Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/N2T5s0W9x_Etb-EZw5ZK7AwaELA.roa
File: N2T5s0W9x_Etb-EZw5ZK7AwaELA.roa (raw, json)
Hash identifier: QzUbf9m59UUCETVz6qFB6nzqvHyhep551sDQPEW/N0o=
Subject key identifier: 37:64:F9:B3:45:BD:C7:F1:2D:6F:E1:19:C3:96:4A:EC:0C:1A:10:B0
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019CF5CBF23E6EF7B07AE54BBD598B719EB9
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/N2T5s0W9x_Etb-EZw5ZK7AwaELA.roa
Signing time: Mon 16 Mar 2026 08:38:29 +0000
ROA not before: Mon 16 Mar 2026 08:38:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.170.0/24 maxlen: 24
212.100.172.0/22 maxlen: 22
212.100.175.0/24 maxlen: 24
212.100.176.0/22 maxlen: 24
212.100.176.0/24 maxlen: 24
212.100.177.0/24 maxlen: 24
212.100.178.0/24 maxlen: 24
212.100.184.0/22 maxlen: 22
212.100.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f5:cb:f2:3e:6e:f7:b0:7a:e5:4b:bd:59:8b:71:9e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Mar 16 08:38:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3764f9b345bdc7f12d6fe119c3964aec0c1a10b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c2:75:46:45:24:1e:4e:a1:a7:ca:ec:9b:a2:
27:a4:ad:df:17:dd:71:f4:f8:68:78:17:27:c4:1e:
54:4e:28:4e:26:6d:41:39:33:bb:f0:e0:51:2f:b7:
23:0d:35:8b:42:f6:ac:d5:f7:ab:4d:83:fd:94:c5:
2a:85:71:51:2f:80:be:53:12:ab:96:f1:03:9d:79:
75:c7:2b:c9:c0:df:19:d7:fc:65:fc:a9:4e:7e:96:
9e:d3:f6:35:0f:ff:41:58:eb:f3:50:d4:94:2b:f2:
16:b2:b8:11:19:84:e0:e6:1c:4d:3c:a4:1c:09:16:
18:a8:57:b8:9a:10:bc:31:21:7d:72:1c:70:6e:fd:
9c:d5:69:15:23:0c:da:26:d1:13:4d:47:aa:7d:62:
11:1b:32:29:3e:05:f1:c8:74:f3:b7:68:c7:24:5c:
68:34:32:59:ba:58:d2:38:f3:a4:2b:17:aa:c6:bd:
f5:20:c4:b9:57:e7:b2:47:ac:cc:44:40:f7:01:13:
c8:63:03:7e:5a:0b:09:20:be:53:b2:9b:93:86:3a:
81:64:75:84:8d:a1:fa:f2:0d:89:62:1b:7e:2d:96:
7e:09:57:b3:b6:2a:40:4e:b5:cf:cf:10:c3:29:54:
1d:d9:2f:a5:c8:95:0d:e1:e9:25:34:51:d0:e9:45:
cc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:64:F9:B3:45:BD:C7:F1:2D:6F:E1:19:C3:96:4A:EC:0C:1A:10:B0
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/N2T5s0W9x_Etb-EZw5ZK7AwaELA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.170.0/24
212.100.172.0-212.100.179.255
212.100.184.0/22
212.100.191.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:40:0d:d7:05:16:ae:38:50:69:dc:0b:14:8e:68:58:3a:6f:
bc:9c:58:72:00:5c:61:fa:7d:f0:78:40:45:ce:4b:17:82:2f:
61:8c:7c:8d:0c:e6:14:74:58:21:b1:d0:bd:bb:34:93:97:57:
51:07:7a:32:5d:79:f9:cf:d4:00:b2:7e:5a:6a:de:d6:8a:c6:
4f:e1:d2:d2:c9:bc:e6:16:cb:74:6a:60:b4:7b:93:cb:9e:8e:
70:e5:81:5f:ba:02:b4:cf:53:4f:ca:52:13:ff:60:bd:43:ef:
12:61:94:61:67:97:bc:b6:bb:ad:e9:87:96:c8:f9:b6:3b:db:
c4:cd:67:8b:64:45:9a:e3:01:5e:d0:88:01:d2:28:eb:06:5f:
0d:61:19:ad:cd:83:3c:b6:f8:b8:39:fb:a7:a8:19:64:c9:7d:
3e:4b:9b:5e:df:8e:67:68:73:d0:c8:04:69:06:4c:70:a7:73:
a4:31:cb:b2:ea:49:67:e6:ef:10:40:0e:40:6e:38:4c:33:10:
90:db:8e:1c:11:1d:6e:1b:88:14:c3:db:34:e3:91:e7:d4:6c:
4a:cb:f5:bf:b4:22:da:f4:92:9b:da:85:c4:99:70:af:84:30:
df:5f:37:8b:f1:a0:e0:89:43:99:a6:1e:e7:01:5d:0d:92:55:
33:e7:12:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZz1y/I+bveweuVLvVmLcZ65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwMzE2MDgzODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY0ZjliMzQ1YmRjN2YxMmQ2ZmUxMTljMzk2NGFlYzBjMWExMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38J1RkUkHk6hp8rsm6InpK3fF91x
9PhoeBcnxB5UTihOJm1BOTO78OBRL7cjDTWLQvas1ferTYP9lMUqhXFRL4C+UxKr
lvEDnXl1xyvJwN8Z1/xl/KlOfpae0/Y1D/9BWOvzUNSUK/IWsrgRGYTg5hxNPKQc
CRYYqFe4mhC8MSF9chxwbv2c1WkVIwzaJtETTUeqfWIRGzIpPgXxyHTzt2jHJFxo
NDJZuljSOPOkKxeqxr31IMS5V+eyR6zMRED3ARPIYwN+WgsJIL5TspuThjqBZHWE
jaH68g2JYht+LZZ+CVeztipATrXPzxDDKVQd2S+lyJUN4eklNFHQ6UXMzwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDdk+bNFvcfxLW/hGcOWSuwMGhCwMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvTjJUNXMwVzl4X0V0Yi1FWnc1Wks3QXdhRUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQC1GSkAwQA
1GSqMAwDBALUZKwDBALUZLADBALUZLgDBADUZL8wDQYJKoZIhvcNAQELBQADggEB
AJtADdcFFq44UGncCxSOaFg6b7ycWHIAXGH6ffB4QEXOSxeCL2GMfI0M5hR0WCGx
0L27NJOXV1EHejJdefnP1ACyflpq3taKxk/h0tLJvOYWy3RqYLR7k8uejnDlgV+6
ArTPU0/KUhP/YL1D7xJhlGFnl7y2u63ph5bI+bY728TNZ4tkRZrjAV7QiAHSKOsG
Xw1hGa3Ngzy2+Lg5+6eoGWTJfT5Lm17fjmdoc9DIBGkGTHCnc6Qxy7LqSWfm7xBA
DkBuOEwzEJDbjhwRHW4biBTD2zTjkefUbErL9b+0Itr0kpvahcSZcK+EMN9fN4vx
oOCJQ5mmHucBXQ2SVTPnEqU=
-----END CERTIFICATE-----
Generated at Sat Mar 21 15:00:09 2026 by rpki-client