Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/OVk0YnxdegPPevPKHNrrPYf81pE.roa
File: OVk0YnxdegPPevPKHNrrPYf81pE.roa (raw, json)
Hash identifier: BoBwa5KiIbKH1RfLWMn43ieUHuIxtvUa3XwdoKLVJv4=
Subject key identifier: 39:59:34:62:7C:5D:7A:03:CF:7A:F3:CA:1C:DA:EB:3D:87:FC:D6:91
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019CF5CBF2AAF468D9E02209B5A03A810A3F
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/OVk0YnxdegPPevPKHNrrPYf81pE.roa
Signing time: Mon 16 Mar 2026 08:38:29 +0000
ROA not before: Mon 16 Mar 2026 08:38:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214025
IP address blocks: 212.100.165.0/24 maxlen: 24
212.100.167.0/24 maxlen: 24
212.100.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f5:cb:f2:aa:f4:68:d9:e0:22:09:b5:a0:3a:81:0a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Mar 16 08:38:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=395934627c5d7a03cf7af3ca1cdaeb3d87fcd691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0a:4a:4e:de:f1:ac:64:b9:d6:c2:c9:5e:90:
1d:63:60:7f:62:9d:7b:ed:18:c9:2a:a7:4a:1c:99:
11:70:78:63:bc:87:9a:0c:99:53:5b:d2:41:1b:7c:
99:52:e6:4f:5f:1b:99:18:17:3e:f8:73:89:ef:35:
98:15:22:f4:cf:10:7a:e2:05:9b:4d:2f:81:13:5a:
b3:9c:4d:12:d8:13:31:11:f5:d1:2c:41:57:34:33:
dd:3a:dd:a6:ef:e5:fe:4a:65:fa:68:ec:bc:95:80:
09:b8:aa:eb:e7:c9:c6:e7:b5:dd:32:d5:ee:c7:e0:
23:3f:d2:e9:ce:bf:9f:9e:c3:f6:bc:bf:d4:ea:be:
5c:81:8a:82:01:27:f4:3c:dd:97:8c:a7:f3:5c:ec:
1b:ca:5b:e7:a6:d1:9a:d9:c3:3c:f1:bf:a6:6d:3c:
73:03:84:cf:c8:9d:4d:51:47:ff:3b:d1:8f:85:e8:
31:39:f5:24:fa:e5:99:b8:7a:9a:bf:24:e7:31:74:
3b:72:19:c4:4f:45:07:c0:d2:8c:bb:03:28:78:78:
43:82:b4:39:55:0a:62:62:7f:77:30:6c:4c:5c:68:
9f:06:fe:d2:a1:2b:78:ca:fc:3d:cb:50:1c:83:bf:
54:6d:7f:0e:57:bf:78:f7:8e:85:ed:43:8f:75:14:
51:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:59:34:62:7C:5D:7A:03:CF:7A:F3:CA:1C:DA:EB:3D:87:FC:D6:91
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/OVk0YnxdegPPevPKHNrrPYf81pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.165.0/24
212.100.167.0/24
212.100.189.0/24
Signature Algorithm: sha256WithRSAEncryption
94:51:82:40:a8:6b:00:b8:b9:2e:a5:bd:33:50:f5:29:d4:b0:
12:a4:da:78:46:2e:29:71:ff:28:b0:28:ca:fd:1f:50:44:23:
c4:dc:25:f0:50:99:cc:f4:0e:fd:b7:6e:cc:cc:73:c4:d1:ff:
14:c8:c8:ac:a1:7b:d9:0a:9c:ac:e5:9c:bb:e3:53:39:a4:bc:
e3:12:78:87:ff:74:8f:13:96:8f:e7:31:b9:40:fa:18:bc:df:
d0:5b:75:6b:ec:c2:75:7e:ab:f7:1d:18:fd:cf:8f:b7:7a:39:
a6:b4:40:ce:8d:f9:97:f4:12:39:ca:f9:ad:a4:b1:a0:9b:8e:
f6:0f:c3:8a:cf:5b:43:09:02:31:44:19:32:d8:5c:e6:4b:37:
81:ec:6e:59:7f:b3:44:cf:5e:a9:d1:0b:6a:50:1b:68:7e:c0:
13:2c:90:1f:0e:76:6c:ad:0f:0c:5c:e5:3f:3d:4d:5f:d9:0a:
40:1a:99:c7:d7:dd:27:cd:4e:be:70:1f:a6:05:51:9e:29:ae:
f4:7f:9a:4a:3a:37:1e:df:8b:60:6a:ae:65:00:fa:e2:66:a2:
62:f0:f6:76:b2:bb:8c:05:f8:cd:84:04:fc:ca:1d:5c:3f:b6:
b5:4b:fb:b5:9a:b7:97:e9:0b:2b:65:1e:0a:8b:74:90:b1:e7:
90:bb:29:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZz1y/Kq9GjZ4CIJtaA6gQo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwMzE2MDgzODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTU5MzQ2MjdjNWQ3YTAzY2Y3YWYzY2ExY2RhZWIzZDg3ZmNkNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxApKTt7xrGS51sLJXpAdY2B/Yp17
7RjJKqdKHJkRcHhjvIeaDJlTW9JBG3yZUuZPXxuZGBc++HOJ7zWYFSL0zxB64gWb
TS+BE1qznE0S2BMxEfXRLEFXNDPdOt2m7+X+SmX6aOy8lYAJuKrr58nG57XdMtXu
x+AjP9Lpzr+fnsP2vL/U6r5cgYqCASf0PN2XjKfzXOwbylvnptGa2cM88b+mbTxz
A4TPyJ1NUUf/O9GPhegxOfUk+uWZuHqavyTnMXQ7chnET0UHwNKMuwMoeHhDgrQ5
VQpiYn93MGxMXGifBv7SoSt4yvw9y1Acg79UbX8OV794946F7UOPdRRRewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDlZNGJ8XXoDz3rzyhza6z2H/NaRMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvT1ZrMFlueGRlZ1BQZXZQS0hOcnJQWWY4MXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1GSlAwQA
1GSnAwQA1GS9MA0GCSqGSIb3DQEBCwUAA4IBAQCUUYJAqGsAuLkupb0zUPUp1LAS
pNp4Ri4pcf8osCjK/R9QRCPE3CXwUJnM9A79t27MzHPE0f8UyMisoXvZCpys5Zy7
41M5pLzjEniH/3SPE5aP5zG5QPoYvN/QW3Vr7MJ1fqv3HRj9z4+3ejmmtEDOjfmX
9BI5yvmtpLGgm472D8OKz1tDCQIxRBky2FzmSzeB7G5Zf7NEz16p0QtqUBtofsAT
LJAfDnZsrQ8MXOU/PU1f2QpAGpnH190nzU6+cB+mBVGeKa70f5pKOjce34tgaq5l
APriZqJi8PZ2sruMBfjNhAT8yh1cP7a1S/u1mreX6QsrZR4Ki3SQseeQuym/
-----END CERTIFICATE-----
Generated at Sat Mar 21 14:59:58 2026 by rpki-client