Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/kXU2ccBpiB-AfFGu2JUklDVRSuU.roa
File: kXU2ccBpiB-AfFGu2JUklDVRSuU.roa (raw, json)
Hash identifier: tPOUqk+8AOQF97AE8W+IjCW2wpVLVpm6K9AqsX+8A8Q=
Subject key identifier: 91:75:36:71:C0:69:88:1F:80:7C:51:AE:D8:95:24:94:35:51:4A:E5
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019A3985372D1D7339C8AF9158816EF1E0C8
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/kXU2ccBpiB-AfFGu2JUklDVRSuU.roa
Signing time: Fri 31 Oct 2025 09:07:03 +0000
ROA not before: Fri 31 Oct 2025 09:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401476
IP address blocks: 212.100.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:39:85:37:2d:1d:73:39:c8:af:91:58:81:6e:f1:e0:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Oct 31 09:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91753671c069881f807c51aed895249435514ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ad:25:99:87:de:11:15:f5:2d:97:44:85:20:
37:84:83:99:a2:be:56:0e:05:bf:51:f0:a0:53:ba:
28:33:13:a8:98:e5:79:43:12:a5:db:e7:23:3f:0e:
f5:78:9e:2f:96:50:36:3a:75:b7:c4:8a:55:8c:1a:
fd:cb:ed:69:d8:52:6b:99:ce:fe:b4:08:8f:e8:01:
6d:bd:f0:77:97:cc:4b:66:da:4e:96:9d:81:26:f1:
13:ab:6a:9e:ad:04:8d:09:1f:47:cf:f5:de:ec:30:
d2:29:be:f9:fb:a0:61:07:9a:1c:83:c5:6a:0d:ad:
1a:8e:01:f2:63:86:e3:9d:db:68:1c:21:4b:7f:6b:
73:4e:74:6a:b4:2f:6e:22:f8:35:63:0d:d4:0f:54:
04:3f:61:0a:4b:25:ba:8f:ba:87:fe:21:a1:98:4e:
71:27:0b:8d:59:ed:17:c1:ce:48:9a:57:50:e7:0b:
b4:cb:10:2d:65:e4:f9:24:3f:13:8b:79:9e:50:29:
63:d6:a6:60:14:b1:0f:d9:b8:be:fb:de:78:26:96:
7d:15:7b:5a:26:b7:cf:ff:5c:21:76:00:e9:43:e0:
c9:14:0c:ed:e3:97:47:bb:83:b5:20:fe:23:31:34:
d3:19:de:74:a3:c9:34:03:7e:99:a0:46:07:b0:22:
4c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:75:36:71:C0:69:88:1F:80:7C:51:AE:D8:95:24:94:35:51:4A:E5
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/kXU2ccBpiB-AfFGu2JUklDVRSuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/24
Signature Algorithm: sha256WithRSAEncryption
99:08:e8:af:73:72:a7:97:a8:8d:49:6f:b5:ac:89:6d:11:44:
71:5c:e6:d0:a5:26:b7:b7:33:6a:f2:e0:bc:db:d8:2b:66:d3:
39:10:73:11:f2:6d:3d:3d:d4:a1:e1:b2:a1:c3:5a:a4:90:4e:
d1:21:57:fa:3f:91:0c:fa:48:04:cc:da:10:84:84:29:ca:4e:
74:9d:65:ed:51:4f:e9:c8:46:97:b3:00:ae:11:bb:96:df:c7:
5d:0e:05:50:e3:da:d5:d7:24:5d:d2:08:c0:fa:9c:63:b5:f5:
73:6c:0d:22:29:55:3d:37:ad:fd:67:ae:cf:8f:bc:bc:8a:80:
46:c6:70:9b:bd:12:68:ae:42:85:9e:72:76:92:e2:d1:ba:2f:
55:6d:1e:07:65:c2:b9:a7:eb:5b:f7:96:60:4a:81:ec:69:8e:
cc:b3:44:b5:31:b2:00:dd:06:cd:87:aa:50:e7:0d:13:03:2f:
53:eb:2b:0a:90:6f:3d:76:00:a8:75:e0:a2:b8:b4:43:f8:d5:
61:55:67:d7:89:29:aa:eb:87:5c:1a:d7:20:8a:b6:27:8b:48:
90:0d:ff:3e:c5:a7:1b:ff:aa:18:bf:4f:1a:f6:f9:dd:67:98:
bb:c2:2b:91:9e:74:80:7c:cd:11:46:62:fd:d4:90:64:66:fd:
00:79:de:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo5hTctHXM5yK+RWIFu8eDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjUxMDMxMDkwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc1MzY3MWMwNjk4ODFmODA3YzUxYWVkODk1MjQ5NDM1NTE0YWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q0lmYfeERX1LZdEhSA3hIOZor5W
DgW/UfCgU7ooMxOomOV5QxKl2+cjPw71eJ4vllA2OnW3xIpVjBr9y+1p2FJrmc7+
tAiP6AFtvfB3l8xLZtpOlp2BJvETq2qerQSNCR9Hz/Xe7DDSKb75+6BhB5ocg8Vq
Da0ajgHyY4bjndtoHCFLf2tzTnRqtC9uIvg1Yw3UD1QEP2EKSyW6j7qH/iGhmE5x
JwuNWe0Xwc5ImldQ5wu0yxAtZeT5JD8Ti3meUClj1qZgFLEP2bi++954JpZ9FXta
JrfP/1whdgDpQ+DJFAzt45dHu4O1IP4jMTTTGd50o8k0A36ZoEYHsCJMJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJF1NnHAaYgfgHxRrtiVJJQ1UUrlMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEva1hVMmNjQnBpQi1BZkZHdTJKVWtsRFZSU3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GSkMA0G
CSqGSIb3DQEBCwUAA4IBAQCZCOivc3Knl6iNSW+1rIltEURxXObQpSa3tzNq8uC8
29grZtM5EHMR8m09PdSh4bKhw1qkkE7RIVf6P5EM+kgEzNoQhIQpyk50nWXtUU/p
yEaXswCuEbuW38ddDgVQ49rV1yRd0gjA+pxjtfVzbA0iKVU9N639Z67Pj7y8ioBG
xnCbvRJorkKFnnJ2kuLRui9VbR4HZcK5p+tb95ZgSoHsaY7Ms0S1MbIA3QbNh6pQ
5w0TAy9T6ysKkG89dgCodeCiuLRD+NVhVWfXiSmq64dcGtcgirYni0iQDf8+xacb
/6oYv08a9vndZ5i7wiuRnnSAfM0RRmL91JBkZv0Aed4I
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:21:55 2025 by rpki-client