Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/6fusYrf-WMnR48YtnKs5ReFVDug.roa
File: 6fusYrf-WMnR48YtnKs5ReFVDug.roa (raw, json)
Hash identifier: 8QLa7SAUplwW/XzwDL7/Itty66dShKQMWT25UKgzj80=
Subject key identifier: E9:FB:AC:62:B7:FE:58:C9:D1:E3:C6:2D:9C:AB:39:45:E1:55:0E:E8
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019F059BFBCD0460B73F60E10439A74CBF5E
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/6fusYrf-WMnR48YtnKs5ReFVDug.roa
Signing time: Fri 26 Jun 2026 20:25:36 +0000
ROA not before: Fri 26 Jun 2026 20:25:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211507
IP address blocks: 85.8.192.0/24 maxlen: 24
2a14:c380:50::/44 maxlen: 44
2a14:c380:70::/44 maxlen: 44
2a14:c380:90::/44 maxlen: 44
2a14:c380:130::/44 maxlen: 44
2a14:c380:c70::/44 maxlen: 44
2a14:c380:d70::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:05:9b:fb:cd:04:60:b7:3f:60:e1:04:39:a7:4c:bf:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Jun 26 20:25:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e9fbac62b7fe58c9d1e3c62d9cab3945e1550ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f9:56:86:bb:49:b0:61:3c:41:ff:b9:84:68:
df:f7:8c:51:e0:84:77:0f:b0:a1:b8:05:e9:c4:6c:
5e:92:ba:33:57:5a:7a:86:d9:f7:ea:13:e8:94:25:
d8:e9:2c:d3:8e:2c:5b:03:7b:ac:d4:e7:de:86:78:
8c:68:54:41:72:cc:56:b8:d9:15:be:00:cc:ca:c6:
2b:77:e4:1d:95:d4:47:23:93:8b:2b:42:90:34:4b:
97:29:e2:ee:52:89:75:19:cc:cd:d3:fc:7b:63:b4:
b2:c5:37:c1:b0:fd:54:61:66:3d:05:2c:c2:aa:81:
59:3c:5b:fd:ef:52:c9:5f:78:19:6c:6f:b0:8f:52:
96:13:5d:19:d9:45:4a:7c:60:3b:ce:29:19:ac:da:
a3:f1:04:d5:3e:3c:ce:be:9b:2d:d3:a7:0c:f7:4a:
e5:eb:24:26:12:15:df:3a:f5:40:4e:4f:33:ac:95:
a0:bc:ad:ed:69:68:58:65:16:a2:7b:83:1d:24:cf:
de:cb:0e:ad:cc:70:1b:32:3d:24:b6:4a:37:43:6a:
e9:11:47:42:dd:34:c2:64:67:96:5d:93:10:37:0c:
68:13:6e:06:06:3e:d7:ed:8b:75:71:2e:46:41:de:
ed:17:47:d8:95:40:0a:06:1a:8e:ac:99:85:9b:63:
06:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:FB:AC:62:B7:FE:58:C9:D1:E3:C6:2D:9C:AB:39:45:E1:55:0E:E8
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/6fusYrf-WMnR48YtnKs5ReFVDug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.192.0/24
IPv6:
2a14:c380:50::/44
2a14:c380:70::/44
2a14:c380:90::/44
2a14:c380:130::/44
2a14:c380:c70::/44
2a14:c380:d70::/44
Signature Algorithm: sha256WithRSAEncryption
70:54:2e:01:33:04:77:6b:4f:db:25:20:2d:91:3f:fc:f9:b6:
a5:cc:0e:e3:e5:76:d0:03:e7:cd:5e:79:e4:a6:bc:3a:dd:17:
6a:68:d3:ae:ef:1d:2f:ac:53:e3:63:28:dc:ab:20:e2:06:56:
a6:c8:0e:31:a3:ac:4c:35:8e:81:d4:bd:ec:13:7f:86:2f:de:
f3:56:00:7d:31:1c:8b:9d:be:ab:93:27:49:94:7a:8d:b9:46:
53:8d:a6:d6:ad:ce:1e:da:12:30:85:e1:28:2c:78:08:b3:e6:
32:1a:9c:9c:7a:97:84:81:17:b5:50:c0:b7:0f:c0:92:4d:cd:
50:36:78:cb:06:7c:db:5f:43:f7:27:5f:da:8c:98:cc:82:59:
8b:38:87:63:ef:a9:e9:fb:78:07:96:86:ff:83:4b:fa:fb:27:
b2:ea:76:c0:71:44:60:aa:05:4f:3a:f8:35:84:c7:f2:f3:e0:
6f:2d:ac:5d:1f:52:24:ba:1e:ba:9f:30:e1:3c:d0:8b:30:ce:
69:e6:d8:80:df:e0:e8:99:c2:0e:fa:9d:f3:30:63:fc:f0:3a:
6e:49:b6:8e:75:df:96:fe:1d:c8:3c:8d:7e:1f:09:5d:22:43:
ab:ce:50:e8:3d:f7:ca:20:c7:3c:70:c7:3e:1c:ba:20:b5:8a:
69:99:30:42
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ8Fm/vNBGC3P2DhBDmnTL9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjYwNjI2MjAyNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWZiYWM2MmI3ZmU1OGM5ZDFlM2M2MmQ5Y2FiMzk0NWUxNTUwZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/lWhrtJsGE8Qf+5hGjf94xR4IR3
D7ChuAXpxGxekrozV1p6htn36hPolCXY6SzTjixbA3us1OfehniMaFRBcsxWuNkV
vgDMysYrd+QdldRHI5OLK0KQNEuXKeLuUol1GczN0/x7Y7SyxTfBsP1UYWY9BSzC
qoFZPFv971LJX3gZbG+wj1KWE10Z2UVKfGA7zikZrNqj8QTVPjzOvpst06cM90rl
6yQmEhXfOvVATk8zrJWgvK3taWhYZRaie4MdJM/eyw6tzHAbMj0ktko3Q2rpEUdC
3TTCZGeWXZMQNwxoE24GBj7X7Yt1cS5GQd7tF0fYlUAKBhqOrJmFm2MG/wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOn7rGK3/ljJ0ePGLZyrOUXhVQ7oMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvNmZ1c1lyZi1XTW5SNDhZdG5LczVSZUZWRHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAMBAIAATAGAwQAVQjAMDwE
AgACMDYDBwQqFMOAAFADBwQqFMOAAHADBwQqFMOAAJADBwQqFMOAATADBwQqFMOA
DHADBwQqFMOADXAwDQYJKoZIhvcNAQELBQADggEBAHBULgEzBHdrT9slIC2RP/z5
tqXMDuPldtAD581eeeSmvDrdF2po067vHS+sU+NjKNyrIOIGVqbIDjGjrEw1joHU
vewTf4Yv3vNWAH0xHIudvquTJ0mUeo25RlONptatzh7aEjCF4SgseAiz5jIanJx6
l4SBF7VQwLcPwJJNzVA2eMsGfNtfQ/cnX9qMmMyCWYs4h2Pvqen7eAeWhv+DS/r7
J7LqdsBxRGCqBU86+DWEx/Lz4G8trF0fUiS6HrqfMOE80Iswzmnm2IDf4OiZwg76
nfMwY/zwOm5Jto5135b+Hcg8jX4fCV0iQ6vOUOg998ogxzxwxz4cuiC1immZMEI=
-----END CERTIFICATE-----
Generated at Sun Jun 28 06:26:40 2026 by rpki-client