Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/nLuwJQU27Yr-kdTIqsFSD3XO_rE.roa
File: nLuwJQU27Yr-kdTIqsFSD3XO_rE.roa (raw, json)
Hash identifier: 0C04AIp8z51hag5n2Qz0Ul4WQKV/AbmdFkMKKDTQw+0=
Subject key identifier: 9C:BB:B0:25:05:36:ED:8A:FE:91:D4:C8:AA:C1:52:0F:75:CE:FE:B1
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019D956B7378270CC258FED12D565522D9EB
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/nLuwJQU27Yr-kdTIqsFSD3XO_rE.roa
Signing time: Thu 16 Apr 2026 08:32:20 +0000
ROA not before: Thu 16 Apr 2026 08:32:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.167.0/24 maxlen: 24
212.100.172.0/22 maxlen: 22
212.100.175.0/24 maxlen: 24
212.100.176.0/22 maxlen: 24
212.100.184.0/22 maxlen: 22
212.100.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:95:6b:73:78:27:0c:c2:58:fe:d1:2d:56:55:22:d9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Apr 16 08:32:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9cbbb0250536ed8afe91d4c8aac1520f75cefeb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:88:c9:d8:ac:c7:8a:54:b7:f2:8d:7b:b6:cd:
a3:31:d6:6b:74:5b:6a:74:81:f4:3e:ea:7a:89:25:
19:aa:4e:db:88:e7:bc:df:9b:61:3d:e2:e4:8a:f5:
be:06:76:4f:8b:2d:97:4f:61:7e:68:1e:10:5f:4f:
59:fd:b8:9d:f9:f6:64:96:91:25:ff:58:71:03:6d:
28:fb:b3:5f:1e:d2:17:97:24:08:d5:94:9c:1f:57:
46:86:20:6e:bd:5b:9f:5b:1b:de:e4:ac:68:77:6a:
5d:74:be:2c:61:40:fd:95:4f:eb:20:05:72:68:f1:
ef:a1:d6:63:6b:ec:9d:9a:7c:1d:9a:4b:a0:88:ef:
da:dd:40:00:56:d3:87:6c:40:50:a0:2f:4c:0b:7d:
1f:e2:d7:cf:c6:ad:be:45:2f:71:45:99:05:d5:75:
e6:60:8b:8e:03:1e:6f:eb:2e:11:74:73:ba:a7:62:
2c:9c:f9:dd:90:eb:6f:96:0f:0d:d2:ef:0b:f9:b8:
e8:a2:8e:b5:47:b2:6b:77:8c:ca:64:17:c9:22:75:
bf:ca:b3:2d:b9:b4:1d:fe:58:1b:72:8c:ff:8d:97:
01:79:47:4f:b2:e6:82:f4:44:a4:70:76:63:af:a1:
dc:96:2c:59:5a:04:3f:88:7d:4d:88:46:10:99:2e:
3c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BB:B0:25:05:36:ED:8A:FE:91:D4:C8:AA:C1:52:0F:75:CE:FE:B1
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/nLuwJQU27Yr-kdTIqsFSD3XO_rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.172.0-212.100.179.255
212.100.184.0/22
212.100.189.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:46:42:d5:81:98:90:90:95:3e:d2:ca:a1:d3:f2:8f:6d:7e:
00:84:7f:7f:78:31:68:1a:49:9d:9c:5a:05:05:15:95:ec:dc:
ec:d2:31:3f:b4:76:8b:96:44:84:90:5d:1b:16:0a:dc:63:d8:
70:d4:f1:79:74:6b:5f:72:ff:98:e0:62:21:e1:85:10:71:c6:
bd:f8:e9:2f:9e:4a:a0:12:34:21:d7:fe:a8:5a:ac:29:2f:6c:
fd:ca:9d:5b:57:fc:3d:8d:4f:b4:5a:be:cc:82:c4:0b:22:42:
f5:d9:06:60:a3:e8:d3:04:52:7e:81:dd:ae:70:ae:33:74:18:
4f:e7:ab:f0:49:04:8e:79:27:2a:f3:32:77:0a:f6:de:34:b9:
eb:3c:d2:8f:2e:52:e4:df:2d:8a:25:58:de:8f:6f:35:7d:be:
8f:3c:30:b5:f5:9e:74:e6:f0:65:8b:7a:0d:83:60:cb:a1:9e:
f7:97:16:4d:f3:f0:15:7c:6f:05:0d:3d:6b:89:1c:27:c2:1a:
97:d8:34:a0:b5:d7:8b:1d:9b:80:db:bf:81:8b:e7:a0:ee:17:
b9:17:cd:7c:40:a8:f9:19:be:91:ca:50:28:61:45:da:93:aa:
6d:20:6e:ca:c6:6c:3e:32:29:ca:85:dc:3f:6f:95:09:61:0f:
15:3b:d6:ea
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ2Va3N4JwzCWP7RLVZVItnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwNDE2MDgzMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JiYjAyNTA1MzZlZDhhZmU5MWQ0YzhhYWMxNTIwZjc1Y2VmZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYjJ2KzHilS38o17ts2jMdZrdFtq
dIH0Pup6iSUZqk7biOe835thPeLkivW+BnZPiy2XT2F+aB4QX09Z/bid+fZklpEl
/1hxA20o+7NfHtIXlyQI1ZScH1dGhiBuvVufWxve5Kxod2pddL4sYUD9lU/rIAVy
aPHvodZja+ydmnwdmkugiO/a3UAAVtOHbEBQoC9MC30f4tfPxq2+RS9xRZkF1XXm
YIuOAx5v6y4RdHO6p2IsnPndkOtvlg8N0u8L+bjooo61R7Jrd4zKZBfJInW/yrMt
ubQd/lgbcoz/jZcBeUdPsuaC9ESkcHZjr6HclixZWgQ/iH1NiEYQmS48HQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJy7sCUFNu2K/pHUyKrBUg91zv6xMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvbkx1d0pRVTI3WXIta2RUSXFzRlNEM1hPX3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQC1GSkMAwD
BALUZKwDBALUZLADBALUZLgDBADUZL0wDQYJKoZIhvcNAQELBQADggEBAKVGQtWB
mJCQlT7SyqHT8o9tfgCEf394MWgaSZ2cWgUFFZXs3OzSMT+0douWRISQXRsWCtxj
2HDU8Xl0a19y/5jgYiHhhRBxxr346S+eSqASNCHX/qharCkvbP3KnVtX/D2NT7Ra
vsyCxAsiQvXZBmCj6NMEUn6B3a5wrjN0GE/nq/BJBI55JyrzMncK9t40ues80o8u
UuTfLYolWN6PbzV9vo88MLX1nnTm8GWLeg2DYMuhnveXFk3z8BV8bwUNPWuJHCfC
GpfYNKC114sdm4Dbv4GL56DuF7kXzXxAqPkZvpHKUChhRdqTqm0gbsrGbD4yKcqF
3D9vlQlhDxU71uo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:14:01 2026 by rpki-client