Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/lJnE2FxAsaNI1_tB-ERuVEpfT_o.roa
File: lJnE2FxAsaNI1_tB-ERuVEpfT_o.roa (raw, json)
Hash identifier: voyo3MylmMcwFVFJkWMx676jBOzgA77ypSsSouZX6gY=
Subject key identifier: 94:99:C4:D8:5C:40:B1:A3:48:D7:FB:41:F8:44:6E:54:4A:5F:4F:FA
Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial: 019D1F61D807C5CF24723DB71F41CC3E6B09
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/lJnE2FxAsaNI1_tB-ERuVEpfT_o.roa
Signing time: Tue 24 Mar 2026 10:26:39 +0000
ROA not before: Tue 24 Mar 2026 10:26:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214025
IP address blocks: 212.100.165.0/24 maxlen: 24
212.100.167.0/24 maxlen: 24
212.100.176.0/24 maxlen: 24
212.100.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:61:d8:07:c5:cf:24:72:3d:b7:1f:41:cc:3e:6b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Validity
Not Before: Mar 24 10:26:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9499c4d85c40b1a348d7fb41f8446e544a5f4ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9f:bf:be:f4:95:d6:87:78:53:7d:43:36:62:
b8:17:ec:12:20:38:fe:b1:23:ca:5b:22:c0:35:cc:
f6:08:0b:d7:d1:52:f5:7f:01:5a:a0:f2:8f:1f:25:
c7:16:49:99:bb:73:d0:52:9e:43:9f:f0:db:b6:3b:
59:48:44:c6:29:0c:44:5b:3e:29:48:88:9d:11:92:
2f:6c:bf:3b:92:b9:cd:f8:fb:da:11:05:8b:dc:09:
09:0f:65:0c:fe:42:d6:fb:1f:92:80:58:40:34:55:
7a:9b:93:e7:47:f3:be:3e:f6:c1:1d:a3:c2:18:9c:
25:b0:4a:3b:6e:98:c7:d4:da:2c:03:ab:a6:60:0f:
25:cf:5d:c1:a2:4b:cc:b2:15:1a:ee:b2:7d:4a:65:
63:77:cc:14:47:5d:da:71:33:e5:17:2f:2a:62:1a:
2c:20:87:8d:34:9c:f7:1b:4b:d3:71:8c:f0:55:3e:
53:13:0b:19:eb:d0:3d:67:63:32:72:a9:5e:1b:70:
43:47:9f:b9:6d:81:9e:4f:3c:a7:94:4d:7b:34:3d:
e0:f5:9d:a1:0c:8c:da:de:85:a2:2a:fb:79:9b:9b:
73:89:83:23:35:e9:b0:ee:c6:c2:d5:82:40:6d:d5:
9f:a8:4f:87:ac:c7:4c:d4:db:ea:71:33:25:b4:f2:
82:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:99:C4:D8:5C:40:B1:A3:48:D7:FB:41:F8:44:6E:54:4A:5F:4F:FA
X509v3 Authority Key Identifier:
keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/lJnE2FxAsaNI1_tB-ERuVEpfT_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.100.165.0/24
212.100.167.0/24
212.100.176.0/24
212.100.189.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:58:57:38:42:97:e9:55:7f:27:61:18:4f:9f:4a:84:e1:30:
93:b1:b9:cf:3a:ce:08:c1:6c:b2:21:e5:e6:1f:b0:fa:5b:1a:
7c:e8:87:3c:6c:8d:cd:ee:d8:80:c0:a2:98:d0:23:6f:9a:dd:
ad:4d:f8:93:6a:9e:a9:93:ca:cf:02:08:b8:09:6e:70:28:5b:
08:a1:bc:86:e6:ea:b1:53:5e:95:5d:36:59:66:0c:45:1f:dd:
7d:0f:d1:96:30:6b:e1:9d:14:03:42:9c:0c:e4:a3:a7:8e:95:
d8:71:9a:37:14:64:13:9a:d3:5b:2e:07:13:0c:63:77:57:9f:
c4:42:4c:f4:0d:12:fb:11:ae:48:84:c4:31:b4:ca:db:79:43:
fe:68:45:86:41:93:ff:1a:b8:ab:af:48:01:02:93:5d:07:d2:
e8:4e:c5:d1:d4:87:0a:4b:6d:90:65:b7:f5:40:13:6b:4d:08:
01:a5:1a:ca:43:0b:bc:8b:9d:62:42:a5:6b:f8:93:31:18:54:
f6:43:35:bf:79:c8:12:83:cb:11:e9:b8:e2:14:58:3b:75:6d:
70:3d:a4:51:96:5e:de:f6:a5:75:d8:2a:3b:a8:bb:a3:45:40:
fb:4e:e4:c8:26:19:15:c1:f9:17:b4:31:41:a8:f5:1d:92:95:
b7:45:5b:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0fYdgHxc8kcj23H0HMPmsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwMzI0MTAyNjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk5YzRkODVjNDBiMWEzNDhkN2ZiNDFmODQ0NmU1NDRhNWY0ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p+/vvSV1od4U31DNmK4F+wSIDj+
sSPKWyLANcz2CAvX0VL1fwFaoPKPHyXHFkmZu3PQUp5Dn/DbtjtZSETGKQxEWz4p
SIidEZIvbL87krnN+PvaEQWL3AkJD2UM/kLW+x+SgFhANFV6m5PnR/O+PvbBHaPC
GJwlsEo7bpjH1NosA6umYA8lz13BokvMshUa7rJ9SmVjd8wUR13acTPlFy8qYhos
IIeNNJz3G0vTcYzwVT5TEwsZ69A9Z2MycqleG3BDR5+5bYGeTzynlE17ND3g9Z2h
DIza3oWiKvt5m5tziYMjNemw7sbC1YJAbdWfqE+HrMdM1NvqcTMltPKCkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJSZxNhcQLGjSNf7QfhEblRKX0/6MB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvbEpuRTJGeEFzYU5JMV90Qi1FUnVWRXBmVF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1GSlAwQA
1GSnAwQA1GSwAwQA1GS9MA0GCSqGSIb3DQEBCwUAA4IBAQB8WFc4QpfpVX8nYRhP
n0qE4TCTsbnPOs4IwWyyIeXmH7D6Wxp86Ic8bI3N7tiAwKKY0CNvmt2tTfiTap6p
k8rPAgi4CW5wKFsIobyG5uqxU16VXTZZZgxFH919D9GWMGvhnRQDQpwM5KOnjpXY
cZo3FGQTmtNbLgcTDGN3V5/EQkz0DRL7Ea5IhMQxtMrbeUP+aEWGQZP/Grirr0gB
ApNdB9LoTsXR1IcKS22QZbf1QBNrTQgBpRrKQwu8i51iQqVr+JMxGFT2QzW/ecgS
g8sR6bjiFFg7dW1wPaRRll7e9qV12Co7qLujRUD7TuTIJhkVwfkXtDFBqPUdkpW3
RVvw
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:12:52 2026 by rpki-client