Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/lpQffrajNnhzJUbyWJgKqO08e_U.roa
File: lpQffrajNnhzJUbyWJgKqO08e_U.roa (raw, json)
Hash identifier: NPXicaFC1GJIBSykFbwnuk2iahLZIQeRUyi7yC9ZDfM=
Subject key identifier: 96:94:1F:7E:B6:A3:36:78:73:25:46:F2:58:98:0A:A8:ED:3C:7B:F5
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019DEF284E0C03F11470AC9C565209D0CA5D
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/lpQffrajNnhzJUbyWJgKqO08e_U.roa
Signing time: Sun 03 May 2026 18:44:49 +0000
ROA not before: Sun 03 May 2026 18:44:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.167.0/24 maxlen: 24
212.100.170.0/24 maxlen: 24
212.100.172.0/22 maxlen: 22
212.100.175.0/24 maxlen: 24
212.100.176.0/22 maxlen: 24
212.100.176.0/24 maxlen: 24
212.100.177.0/24 maxlen: 24
212.100.178.0/24 maxlen: 24
212.100.184.0/22 maxlen: 22
212.100.189.0/24 maxlen: 24
212.100.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 15:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ef:28:4e:0c:03:f1:14:70:ac:9c:56:52:09:d0:ca:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: May 3 18:44:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96941f7eb6a33678732546f258980aa8ed3c7bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4b:72:78:6e:8c:26:93:2e:e5:b1:5d:71:66:
42:f2:9d:b1:fc:3d:ef:e2:1f:68:b7:ca:4b:99:76:
5a:c2:cb:87:f9:5e:7b:2f:e8:a9:1b:cb:4d:26:8e:
3f:c0:e7:81:b0:7e:f9:d6:67:fb:a3:57:04:8a:71:
66:30:ca:c8:e6:b5:bb:a4:33:d7:72:05:5e:36:5b:
85:e1:c9:40:08:26:21:4b:7a:db:d0:a9:d3:32:b8:
92:d9:25:23:88:a5:2c:15:ba:7c:b0:89:fd:f9:50:
17:27:c0:59:a4:70:ec:9a:71:87:67:a4:b6:64:35:
16:25:ff:bf:c9:d6:9a:e9:21:a3:da:ff:35:e8:fe:
85:92:be:63:64:8e:d0:35:eb:00:27:a0:03:f4:7f:
43:28:5b:58:41:b6:a6:27:84:0d:17:56:be:0d:85:
83:34:44:10:9f:c0:2c:22:c9:41:51:90:64:4e:03:
df:15:7b:38:b5:88:89:b0:f9:61:a6:f7:2a:f0:ed:
03:3f:76:af:fd:77:28:12:37:58:22:e6:0d:91:40:
81:ef:d2:78:b5:98:42:e9:d7:fb:1f:ea:b9:ec:ca:
59:4f:56:19:67:5e:84:9b:d1:00:62:a1:06:14:b2:
b1:be:dc:ef:ac:90:a3:2e:d5:f9:a6:ab:2e:3b:a3:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:94:1F:7E:B6:A3:36:78:73:25:46:F2:58:98:0A:A8:ED:3C:7B:F5
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/lpQffrajNnhzJUbyWJgKqO08e_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.170.0/24
212.100.172.0-212.100.179.255
212.100.184.0/22
212.100.189.0/24
212.100.191.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:a0:1c:4b:12:d0:32:fd:bb:23:0b:94:f3:52:54:fe:35:16:
9b:4e:11:ae:22:58:09:a0:0b:ce:d2:28:ee:85:64:41:49:c0:
80:34:cc:02:99:2f:2e:0b:d4:ac:bd:67:bc:af:53:c1:97:17:
23:b3:a4:95:2e:fe:4f:a1:52:4b:f2:9b:fd:72:5a:9b:f3:f0:
51:1b:94:fb:91:89:96:f5:c9:db:7c:0a:85:1d:08:b9:ee:86:
75:bb:19:6b:8b:03:5b:26:cf:9d:68:84:dd:42:f2:12:31:37:
fa:81:49:8f:3a:b1:76:b7:e7:03:b5:a7:bc:63:05:98:36:92:
5f:16:a7:95:6c:df:97:af:8f:6b:81:4f:ff:9e:38:1f:3f:32:
a1:19:69:a9:62:06:14:ef:18:47:22:e5:6b:e4:5d:ec:4f:c6:
b7:85:53:c0:97:c8:95:62:ce:dc:ea:34:a3:05:42:a6:bc:90:
d5:2f:b8:a4:1b:d0:8b:0a:f3:9b:70:c5:7e:2e:97:86:86:0e:
11:35:07:c6:08:7a:d0:39:43:b7:2c:66:03:9b:6d:3a:f4:98:
2e:e8:28:41:8a:f0:96:41:64:8e:45:a1:56:9b:d5:17:2e:59:
23:1e:d2:34:41:2f:5c:b8:f0:02:bb:25:31:a0:8b:8a:fc:15:
11:e2:45:a1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ3vKE4MA/EUcKycVlIJ0MpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwNTAzMTg0NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk0MWY3ZWI2YTMzNjc4NzMyNTQ2ZjI1ODk4MGFhOGVkM2M3YmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0tyeG6MJpMu5bFdcWZC8p2x/D3v
4h9ot8pLmXZawsuH+V57L+ipG8tNJo4/wOeBsH751mf7o1cEinFmMMrI5rW7pDPX
cgVeNluF4clACCYhS3rb0KnTMriS2SUjiKUsFbp8sIn9+VAXJ8BZpHDsmnGHZ6S2
ZDUWJf+/ydaa6SGj2v816P6Fkr5jZI7QNesAJ6AD9H9DKFtYQbamJ4QNF1a+DYWD
NEQQn8AsIslBUZBkTgPfFXs4tYiJsPlhpvcq8O0DP3av/XcoEjdYIuYNkUCB79J4
tZhC6df7H+q57MpZT1YZZ16Em9EAYqEGFLKxvtzvrJCjLtX5pqsuO6P75wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJaUH362ozZ4cyVG8liYCqjtPHv1MB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvbHBRZmZyYWpObmh6SlVieVdKZ0txTzA4ZV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQC1GSkAwQA
1GSqMAwDBALUZKwDBALUZLADBALUZLgDBADUZL0DBADUZL8wDQYJKoZIhvcNAQEL
BQADggEBAG6gHEsS0DL9uyMLlPNSVP41FptOEa4iWAmgC87SKO6FZEFJwIA0zAKZ
Ly4L1Ky9Z7yvU8GXFyOzpJUu/k+hUkvym/1yWpvz8FEblPuRiZb1ydt8CoUdCLnu
hnW7GWuLA1smz51ohN1C8hIxN/qBSY86sXa35wO1p7xjBZg2kl8Wp5Vs35evj2uB
T/+eOB8/MqEZaaliBhTvGEci5WvkXexPxreFU8CXyJViztzqNKMFQqa8kNUvuKQb
0IsK85twxX4ul4aGDhE1B8YIetA5Q7csZgObbTr0mC7oKEGK8JZBZI5FoVab1Rcu
WSMe0jRBL1y48AK7JTGgi4r8FRHiRaE=
-----END CERTIFICATE-----
Generated at Wed May 6 01:12:12 2026 by rpki-client