Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UnAr0n2DRkiWvqAhlSoyBe9ZUbg.roa
File: UnAr0n2DRkiWvqAhlSoyBe9ZUbg.roa (raw, json)
Hash identifier: HWHw3mfXpyCVFDuJqGCuIpGYEIXEPcm/munIQVlu+yc=
Subject key identifier: 52:70:2B:D2:7D:83:46:48:96:BE:A0:21:95:2A:32:05:EF:59:51:B8
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 0197F3B13DA770EB30546E40C80F8A5B4765
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UnAr0n2DRkiWvqAhlSoyBe9ZUbg.roa
Signing time: Thu 10 Jul 2025 09:36:08 +0000
ROA not before: Thu 10 Jul 2025 09:36:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58325
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.172.0/22 maxlen: 22
212.100.180.0/22 maxlen: 22
212.100.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:b1:3d:a7:70:eb:30:54:6e:40:c8:0f:8a:5b:47:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Jul 10 09:36:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52702bd27d83464896bea021952a3205ef5951b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3b:06:f9:1a:f4:63:ad:85:c0:3a:47:15:40:
f5:45:43:9f:92:43:81:60:44:0d:8b:6b:8f:ef:90:
3b:54:d7:d6:cd:4a:56:b0:08:c4:c7:db:04:11:2d:
ed:61:7d:88:09:79:d0:df:9c:e7:83:26:33:ce:d9:
8a:fe:7d:b0:7c:a5:59:9e:b4:46:28:7a:7d:e4:72:
10:4c:78:92:51:97:e9:fb:d1:bc:66:c2:fa:aa:2e:
91:6a:dc:0c:04:03:4c:f2:e6:b4:d1:ab:04:56:6e:
12:60:a6:8d:e3:6b:08:e0:99:58:db:ea:bc:6a:6a:
f1:ce:2b:4f:c7:f6:ac:bf:96:90:58:f2:3f:95:63:
91:e8:0d:b0:fa:e6:b5:05:d7:69:d1:1f:1c:fe:d0:
55:7b:96:80:5a:d5:e9:ea:a2:56:aa:32:6e:2e:67:
96:3b:d4:e8:f1:1a:ee:a9:1a:44:62:c2:00:6d:95:
e7:cd:9b:4d:7f:b9:9e:d8:1d:c3:bf:42:0a:4a:59:
ca:af:52:2f:e8:b7:04:d9:ef:7b:8b:47:db:03:30:
ce:d1:a4:83:da:d0:c9:7d:53:f0:76:f6:50:23:0f:
6d:2c:fc:43:f8:88:50:ce:50:d8:84:d6:73:42:a4:
43:7b:1e:07:5a:ad:fb:51:49:79:35:99:a4:8c:69:
f7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:70:2B:D2:7D:83:46:48:96:BE:A0:21:95:2A:32:05:EF:59:51:B8
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UnAr0n2DRkiWvqAhlSoyBe9ZUbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.172.0/22
212.100.180.0-212.100.187.255
Signature Algorithm: sha256WithRSAEncryption
99:c5:1c:80:72:d4:d4:a0:24:bf:6c:b0:e6:46:74:08:bd:be:
26:ab:9f:36:d8:be:6d:12:a5:da:82:c1:1d:c8:7b:24:21:3d:
8b:59:28:65:e3:82:0a:35:8f:fa:c1:2d:03:d0:b4:5f:8f:dc:
71:ed:8f:0a:41:91:87:08:18:74:8f:df:46:7e:50:99:e5:6f:
dd:56:db:10:e6:46:68:8c:c6:f2:bc:da:40:a3:62:51:2e:3c:
1e:a1:4e:40:a7:ff:20:62:b4:ac:d0:57:aa:be:88:9f:55:75:
30:fd:69:ee:94:41:a9:bb:07:30:87:a6:87:0d:ac:c9:2d:52:
cc:62:39:18:c7:96:f5:b6:23:11:1a:c6:8c:1d:22:63:76:7d:
37:10:79:41:54:2b:2c:fa:8e:4e:ea:86:7d:0a:50:e4:b9:a8:
60:a0:68:1c:1f:6c:3b:32:2d:02:3c:ad:c2:74:8f:e7:0a:36:
71:64:30:14:a6:1a:90:59:6a:4b:06:7a:46:87:e1:e7:0f:90:
3b:00:86:73:b6:f0:59:09:2f:57:3f:93:5a:f2:c8:5f:c1:0a:
fe:68:10:1e:73:d0:9c:24:c5:3d:a2:e1:ca:0a:39:62:6d:96:
a3:d7:62:59:2f:3d:f9:50:0b:3f:09:ba:77:cd:e0:dd:62:fe:
78:3d:78:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZfzsT2ncOswVG5AyA+KW0dlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjUwNzEwMDkzNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcwMmJkMjdkODM0NjQ4OTZiZWEwMjE5NTJhMzIwNWVmNTk1MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDsG+Rr0Y62FwDpHFUD1RUOfkkOB
YEQNi2uP75A7VNfWzUpWsAjEx9sEES3tYX2ICXnQ35zngyYzztmK/n2wfKVZnrRG
KHp95HIQTHiSUZfp+9G8ZsL6qi6RatwMBANM8ua00asEVm4SYKaN42sI4JlY2+q8
amrxzitPx/asv5aQWPI/lWOR6A2w+ua1Bddp0R8c/tBVe5aAWtXp6qJWqjJuLmeW
O9To8RruqRpEYsIAbZXnzZtNf7me2B3Dv0IKSlnKr1Iv6LcE2e97i0fbAzDO0aSD
2tDJfVPwdvZQIw9tLPxD+IhQzlDYhNZzQqRDex4HWq37UUl5NZmkjGn3SwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFJwK9J9g0ZIlr6gIZUqMgXvWVG4MB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvVW5BcjBuMkRSa2lXdnFBaGxTb3lCZTlaVWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQC1GSkAwQC
1GSsMAwDBALUZLQDBALUZLgwDQYJKoZIhvcNAQELBQADggEBAJnFHIBy1NSgJL9s
sOZGdAi9viarnzbYvm0SpdqCwR3IeyQhPYtZKGXjggo1j/rBLQPQtF+P3HHtjwpB
kYcIGHSP30Z+UJnlb91W2xDmRmiMxvK82kCjYlEuPB6hTkCn/yBitKzQV6q+iJ9V
dTD9ae6UQam7BzCHpocNrMktUsxiORjHlvW2IxEaxowdImN2fTcQeUFUKyz6jk7q
hn0KUOS5qGCgaBwfbDsyLQI8rcJ0j+cKNnFkMBSmGpBZaksGekaH4ecPkDsAhnO2
8FkJL1c/k1ryyF/BCv5oEB5z0JwkxT2i4coKOWJtlqPXYlkvPflQCz8JunfN4N1i
/ng9eBA=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:28:41 2025 by rpki-client