Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/mxBAiO-XJpUQBra3wpbZb1wvicY.roa
File: mxBAiO-XJpUQBra3wpbZb1wvicY.roa (raw, json)
Hash identifier: BWE/4+4vmWthE1MhbIWinnhck8xZfwZlhc1WPnpo4vw=
Subject key identifier: 9B:10:40:88:EF:97:26:95:10:06:B6:B7:C2:96:D9:6F:5C:2F:89:C6
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019E1BC726473CCE976CCC845E8FEC1CE5E8
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/mxBAiO-XJpUQBra3wpbZb1wvicY.roa
Signing time: Tue 12 May 2026 10:41:36 +0000
ROA not before: Tue 12 May 2026 10:41:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208191
IP address blocks: 2a14:c380:170::/44 maxlen: 44
2a14:c380:180::/44 maxlen: 44
2a14:c380:190::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:c7:26:47:3c:ce:97:6c:cc:84:5e:8f:ec:1c:e5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: May 12 10:41:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b104088ef9726951006b6b7c296d96f5c2f89c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2a:6e:aa:d6:e9:11:9e:8b:1d:63:dc:63:3c:
0b:c2:1b:f7:c8:21:0d:33:c5:e0:08:c1:37:00:f4:
20:b8:9c:b2:5e:e9:cf:aa:96:65:86:1a:19:2e:c4:
2b:d2:d8:5e:d0:a3:70:dd:b5:65:15:9a:3d:b6:98:
47:12:ea:9c:b3:ca:a0:52:03:a2:46:03:15:5d:59:
70:a5:37:3c:17:46:db:80:66:38:24:20:7f:8d:dd:
30:cf:e9:2c:61:fe:52:99:8d:48:ce:45:fd:43:8b:
b7:8a:3c:d4:39:38:17:d5:f3:67:ed:8d:fa:b2:14:
e9:6f:df:b8:60:f9:9d:55:a1:df:3b:8a:31:23:7e:
be:30:23:02:f2:5e:d9:9e:40:41:01:5c:c5:66:43:
a8:df:e7:b5:52:1f:8f:18:a7:d7:11:e4:fe:fb:bd:
c1:0d:2d:da:67:36:38:36:1f:d9:11:a8:bb:32:45:
44:10:1c:44:62:d0:8e:e7:64:94:96:6d:58:35:79:
90:62:f7:75:84:67:c1:7f:94:1a:0d:4c:ca:27:fc:
9f:9b:5d:8e:26:ab:ac:90:a7:df:f2:c6:0d:1d:a0:
7f:7e:f7:37:f1:f8:81:91:47:32:52:30:b5:b2:10:
ca:5d:49:e1:c0:7e:3e:4f:6c:29:84:1d:47:a2:89:
31:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:10:40:88:EF:97:26:95:10:06:B6:B7:C2:96:D9:6F:5C:2F:89:C6
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/mxBAiO-XJpUQBra3wpbZb1wvicY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:170::-2a14:c380:19f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:54:7b:0e:5f:43:6f:96:81:c5:b6:7f:ad:41:20:60:ac:18:
73:10:ce:cc:f7:17:f8:36:bb:39:b3:d5:cd:69:d5:72:ac:d9:
c7:c6:8c:55:fc:5e:c8:e9:a9:9d:0d:0e:c8:0a:84:13:e9:64:
89:99:e4:4e:80:24:28:f9:5b:ee:ac:e7:25:70:b7:17:45:ac:
d7:d9:a0:18:dd:2e:42:c8:66:0d:c1:e4:70:38:9b:ba:03:12:
ee:07:a8:74:3a:41:9f:78:a7:38:3a:7f:7c:ff:b1:31:11:d1:
e5:1b:b9:80:b3:d9:8d:3d:da:0c:c6:21:27:15:ad:29:ca:14:
5f:e0:ae:26:3f:6e:fa:af:44:32:b6:9b:71:89:96:01:c1:ef:
96:15:8d:55:4c:77:3c:73:74:cd:35:47:a7:ab:3d:f2:43:d1:
df:85:0a:35:4b:de:fd:30:8f:cd:80:e6:c1:6d:0a:5e:d8:13:
88:ad:f8:44:77:c9:09:c4:e4:1a:16:70:38:a9:20:e8:51:61:
20:ef:15:86:a7:29:23:08:38:11:36:6a:a4:11:ae:8f:0c:86:
3b:07:b7:9f:9c:5a:74:12:d4:65:f5:45:66:95:9c:ab:a0:40:
8e:d0:09:2f:32:ce:80:13:4d:8f:e7:9b:29:a5:78:e1:0f:4c:
1c:78:4d:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ4bxyZHPM6XbMyEXo/sHOXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjYwNTEyMTA0MTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjEwNDA4OGVmOTcyNjk1MTAwNmI2YjdjMjk2ZDk2ZjVjMmY4OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SpuqtbpEZ6LHWPcYzwLwhv3yCEN
M8XgCME3APQguJyyXunPqpZlhhoZLsQr0the0KNw3bVlFZo9tphHEuqcs8qgUgOi
RgMVXVlwpTc8F0bbgGY4JCB/jd0wz+ksYf5SmY1IzkX9Q4u3ijzUOTgX1fNn7Y36
shTpb9+4YPmdVaHfO4oxI36+MCMC8l7ZnkBBAVzFZkOo3+e1Uh+PGKfXEeT++73B
DS3aZzY4Nh/ZEai7MkVEEBxEYtCO52SUlm1YNXmQYvd1hGfBf5QaDUzKJ/yfm12O
JquskKff8sYNHaB/fvc38fiBkUcyUjC1shDKXUnhwH4+T2wphB1HookxnwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJsQQIjvlyaVEAa2t8KW2W9cL4nGMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvbXhCQWlPLVhKcFVRQnJhM3dwYlpiMXd2aWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqFMOA
AXADBwUqFMOAAYAwDQYJKoZIhvcNAQELBQADggEBAIdUew5fQ2+WgcW2f61BIGCs
GHMQzsz3F/g2uzmz1c1p1XKs2cfGjFX8XsjpqZ0NDsgKhBPpZImZ5E6AJCj5W+6s
5yVwtxdFrNfZoBjdLkLIZg3B5HA4m7oDEu4HqHQ6QZ94pzg6f3z/sTER0eUbuYCz
2Y092gzGIScVrSnKFF/griY/bvqvRDK2m3GJlgHB75YVjVVMdzxzdM01R6erPfJD
0d+FCjVL3v0wj82A5sFtCl7YE4it+ER3yQnE5BoWcDipIOhRYSDvFYanKSMIOBE2
aqQRro8MhjsHt5+cWnQS1GX1RWaVnKugQI7QCS8yzoATTY/nmymleOEPTBx4TbI=
-----END CERTIFICATE-----
Generated at Tue May 12 22:13:55 2026 by rpki-client