Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/v1HgD32Ce7-tySs2xjX-vUslX0o.roa
File: v1HgD32Ce7-tySs2xjX-vUslX0o.roa (raw, json)
Hash identifier: DNjNNi0jFs6bj2lpBoIBKwXpxJpmQcT0MSPaBOT0gg4=
Subject key identifier: BF:51:E0:0F:7D:82:7B:BF:AD:C9:2B:36:C6:35:FE:BD:4B:25:5F:4A
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019CE71DB5D92167F93C28CA73C3F7906583
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/v1HgD32Ce7-tySs2xjX-vUslX0o.roa
Signing time: Fri 13 Mar 2026 12:13:29 +0000
ROA not before: Fri 13 Mar 2026 12:13:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46450
IP address blocks: 212.100.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:1d:b5:d9:21:67:f9:3c:28:ca:73:c3:f7:90:65:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Mar 13 12:13:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf51e00f7d827bbfadc92b36c635febd4b255f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9a:37:15:04:61:a5:fa:99:90:ac:f8:a8:16:
36:e7:2d:42:85:7a:be:d7:79:b3:29:66:8b:29:42:
e8:81:83:23:1c:02:0a:fe:c9:7d:9c:76:79:82:02:
8e:4f:63:7f:cf:c2:d1:e7:08:48:e2:65:5b:5e:2a:
9a:3c:a0:bc:69:9c:4e:1b:e5:ff:c0:41:3e:dd:83:
b7:1c:95:a6:92:db:f4:e1:90:bd:4a:68:82:54:ed:
09:b3:e0:76:d9:50:f9:c6:b0:0d:30:a0:b4:cb:48:
68:a7:cd:6e:f2:98:7a:57:e9:1a:a3:25:fe:3c:0f:
97:49:0b:20:73:cd:f3:d4:83:0d:11:08:02:6d:05:
03:49:83:dd:2a:d1:c0:70:20:a2:2e:28:86:2d:01:
a2:fd:1f:bf:11:95:88:d0:cf:c2:cd:ba:54:7b:f8:
59:4f:fb:0b:3e:66:ef:79:c4:66:39:00:30:a8:76:
c9:e9:5b:3a:f5:80:78:ba:21:b2:ee:7a:83:72:bc:
c5:93:95:3e:c0:be:18:df:b1:0b:df:50:0f:82:5e:
46:7d:3a:87:2e:b4:a2:0d:cb:56:ca:12:54:43:0a:
4c:81:ab:c0:6c:ec:c3:1b:28:11:ea:93:82:1b:3b:
fb:bd:d7:c4:77:64:e9:20:b1:33:4f:97:6c:47:b8:
88:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:51:E0:0F:7D:82:7B:BF:AD:C9:2B:36:C6:35:FE:BD:4B:25:5F:4A
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/v1HgD32Ce7-tySs2xjX-vUslX0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:9b:2b:44:1d:b2:b3:ef:a3:b6:99:00:31:b2:24:a9:ce:2b:
e4:a6:95:31:5a:f4:71:fa:ce:52:e4:61:cf:bf:77:a5:0a:23:
e3:fa:ca:a5:7e:38:2f:a7:64:39:7b:ba:ef:bb:c8:47:90:75:
8d:cb:60:ba:53:e4:12:42:66:74:d6:63:1d:39:d5:e6:d0:81:
f0:f2:16:9a:e0:6f:a7:84:e5:47:f7:48:02:39:94:76:e2:80:
b3:31:cd:b4:15:da:49:a6:6f:75:24:c2:c3:a8:a5:d1:24:f6:
95:0b:01:c3:a7:68:36:ab:2b:ae:0a:fb:36:82:59:b5:03:d8:
93:30:cf:70:71:62:e2:bf:42:de:d5:82:c2:fb:57:10:11:e3:
67:18:83:24:e0:52:de:ed:93:fa:d4:74:e4:79:aa:35:28:bb:
05:90:ae:55:29:46:d6:87:4e:f0:20:af:67:cf:8f:da:6e:f5:
3e:02:61:27:bb:4e:cb:8c:2b:29:79:38:cb:1f:f2:cd:0d:6c:
74:27:f1:38:29:dc:ee:ae:ca:2c:15:02:d9:83:50:d9:56:a4:
67:95:c5:51:89:77:66:86:37:b0:58:57:6c:07:d3:d6:30:91:
b4:1d:71:c2:07:28:af:8a:27:23:3d:9c:40:63:73:4d:94:b2:
dc:90:98:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZznHbXZIWf5PCjKc8P3kGWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwMzEzMTIxMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjUxZTAwZjdkODI3YmJmYWRjOTJiMzZjNjM1ZmViZDRiMjU1ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppo3FQRhpfqZkKz4qBY25y1ChXq+
13mzKWaLKULogYMjHAIK/sl9nHZ5ggKOT2N/z8LR5whI4mVbXiqaPKC8aZxOG+X/
wEE+3YO3HJWmktv04ZC9SmiCVO0Js+B22VD5xrANMKC0y0hop81u8ph6V+kaoyX+
PA+XSQsgc83z1IMNEQgCbQUDSYPdKtHAcCCiLiiGLQGi/R+/EZWI0M/CzbpUe/hZ
T/sLPmbvecRmOQAwqHbJ6Vs69YB4uiGy7nqDcrzFk5U+wL4Y37EL31APgl5GfTqH
LrSiDctWyhJUQwpMgavAbOzDGygR6pOCGzv7vdfEd2TpILEzT5dsR7iIMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9R4A99gnu/rckrNsY1/r1LJV9KMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvdjFIZ0QzMkNlNy10eVNzMnhqWC12VXNsWDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GSuMA0G
CSqGSIb3DQEBCwUAA4IBAQCbmytEHbKz76O2mQAxsiSpzivkppUxWvRx+s5S5GHP
v3elCiPj+sqlfjgvp2Q5e7rvu8hHkHWNy2C6U+QSQmZ01mMdOdXm0IHw8haa4G+n
hOVH90gCOZR24oCzMc20FdpJpm91JMLDqKXRJPaVCwHDp2g2qyuuCvs2glm1A9iT
MM9wcWLiv0Le1YLC+1cQEeNnGIMk4FLe7ZP61HTkeao1KLsFkK5VKUbWh07wIK9n
z4/abvU+AmEnu07LjCspeTjLH/LNDWx0J/E4KdzursosFQLZg1DZVqRnlcVRiXdm
hjewWFdsB9PWMJG0HXHCByiviicjPZxAY3NNlLLckJg+
-----END CERTIFICATE-----
Generated at Sat Mar 21 14:59:57 2026 by rpki-client