Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/xsoOtR4qtPTtX8C91Nlp67l6Qyg.roa
File: xsoOtR4qtPTtX8C91Nlp67l6Qyg.roa (raw, json)
Hash identifier: ReKqNx8PmYt+3egH7hMuLvBfI0amMp4F3dR1FNpXfL0=
Subject key identifier: C6:CA:0E:B5:1E:2A:B4:F4:ED:5F:C0:BD:D4:D9:69:EB:B9:7A:43:28
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019E8710DE15FE615F1765CCAF87F2F5BBEF
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/xsoOtR4qtPTtX8C91Nlp67l6Qyg.roa
Signing time: Tue 02 Jun 2026 06:41:30 +0000
ROA not before: Tue 02 Jun 2026 06:41:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.167.0/24 maxlen: 24
212.100.170.0/24 maxlen: 24
212.100.172.0/22 maxlen: 22
212.100.176.0/22 maxlen: 24
212.100.176.0/24 maxlen: 24
212.100.178.0/24 maxlen: 24
212.100.179.0/24 maxlen: 24
212.100.184.0/22 maxlen: 22
212.100.189.0/24 maxlen: 24
212.100.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:10:de:15:fe:61:5f:17:65:cc:af:87:f2:f5:bb:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Jun 2 06:41:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c6ca0eb51e2ab4f4ed5fc0bdd4d969ebb97a4328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:b7:d3:89:86:9b:d9:fa:b3:7a:85:7f:42:25:
36:2f:33:43:63:25:ee:27:fb:12:2b:0f:72:fd:4a:
71:ab:ea:d0:99:f4:f7:9f:21:3e:8b:eb:b3:ba:e8:
c2:b9:3c:ff:54:f9:39:22:e4:ed:e0:a4:98:ae:bd:
13:ce:21:09:92:64:57:9b:5d:f7:38:cd:d2:54:2e:
a9:0e:b3:51:b2:69:e4:ab:78:17:6c:85:b5:f3:ef:
49:18:33:95:78:23:42:d7:fc:ee:36:25:33:4d:56:
e6:73:83:5c:6b:7b:e8:c7:5a:78:01:1e:0e:18:c2:
5f:29:3c:74:26:9c:fb:90:e5:30:bb:1e:f6:e9:13:
b1:00:51:ea:68:ba:f9:67:64:de:05:17:cc:7c:2b:
52:7b:78:25:ea:07:1d:b8:76:90:87:a7:7d:40:27:
25:cd:34:10:e0:39:7a:30:c9:12:4d:ed:d2:36:26:
ac:0d:b9:3f:25:71:89:89:e8:fc:f7:16:2b:04:56:
09:0b:76:02:1b:00:28:33:5c:aa:d0:b1:a6:3a:5a:
19:e5:ac:32:13:b7:65:80:bd:4b:61:7d:29:6b:d9:
f8:7f:b2:16:0a:a3:f2:69:d3:b2:c4:87:41:da:97:
b1:d9:90:8f:23:53:5d:3e:d9:9d:83:5c:bd:ef:60:
c7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CA:0E:B5:1E:2A:B4:F4:ED:5F:C0:BD:D4:D9:69:EB:B9:7A:43:28
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/xsoOtR4qtPTtX8C91Nlp67l6Qyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.170.0/24
212.100.172.0-212.100.179.255
212.100.184.0/22
212.100.189.0/24
212.100.191.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:14:35:18:92:2b:2b:69:a5:b2:30:66:30:22:3e:77:c7:58:
d8:3e:c4:d6:af:33:0d:c5:d8:02:da:89:08:70:96:ef:eb:da:
1b:53:31:b2:74:d6:ad:e1:d4:3c:1d:41:13:02:b8:be:60:72:
84:04:d7:ef:79:5e:32:04:f4:c8:2a:94:52:b5:f8:49:15:57:
9e:54:df:5b:41:9c:db:e3:47:64:01:06:d2:6a:0e:a8:86:65:
ef:e0:ee:09:8f:09:5f:91:99:19:6b:f6:34:da:12:b8:2a:28:
ae:8f:44:5f:0b:be:31:93:2b:b6:d1:45:87:f6:f7:8f:34:23:
92:ff:57:41:5b:ae:b5:23:3b:24:a1:2f:34:0d:db:ff:f2:16:
96:fe:e2:81:a1:48:59:5e:d9:11:f1:92:af:43:22:1a:6c:15:
ce:fc:20:03:a1:e6:a4:db:16:e7:4a:e0:81:f6:87:27:3d:7a:
fa:58:48:c3:c0:c3:b7:26:ee:02:5c:80:61:61:12:2f:af:c3:
d9:a4:6d:e6:50:78:81:27:36:72:4b:ef:58:03:76:ec:2c:11:
f1:25:be:74:d3:a2:20:f7:34:cd:71:aa:68:50:88:4d:54:da:
64:a1:0d:e7:74:52:13:ba:03:4f:61:bb:a4:43:c9:75:1b:a8:
62:48:77:e5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ6HEN4V/mFfF2XMr4fy9bvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwNjAyMDY0MTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmNhMGViNTFlMmFiNGY0ZWQ1ZmMwYmRkNGQ5NjllYmI5N2E0MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9LfTiYab2fqzeoV/QiU2LzNDYyXu
J/sSKw9y/Upxq+rQmfT3nyE+i+uzuujCuTz/VPk5IuTt4KSYrr0TziEJkmRXm133
OM3SVC6pDrNRsmnkq3gXbIW18+9JGDOVeCNC1/zuNiUzTVbmc4Nca3vox1p4AR4O
GMJfKTx0Jpz7kOUwux726ROxAFHqaLr5Z2TeBRfMfCtSe3gl6gcduHaQh6d9QCcl
zTQQ4Dl6MMkSTe3SNiasDbk/JXGJiej89xYrBFYJC3YCGwAoM1yq0LGmOloZ5awy
E7dlgL1LYX0pa9n4f7IWCqPyadOyxIdB2pex2ZCPI1NdPtmdg1y972DH/QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMbKDrUeKrT07V/AvdTZaeu5ekMoMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEveHNvT3RSNHF0UFR0WDhDOTFObHA2N2w2UXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQC1GSkAwQA
1GSqMAwDBALUZKwDBALUZLADBALUZLgDBADUZL0DBADUZL8wDQYJKoZIhvcNAQEL
BQADggEBAB0UNRiSKytppbIwZjAiPnfHWNg+xNavMw3F2ALaiQhwlu/r2htTMbJ0
1q3h1DwdQRMCuL5gcoQE1+95XjIE9MgqlFK1+EkVV55U31tBnNvjR2QBBtJqDqiG
Ze/g7gmPCV+RmRlr9jTaErgqKK6PRF8LvjGTK7bRRYf29480I5L/V0FbrrUjOySh
LzQN2//yFpb+4oGhSFle2RHxkq9DIhpsFc78IAOh5qTbFudK4IH2hyc9evpYSMPA
w7cm7gJcgGFhEi+vw9mkbeZQeIEnNnJL71gDduwsEfElvnTToiD3NM1xqmhQiE1U
2mShDed0UhO6A09hu6RDyXUbqGJId+U=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:20:14 2026 by rpki-client