Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/1fT9QhThDUmWjiSTulyVm7iSanI.roa
File: 1fT9QhThDUmWjiSTulyVm7iSanI.roa (raw, json)
Hash identifier: ZFHnMjm10eAMrJdEqUvNbnD/2gQCuULv/d28A9/O3dw=
Subject key identifier: D5:F4:FD:42:14:E1:0D:49:96:8E:24:93:BA:5C:95:9B:B8:92:6A:72
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 0198EF6EFA820993C7AC2121E0C077675AB6
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/1fT9QhThDUmWjiSTulyVm7iSanI.roa
Signing time: Thu 28 Aug 2025 06:48:04 +0000
ROA not before: Thu 28 Aug 2025 06:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58325
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ef:6e:fa:82:09:93:c7:ac:21:21:e0:c0:77:67:5a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Aug 28 06:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5f4fd4214e10d49968e2493ba5c959bb8926a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:f6:78:d7:c8:ec:02:6a:61:7a:81:b1:28:
af:c9:45:c2:2e:0d:fc:22:aa:02:85:14:34:aa:8c:
4a:d0:de:ce:04:54:de:62:ab:42:56:c2:c1:91:7e:
04:5d:fb:41:0e:48:f9:3e:3a:fa:a0:1d:f2:18:92:
c3:f5:81:f8:67:fb:12:0e:15:d4:c4:87:7f:db:81:
15:41:89:7b:9e:c9:20:b8:d7:0b:e5:0e:cf:80:f2:
fe:6a:17:2e:ce:fc:20:31:d5:4d:83:6d:6e:91:05:
b2:1e:2d:96:ef:ed:44:a3:ef:1f:d3:94:62:84:fb:
de:f4:3e:9d:8c:fa:26:8a:90:00:f7:54:25:13:aa:
c6:e6:17:13:23:7c:a1:3d:f7:85:b5:f4:2e:48:ef:
cb:f1:38:31:9d:8b:4f:e8:fe:09:6b:a4:57:4f:d9:
3d:70:c5:ee:35:81:c9:f2:b3:be:95:f9:93:ce:26:
3c:93:8a:b0:23:84:2d:70:d5:bd:72:0f:95:a4:fe:
e6:4b:82:82:63:de:2c:f4:5a:65:39:7b:74:7d:cd:
57:f6:69:95:b4:0d:ab:37:9e:54:21:74:00:46:ab:
18:f3:ee:e2:9e:d4:9f:d6:c9:89:bd:e1:93:f7:8a:
d5:18:4a:92:be:07:6e:5a:ba:6c:23:34:ff:04:33:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F4:FD:42:14:E1:0D:49:96:8E:24:93:BA:5C:95:9B:B8:92:6A:72
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/1fT9QhThDUmWjiSTulyVm7iSanI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.180.0/22
Signature Algorithm: sha256WithRSAEncryption
93:06:15:10:23:46:50:44:9c:37:5c:79:9c:0a:35:6e:2d:24:
11:03:e2:56:28:41:e5:39:a7:3b:94:56:85:dc:82:7b:73:f0:
c4:ac:d5:f6:f0:f2:f6:45:80:df:3f:8a:03:12:25:7e:6e:1b:
d3:62:ea:d9:d0:53:eb:f4:9b:9b:5f:c4:db:66:26:74:59:b7:
40:60:4a:16:f5:cb:80:5e:01:c9:cc:95:9e:42:ce:96:a0:64:
ba:dd:19:b7:67:8a:0f:f6:cc:69:37:c2:50:66:69:22:ac:64:
e8:26:b1:4c:74:fd:7d:a4:c9:90:f6:fe:d4:4a:18:44:b9:d1:
f5:a0:12:a9:27:57:6e:b6:7f:8a:98:5a:7b:9a:32:a6:13:8a:
a7:96:1d:37:e2:24:ea:60:46:84:af:ee:11:67:28:e0:a7:4e:
f3:56:7d:13:74:40:bd:d6:54:f4:fd:2c:75:05:d6:8b:bf:c0:
8b:47:d2:0a:33:dd:60:a1:8e:d0:86:40:07:b5:f6:76:e8:00:
98:52:57:a1:0f:9f:9c:39:a1:b9:90:0e:f7:c1:0a:b8:71:02:
80:ef:ab:d8:ea:68:a0:0d:7b:5b:4c:13:4e:26:d8:ad:3a:32:
e2:ed:ed:5f:4f:ed:07:f6:c0:8c:07:ee:aa:43:7c:a3:23:57:
e7:f1:a9:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjvbvqCCZPHrCEh4MB3Z1q2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjUwODI4MDY0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWY0ZmQ0MjE0ZTEwZDQ5OTY4ZTI0OTNiYTVjOTU5YmI4OTI2YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsML2eNfI7AJqYXqBsSivyUXCLg38
IqoChRQ0qoxK0N7OBFTeYqtCVsLBkX4EXftBDkj5Pjr6oB3yGJLD9YH4Z/sSDhXU
xId/24EVQYl7nskguNcL5Q7PgPL+ahcuzvwgMdVNg21ukQWyHi2W7+1Eo+8f05Ri
hPve9D6djPomipAA91QlE6rG5hcTI3yhPfeFtfQuSO/L8TgxnYtP6P4Ja6RXT9k9
cMXuNYHJ8rO+lfmTziY8k4qwI4QtcNW9cg+VpP7mS4KCY94s9FplOXt0fc1X9mmV
tA2rN55UIXQARqsY8+7intSf1smJveGT94rVGEqSvgduWrpsIzT/BDPoRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNX0/UIU4Q1Jlo4kk7pclZu4kmpyMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvMWZUOVFoVGhEVW1XamlTVHVseVZtN2lTYW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1GSkAwQC
1GS0MA0GCSqGSIb3DQEBCwUAA4IBAQCTBhUQI0ZQRJw3XHmcCjVuLSQRA+JWKEHl
Oac7lFaF3IJ7c/DErNX28PL2RYDfP4oDEiV+bhvTYurZ0FPr9JubX8TbZiZ0WbdA
YEoW9cuAXgHJzJWeQs6WoGS63Rm3Z4oP9sxpN8JQZmkirGToJrFMdP19pMmQ9v7U
ShhEudH1oBKpJ1dutn+KmFp7mjKmE4qnlh034iTqYEaEr+4RZyjgp07zVn0TdEC9
1lT0/Sx1BdaLv8CLR9IKM91goY7QhkAHtfZ26ACYUlehD5+cOaG5kA73wQq4cQKA
76vY6migDXtbTBNOJtitOjLi7e1fT+0H9sCMB+6qQ3yjI1fn8amC
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:06:33 2025 by rpki-client