Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/FFUxdMgztw8KU4ii1lp3b1pBnRA.roa
File: FFUxdMgztw8KU4ii1lp3b1pBnRA.roa (raw, json)
Hash identifier: LwYGFEmYTY79quz9OK5Bty21hAC9lxI7Jq2RGp5y3k8=
Subject key identifier: 14:55:31:74:C8:33:B7:0F:0A:53:88:A2:D6:5A:77:6F:5A:41:9D:10
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019D1F61D73996B00FD3C3F87A089F76DF5A
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/FFUxdMgztw8KU4ii1lp3b1pBnRA.roa
Signing time: Tue 24 Mar 2026 10:26:38 +0000
ROA not before: Tue 24 Mar 2026 10:26:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.100.164.0/22 maxlen: 22
212.100.170.0/24 maxlen: 24
212.100.172.0/22 maxlen: 22
212.100.175.0/24 maxlen: 24
212.100.176.0/22 maxlen: 24
212.100.177.0/24 maxlen: 24
212.100.178.0/24 maxlen: 24
212.100.184.0/22 maxlen: 22
212.100.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:61:d7:39:96:b0:0f:d3:c3:f8:7a:08:9f:76:df:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Mar 24 10:26:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14553174c833b70f0a5388a2d65a776f5a419d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:32:6a:fa:8e:d3:ad:cf:02:d0:5d:f3:07:be:
53:38:3c:03:f4:08:31:34:71:93:14:df:05:b1:91:
e5:63:80:cd:99:27:23:f6:51:6e:80:19:6d:b8:e1:
70:20:83:39:f9:48:cb:c4:b7:a0:9d:97:78:af:12:
56:d1:d7:31:3c:61:80:57:83:8a:01:47:20:71:ea:
77:f0:aa:42:56:94:a9:14:67:5b:e5:69:8b:16:0d:
a3:d4:b9:45:76:03:5f:52:50:e8:57:55:47:85:23:
0e:69:ef:7a:37:bf:fb:2f:56:bf:51:bb:05:bf:20:
a3:ef:6e:fe:0c:f4:34:92:d5:25:6e:c6:38:eb:8d:
d8:52:a1:79:34:b2:8b:f8:f5:d6:1d:1e:b4:25:ac:
de:e9:ed:a8:9f:37:af:cc:87:b7:c1:b4:e2:79:ef:
9c:ee:c6:b3:5e:4a:df:e3:07:23:7e:a1:eb:cb:fd:
12:2a:ee:1f:e4:d7:c4:c5:62:39:2b:86:5b:0f:6a:
58:53:c9:99:f4:b4:fb:20:9c:ed:6f:3d:d1:46:a1:
8c:96:1c:f7:9a:15:54:0c:62:c5:2f:d7:49:d3:14:
e0:99:d6:c9:f6:03:7f:cb:cf:7e:5f:96:5f:2a:55:
f8:f9:cf:f0:14:8a:dc:7e:d7:3c:fc:1e:b8:06:16:
7d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:55:31:74:C8:33:B7:0F:0A:53:88:A2:D6:5A:77:6F:5A:41:9D:10
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/FFUxdMgztw8KU4ii1lp3b1pBnRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.164.0/22
212.100.170.0/24
212.100.172.0-212.100.179.255
212.100.184.0/22
212.100.191.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:0f:53:05:36:30:9e:44:ec:74:52:59:a4:52:bb:37:7b:72:
05:26:9f:84:62:0b:62:5d:42:17:b1:c0:b9:b9:b6:4f:15:4d:
81:57:2f:09:2b:44:6f:ba:f9:d1:04:a5:47:fa:62:8c:c4:7b:
e3:25:de:cf:b5:ff:97:30:9e:1b:cc:d2:c3:2c:45:ff:6f:86:
c7:a5:46:5d:f2:4b:4a:90:90:c7:9e:f2:de:f7:d0:79:d7:23:
fa:e9:ee:90:99:27:4f:75:16:c0:ea:f7:84:bd:3a:21:3e:1c:
56:b4:60:62:17:e8:58:73:58:45:ad:b0:31:0a:0e:f8:4f:41:
33:ff:31:08:26:d0:d9:d5:3d:06:d4:f3:3a:34:a1:ec:47:81:
8c:70:ed:f7:57:d3:b3:6b:5d:e7:76:b5:ca:c5:39:10:a7:15:
65:63:6b:91:cc:71:75:d8:52:27:dc:84:9d:0e:6c:86:92:ab:
33:49:15:93:b8:7e:48:e4:1e:a2:5e:bc:87:f0:4e:e8:70:9a:
ae:57:94:1c:2e:77:65:bb:f7:53:7b:dd:bc:7c:ed:a0:e8:65:
d7:0c:cc:8e:f7:82:b1:a0:9f:e2:b1:ab:16:d7:36:d9:81:b4:
25:84:9d:70:ff:f7:b4:af:a6:81:ce:33:0e:34:61:3c:1b:6b:
22:b3:58:08
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ0fYdc5lrAP08P4egifdt9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwMzI0MTAyNjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU1MzE3NGM4MzNiNzBmMGE1Mzg4YTJkNjVhNzc2ZjVhNDE5ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DJq+o7Trc8C0F3zB75TODwD9Agx
NHGTFN8FsZHlY4DNmScj9lFugBltuOFwIIM5+UjLxLegnZd4rxJW0dcxPGGAV4OK
AUcgcep38KpCVpSpFGdb5WmLFg2j1LlFdgNfUlDoV1VHhSMOae96N7/7L1a/UbsF
vyCj727+DPQ0ktUlbsY4643YUqF5NLKL+PXWHR60Jaze6e2onzevzIe3wbTiee+c
7sazXkrf4wcjfqHry/0SKu4f5NfExWI5K4ZbD2pYU8mZ9LT7IJztbz3RRqGMlhz3
mhVUDGLFL9dJ0xTgmdbJ9gN/y89+X5ZfKlX4+c/wFIrcftc8/B64BhZ9bQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBRVMXTIM7cPClOIotZad29aQZ0QMB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvRkZVeGRNZ3p0dzhLVTRpaTFscDNiMXBCblJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQC1GSkAwQA
1GSqMAwDBALUZKwDBALUZLADBALUZLgDBADUZL8wDQYJKoZIhvcNAQELBQADggEB
AE4PUwU2MJ5E7HRSWaRSuzd7cgUmn4RiC2JdQhexwLm5tk8VTYFXLwkrRG+6+dEE
pUf6YozEe+Ml3s+1/5cwnhvM0sMsRf9vhselRl3yS0qQkMee8t730HnXI/rp7pCZ
J091FsDq94S9OiE+HFa0YGIX6FhzWEWtsDEKDvhPQTP/MQgm0NnVPQbU8zo0oexH
gYxw7fdX07NrXed2tcrFORCnFWVja5HMcXXYUifchJ0ObIaSqzNJFZO4fkjkHqJe
vIfwTuhwmq5XlBwud2W791N73bx87aDoZdcMzI73grGgn+KxqxbXNtmBtCWEnXD/
97SvpoHOMw40YTwbayKzWAg=
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:30:42 2026 by rpki-client