Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/2SZUo5NDnP23lsSEgVPeJV7UqsE.roa
File: 2SZUo5NDnP23lsSEgVPeJV7UqsE.roa (raw, json)
Hash identifier: E1yJYL7XXVYoovPPgRGtYUv/QiuSQb+33DuedSlgCnE=
Subject key identifier: D9:26:54:A3:93:43:9C:FD:B7:96:C4:84:81:53:DE:25:5E:D4:AA:C1
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019EE3D06FA82F2D46FA2BF2D9DA90C31021
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/2SZUo5NDnP23lsSEgVPeJV7UqsE.roa
Signing time: Sat 20 Jun 2026 06:55:48 +0000
ROA not before: Sat 20 Jun 2026 06:55:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.167.0/24 maxlen: 24
212.100.170.0/24 maxlen: 24
212.100.172.0/22 maxlen: 22
212.100.176.0/22 maxlen: 24
212.100.176.0/24 maxlen: 24
212.100.177.0/24 maxlen: 24
212.100.178.0/24 maxlen: 24
212.100.179.0/24 maxlen: 24
212.100.184.0/22 maxlen: 22
212.100.189.0/24 maxlen: 24
212.100.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e3:d0:6f:a8:2f:2d:46:fa:2b:f2:d9:da:90:c3:10:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Jun 20 06:55:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d92654a393439cfdb796c4848153de255ed4aac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ed:1c:73:93:6f:2f:44:b0:87:6e:63:a3:f5:
e3:4c:17:af:57:a9:3b:f0:2e:90:5a:37:6d:75:ed:
e3:ac:27:30:94:d5:e3:cf:75:cc:12:3d:d5:a9:33:
9e:77:03:e6:fc:2e:25:2f:8c:af:44:23:31:83:78:
b1:1e:b5:7c:a1:89:91:5d:dd:7b:fa:7d:46:64:41:
3f:3c:54:0b:94:30:06:7c:ef:e7:c0:a8:1d:1a:24:
89:c6:b5:06:e6:44:6f:f4:02:da:8f:39:79:08:d7:
51:26:da:e3:72:6a:f1:fd:12:5c:59:0f:d9:de:bf:
d8:9a:59:c2:38:c6:2f:3f:eb:e1:0b:e7:b2:c2:b5:
a7:4c:e1:13:40:3d:33:57:e7:79:1d:92:ce:48:b8:
6e:0f:12:c9:ac:9f:e4:a5:31:c4:dd:7b:85:17:dd:
4f:d1:94:f4:82:b1:a2:39:68:2a:f2:27:c7:4c:d8:
e3:fb:16:e7:c7:9a:ba:e7:8c:d0:3f:38:51:a7:58:
46:ee:ce:49:f0:27:67:1f:13:fe:80:00:c7:bb:53:
45:36:78:55:19:ba:13:36:ec:70:92:02:df:42:f1:
f6:bb:19:23:0a:0d:ac:20:61:34:f9:90:18:21:30:
21:0b:2b:80:3a:24:7d:b4:87:74:f5:72:f4:92:12:
ad:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:26:54:A3:93:43:9C:FD:B7:96:C4:84:81:53:DE:25:5E:D4:AA:C1
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/2SZUo5NDnP23lsSEgVPeJV7UqsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.170.0/24
212.100.172.0-212.100.179.255
212.100.184.0/22
212.100.189.0/24
212.100.191.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:e6:a6:a9:ad:0a:8e:71:58:a2:23:18:c0:ee:96:bc:67:63:
0b:c9:83:e5:67:d8:a7:02:e6:72:0d:7b:b4:a7:3d:51:a4:a9:
79:bd:dc:10:d2:27:13:cd:ba:ac:02:7d:4e:b7:46:1b:6b:b3:
20:54:8c:83:e9:c5:99:da:d3:fa:29:e1:80:42:a3:6d:77:e8:
6b:25:a5:82:92:af:18:9f:13:4d:b0:25:7e:2c:47:b9:5f:a9:
bb:ae:b7:24:46:5e:f7:cd:45:df:74:ec:e5:3c:99:7f:ea:e2:
79:58:cf:a4:b9:f2:b2:66:1c:a7:09:78:f9:b8:56:29:14:82:
91:66:66:9e:4b:48:ad:df:f4:61:a2:a6:b3:d6:a3:ed:39:b6:
c2:d4:a5:91:50:f3:1a:5c:34:fd:e5:ba:1f:07:83:e6:5c:f2:
51:f6:c6:c8:34:cc:cd:71:b6:39:13:c3:8c:fd:eb:25:62:a3:
e0:92:d1:bc:fe:5f:e8:ae:58:f4:ad:59:53:9d:68:4e:1b:20:
da:29:8a:cb:5b:20:a8:70:ef:60:8e:96:92:5c:d8:38:e5:df:
10:ec:91:b4:e4:1f:81:12:e0:fa:38:ce:93:11:6a:f6:d4:22:
24:f5:64:36:62:61:96:26:72:73:14:09:2e:6d:0f:45:ec:72:
ed:98:02:5f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ7j0G+oLy1G+ivy2dqQwxAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwNjIwMDY1NTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI2NTRhMzkzNDM5Y2ZkYjc5NmM0ODQ4MTUzZGUyNTVlZDRhYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe0cc5NvL0Swh25jo/XjTBevV6k7
8C6QWjdtde3jrCcwlNXjz3XMEj3VqTOedwPm/C4lL4yvRCMxg3ixHrV8oYmRXd17
+n1GZEE/PFQLlDAGfO/nwKgdGiSJxrUG5kRv9ALajzl5CNdRJtrjcmrx/RJcWQ/Z
3r/YmlnCOMYvP+vhC+eywrWnTOETQD0zV+d5HZLOSLhuDxLJrJ/kpTHE3XuFF91P
0ZT0grGiOWgq8ifHTNjj+xbnx5q654zQPzhRp1hG7s5J8CdnHxP+gADHu1NFNnhV
GboTNuxwkgLfQvH2uxkjCg2sIGE0+ZAYITAhCyuAOiR9tId09XL0khKt7QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNkmVKOTQ5z9t5bEhIFT3iVe1KrBMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvMlNaVW81TkRuUDIzbHNTRWdWUGVKVjdVcXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQC1GSkAwQA
1GSqMAwDBALUZKwDBALUZLADBALUZLgDBADUZL0DBADUZL8wDQYJKoZIhvcNAQEL
BQADggEBALLmpqmtCo5xWKIjGMDulrxnYwvJg+Vn2KcC5nINe7SnPVGkqXm93BDS
JxPNuqwCfU63RhtrsyBUjIPpxZna0/op4YBCo2136GslpYKSrxifE02wJX4sR7lf
qbuutyRGXvfNRd907OU8mX/q4nlYz6S58rJmHKcJePm4VikUgpFmZp5LSK3f9GGi
prPWo+05tsLUpZFQ8xpcNP3luh8Hg+Zc8lH2xsg0zM1xtjkTw4z96yVio+CS0bz+
X+iuWPStWVOdaE4bINopistbIKhw72COlpJc2Djl3xDskbTkH4ES4Po4zpMRavbU
IiT1ZDZiYZYmcnMUCS5tD0Xscu2YAl8=
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:05 2026 by rpki-client