Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/j04AzGHtQN9y3V-mmp0UkbVVrr0.roa
File: j04AzGHtQN9y3V-mmp0UkbVVrr0.roa (raw, json)
Hash identifier: BrXZA3rEKGpF6BxdjkRuek0SDdjl0Okk2gMlss5MAsw=
Subject key identifier: 8F:4E:00:CC:61:ED:40:DF:72:DD:5F:A6:9A:9D:14:91:B5:55:AE:BD
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 019D767F2F2EDB2CE402B205627B3E8D5A21
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/j04AzGHtQN9y3V-mmp0UkbVVrr0.roa
Signing time: Fri 10 Apr 2026 08:25:39 +0000
ROA not before: Fri 10 Apr 2026 08:25:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206586
IP address blocks: 2a14:ae00:10::/44 maxlen: 48
2a14:ae00:10::/48 maxlen: 48
2a14:ae00:11::/48 maxlen: 48
2a14:ae00:12::/48 maxlen: 48
2a14:ae00:13::/48 maxlen: 48
2a14:ae00:14::/48 maxlen: 48
2a14:ae00:15::/48 maxlen: 48
2a14:ae00:16::/48 maxlen: 48
2a14:ae00:17::/48 maxlen: 48
2a14:ae00:18::/48 maxlen: 48
2a14:ae00:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 17:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:7f:2f:2e:db:2c:e4:02:b2:05:62:7b:3e:8d:5a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: Apr 10 08:25:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f4e00cc61ed40df72dd5fa69a9d1491b555aebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:38:b9:0b:4c:46:06:8e:b2:ab:bd:00:49:21:
2a:9f:d4:f0:b1:52:1f:b8:c6:9c:f5:23:e6:f5:2d:
3c:de:a8:98:b3:29:42:1b:af:44:ca:0a:6f:ee:30:
80:7e:fb:a8:eb:9c:75:13:64:56:d8:09:da:f6:e1:
2e:c9:07:60:18:b0:88:c1:ba:42:f3:b0:96:7a:92:
5d:a2:ab:3e:f9:bd:e5:e2:c6:64:d2:8c:41:98:61:
1f:0f:57:d6:45:34:bc:7d:1e:54:1d:66:80:c5:9e:
8f:b9:8a:b2:8d:33:ad:ed:2c:08:d2:5b:08:0a:3b:
65:90:1f:c1:09:06:db:d9:52:79:93:2a:43:5f:49:
39:b4:0e:8b:82:2f:15:1e:97:c0:05:a7:52:b8:36:
a4:de:f7:9f:37:3e:51:ea:70:8a:20:59:a7:29:04:
a4:a4:9a:e4:e5:22:b7:60:0b:5f:45:59:1b:90:48:
6c:12:c8:32:51:ed:31:24:3b:41:55:a1:fb:ca:30:
12:6a:83:24:33:31:56:37:eb:20:d7:24:03:a7:71:
a5:dd:f0:38:31:7b:0e:1e:59:ae:56:23:95:c1:46:
94:4f:eb:91:12:63:13:a2:dc:0f:c7:79:8c:7f:3b:
88:eb:0f:d9:27:d9:1f:14:9c:05:33:8a:56:1a:fd:
f3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4E:00:CC:61:ED:40:DF:72:DD:5F:A6:9A:9D:14:91:B5:55:AE:BD
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/j04AzGHtQN9y3V-mmp0UkbVVrr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ae00:10::/44
Signature Algorithm: sha256WithRSAEncryption
1e:df:dc:ea:36:b6:7d:66:90:b2:26:5f:0d:7f:77:cd:ca:88:
ea:89:1a:16:e1:d2:a9:73:30:0f:0a:6f:40:a9:ee:c4:a8:b0:
7d:e0:02:30:fd:50:91:74:b0:df:4c:ec:1d:6f:b2:b2:85:3b:
9b:07:da:d3:a9:b7:c5:05:30:88:01:ad:47:b1:e3:c5:9c:bb:
6d:f8:01:46:8e:bb:64:c1:a7:3d:f3:90:a4:45:7a:5b:f8:43:
2a:87:62:44:82:61:b3:1a:ab:c5:e6:6a:d0:27:b6:15:3e:6c:
03:17:b2:cd:65:2e:e1:73:b8:eb:a1:b3:54:65:ff:7d:db:87:
f0:60:8a:8f:c8:00:52:98:95:f4:c2:c5:27:67:e7:66:9b:05:
2e:22:f5:80:b0:4f:ad:7c:a8:c8:e4:47:74:b3:ae:de:c5:77:
70:00:55:31:8f:da:35:a9:d5:0f:0b:72:d9:ce:ad:be:db:6c:
ed:a9:67:c5:55:b2:6d:b7:01:ae:d1:75:fd:f8:a9:10:05:0c:
06:d0:e6:fb:7e:b8:4e:cd:e7:d5:53:0a:0d:ff:30:e6:96:28:
9e:8e:44:10:62:40:d5:dd:c3:89:72:cb:03:77:dd:70:36:59:
90:84:85:21:6e:48:9f:0c:08:8c:e9:c7:d6:67:c3:bc:9a:5d:
9c:61:54:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ12fy8u2yzkArIFYns+jVohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjYwNDEwMDgyNTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjRlMDBjYzYxZWQ0MGRmNzJkZDVmYTY5YTlkMTQ5MWI1NTVhZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyji5C0xGBo6yq70ASSEqn9TwsVIf
uMac9SPm9S083qiYsylCG69Eygpv7jCAfvuo65x1E2RW2Ana9uEuyQdgGLCIwbpC
87CWepJdoqs++b3l4sZk0oxBmGEfD1fWRTS8fR5UHWaAxZ6PuYqyjTOt7SwI0lsI
CjtlkB/BCQbb2VJ5kypDX0k5tA6Lgi8VHpfABadSuDak3vefNz5R6nCKIFmnKQSk
pJrk5SK3YAtfRVkbkEhsEsgyUe0xJDtBVaH7yjASaoMkMzFWN+sg1yQDp3Gl3fA4
MXsOHlmuViOVwUaUT+uREmMTotwPx3mMfzuI6w/ZJ9kfFJwFM4pWGv3zYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI9OAMxh7UDfct1fppqdFJG1Va69MB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvajA0QXpHSHRRTjl5M1YtbW1wMFVrYlZWcnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhSuAAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAe39zqNrZ9ZpCyJl8Nf3fNyojqiRoW4dKpczAP
Cm9Aqe7EqLB94AIw/VCRdLDfTOwdb7KyhTubB9rTqbfFBTCIAa1HsePFnLtt+AFG
jrtkwac985CkRXpb+EMqh2JEgmGzGqvF5mrQJ7YVPmwDF7LNZS7hc7jrobNUZf99
24fwYIqPyABSmJX0wsUnZ+dmmwUuIvWAsE+tfKjI5Ed0s67exXdwAFUxj9o1qdUP
C3LZzq2+22ztqWfFVbJttwGu0XX9+KkQBQwG0Ob7frhOzefVUwoN/zDmliiejkQQ
YkDV3cOJcssDd91wNlmQhIUhbkifDAiM6cfWZ8O8ml2cYVTm
-----END CERTIFICATE-----
Generated at Sat Apr 18 04:12:54 2026 by rpki-client