:FA:47:9C
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019D9D78518EA459862AEA0644B4E3BD1E8A
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/vEnjalWGQNC9JTgNeiiGalT6R5w.roa
Signing time: Fri 17 Apr 2026 22:03:21 +0000
ROA not before: Fri 17 Apr 2026 22:03:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211507
IP address blocks: 2a14:c380:50::/44 maxlen: 44
2a14:c380:60::/44 maxlen: 44
2a14:c380:70::/44 maxlen: 44
2a14:c380:80::/44 maxlen: 44
2a14:c380:90::/44 maxlen: 44
2a14:c380:130::/44 maxlen: 44
2a14:c380:c70::/44 maxlen: 44
2a14:c380:d50::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9d:78:51:8e:a4:59:86:2a:ea:06:44:b4:e3:bd:1e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Apr 17 22:03:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc49e36a558640d0bd25380d7a28866a54fa479c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:63:31:43:d5:3f:dc:04:9d:c2:85:46:46:9d:
f0:0b:7e:b2:66:84:2c:4c:50:13:89:35:47:c2:d5:
ff:85:05:3a:5e:b1:3c:5b:75:25:47:c5:f5:cd:cf:
ea:50:1c:dd:70:f0:60:9a:62:58:2b:3d:d3:de:42:
9b:1a:05:98:5e:4d:b0:5f:52:6c:54:d9:31:79:36:
63:c4:fd:b1:b3:a6:a5:0f:02:b1:49:a8:d2:81:df:
f3:f6:8f:c8:8b:63:5b:67:19:97:a5:ab:d9:b3:6f:
18:f7:76:9b:67:a9:d2:82:98:19:4d:c0:23:57:d9:
1c:7f:8d:20:d6:63:88:8a:85:b1:5b:bf:1f:c9:09:
3e:25:bd:91:d5:6b:da:cf:5a:97:49:70:b5:8b:ed:
c9:c6:0f:f4:de:cb:30:93:ad:20:5b:c6:97:bd:00:
66:74:c6:c5:9a:65:f1:2a:08:ca:92:2f:c2:81:c4:
0f:8c:f0:56:ec:0f:fe:df:67:49:cd:07:ba:d4:5c:
d0:f0:ef:05:90:34:eb:8a:da:37:b9:c3:ad:ec:90:
1b:cf:6e:eb:19:84:de:5b:ad:62:0a:9f:6c:db:9a:
f4:9c:13:b6:42:92:87:05:9f:59:1a:a3:a2:64:41:
ba:87:97:9d:30:ab:81:c7:bf:89:e6:a7:7f:f3:90:
93:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:49:E3:6A:55:86:40:D0:BD:25:38:0D:7A:28:86:6A:54:FA:47:9C
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/vEnjalWGQNC9JTgNeiiGalT6R5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:50::-2a14:c380:9f:ffff:ffff:ffff:ffff:ffff
2a14:c380:130::/44
2a14:c380:c70::/44
2a14:c380:d50::/44
Signature Algorithm: sha256WithRSAEncryption
0f:95:c7:a9:f5:fe:0b:3d:58:76:d5:dc:53:eb:d1:41:b5:a5:
70:42:07:17:4e:82:1a:42:08:f8:e3:cb:4f:24:28:1f:49:94:
e9:9d:4a:d1:f5:d6:3b:0e:78:b1:eb:f8:41:da:80:de:06:f4:
18:3a:b0:03:7c:11:a9:af:19:aa:d8:80:63:ae:29:9a:a5:1a:
41:b3:36:68:05:c7:5a:05:89:d8:bc:34:eb:51:8c:ed:0e:ff:
27:2c:b7:b0:29:3b:35:b3:46:fc:07:20:1d:97:ee:c1:b7:5a:
34:ab:7a:f1:c1:d0:34:64:5b:80:85:df:66:e5:6a:81:b3:fc:
c2:1c:c3:b6:ce:46:af:29:2d:22:11:2c:ec:3c:d0:c5:3e:e2:
60:75:dc:eb:5f:75:47:7f:1f:e8:b4:45:84:43:60:22:40:ed:
57:c3:f0:77:2f:16:44:99:4e:f8:7f:8c:03:95:95:c9:6b:5f:
b5:12:a7:d9:d1:14:d9:99:e8:45:4e:e4:37:ee:6b:c6:b8:bc:
a5:6c:94:50:ae:c5:ad:1f:a2:82:c9:b0:1f:a9:17:b6:1a:6d:
6c:85:d4:0e:f4:e7:3b:75:1a:45:ec:06:9b:98:26:64:0d:e1:
10:75:4f:11:b0:f7:c5:52:30:7c:ba:90:c7:05:a9:2c:7c:b0:
e5:59:bf:09
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ2deFGOpFmGKuoGRLTjvR6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjYwNDE3MjIwMzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQ5ZTM2YTU1ODY0MGQwYmQyNTM4MGQ3YTI4ODY2YTU0ZmE0NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2MxQ9U/3ASdwoVGRp3wC36yZoQs
TFATiTVHwtX/hQU6XrE8W3UlR8X1zc/qUBzdcPBgmmJYKz3T3kKbGgWYXk2wX1Js
VNkxeTZjxP2xs6alDwKxSajSgd/z9o/Ii2NbZxmXpavZs28Y93abZ6nSgpgZTcAj
V9kcf40g1mOIioWxW78fyQk+Jb2R1Wvaz1qXSXC1i+3Jxg/03sswk60gW8aXvQBm
dMbFmmXxKgjKki/CgcQPjPBW7A/+32dJzQe61FzQ8O8FkDTrito3ucOt7JAbz27r
GYTeW61iCp9s25r0nBO2QpKHBZ9ZGqOiZEG6h5edMKuBx7+J5qd/85CTrQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLxJ42pVhkDQvSU4DXoohmpU+kecMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvdkVuamFsV0dRTkM5SlRnTmVpaUdhbFQ2UjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvMBIDBwQqFMOA
AFADBwUqFMOAAIADBwQqFMOAATADBwQqFMOADHADBwQqFMOADVAwDQYJKoZIhvcN
AQELBQADggEBAA+Vx6n1/gs9WHbV3FPr0UG1pXBCBxdOghpCCPjjy08kKB9JlOmd
StH11jsOeLHr+EHagN4G9Bg6sAN8EamvGarYgGOuKZqlGkGzNmgFx1oFidi8NOtR
jO0O/ycst7ApOzWzRvwHIB2X7sG3WjSrevHB0DRkW4CF32blaoGz/MIcw7bORq8p
LSIRLOw80MU+4mB13OtfdUd/H+i0RYRDYCJA7VfD8HcvFkSZTvh/jAOVlclrX7US
p9nRFNmZ6EVO5Dfua8a4vKVslFCuxa0fooLJsB+pF7YabWyF1A705zt1GkXsBpuY
JmQN4RB1TxGw98VSMHy6kMcFqSx8sOVZvwk=
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:27:13 2026 by rpki-client