Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/GgwfFTO4uP8S6Zfl4qD7wrkk97Q.roa
File: GgwfFTO4uP8S6Zfl4qD7wrkk97Q.roa (raw, json)
Hash identifier: F3vmPojHcPZ/pLNRoH2QfGVNUxhfBZ4t6IZ3+YyXKWU=
Subject key identifier: 1A:0C:1F:15:33:B8:B8:FF:12:E9:97:E5:E2:A0:FB:C2:B9:24:F7:B4
Certificate issuer: /CN=eb78358a6a97d19b2f5afff1cfc793fbb4eafc9d
Certificate serial: 01985512FFCDA5798C668CF54D82F32CFA44
Authority key identifier: EB:78:35:8A:6A:97:D1:9B:2F:5A:FF:F1:CF:C7:93:FB:B4:EA:FC:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/GgwfFTO4uP8S6Zfl4qD7wrkk97Q.roa
Signing time: Tue 29 Jul 2025 07:26:05 +0000
ROA not before: Tue 29 Jul 2025 07:26:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 31.204.1.0/24 maxlen: 24
31.204.2.0/23 maxlen: 24
31.204.4.0/22 maxlen: 24
31.204.8.0/21 maxlen: 24
31.204.16.0/20 maxlen: 24
31.204.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.mft
rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:12:ff:cd:a5:79:8c:66:8c:f5:4d:82:f3:2c:fa:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb78358a6a97d19b2f5afff1cfc793fbb4eafc9d
Validity
Not Before: Jul 29 07:26:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a0c1f1533b8b8ff12e997e5e2a0fbc2b924f7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ae:ea:43:96:ae:16:ac:1c:e6:2c:bb:00:23:
d8:84:2c:f1:de:47:9f:a6:8c:01:1c:3d:98:a9:cf:
c3:8c:1c:2e:87:9b:a4:f4:a6:fb:38:df:d4:cd:5c:
f2:27:d1:8c:56:96:78:f1:f6:4c:e6:30:f7:9a:3b:
b8:ea:aa:fa:da:88:8a:a0:a7:0b:ce:f0:83:38:eb:
5c:e7:79:a8:86:fa:74:3f:65:d5:db:0b:7e:b4:bc:
d3:ee:de:f3:cd:c3:c3:cf:0b:2a:02:b1:b7:d8:66:
1e:61:6e:d4:ec:15:a4:f3:2f:f5:55:29:74:af:ad:
b2:b4:da:70:ff:ee:dc:15:e5:91:f0:3f:04:02:3f:
dd:97:07:e6:fa:a9:1b:fb:eb:4b:37:d6:ab:9f:05:
0f:da:5e:9a:b7:fc:a6:07:95:bc:67:b5:d3:8c:19:
58:9a:13:5c:54:e4:70:b3:c6:85:0c:3f:b2:8b:95:
ff:6a:2f:6a:a1:4e:b8:3f:05:60:80:3d:c7:38:9f:
ff:fc:d2:23:a4:bd:97:81:36:8e:0c:e0:51:65:43:
3d:33:5c:f2:fb:50:5f:b7:ea:6d:72:14:b7:e4:ec:
1b:d8:17:85:e1:9f:fc:5d:66:72:c7:26:a4:4e:b2:
d0:4f:1a:78:b2:0c:eb:8a:d8:2f:91:33:20:1b:59:
75:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0C:1F:15:33:B8:B8:FF:12:E9:97:E5:E2:A0:FB:C2:B9:24:F7:B4
X509v3 Authority Key Identifier:
keyid:EB:78:35:8A:6A:97:D1:9B:2F:5A:FF:F1:CF:C7:93:FB:B4:EA:FC:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/GgwfFTO4uP8S6Zfl4qD7wrkk97Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.1.0-31.204.63.255
Signature Algorithm: sha256WithRSAEncryption
9e:53:1f:fb:0d:ec:24:ca:8e:e8:53:d4:6d:08:50:36:5c:45:
b1:bc:2e:0e:cf:c9:7e:5a:10:3f:01:95:3b:e3:ce:d6:3b:8b:
83:49:cb:8d:77:b1:66:26:f0:ea:2e:d9:7c:e0:e0:e3:b6:9f:
2e:3f:20:20:33:f3:34:c4:65:ef:32:f3:f7:57:d3:cf:3f:a2:
c8:88:51:fd:e2:b3:9e:b0:bc:ad:29:0e:2c:7b:7c:bd:ab:50:
d2:0a:7c:4c:ee:31:e9:43:43:70:ed:4c:92:15:8f:b0:51:cc:
4a:74:e8:40:13:28:f0:86:38:9f:64:e4:1a:ed:bf:99:38:b9:
a6:d2:3a:8e:aa:a9:46:59:2a:d7:82:a9:04:a5:c2:7d:3a:40:
4c:f0:82:e9:85:fd:c5:17:29:a0:3f:eb:76:99:cf:10:3d:6a:
d1:8e:91:17:ca:d0:7c:7c:c2:d3:07:e0:bc:4a:1d:51:df:36:
92:7e:4f:1e:f7:d6:e6:13:70:da:d3:a6:7f:ba:aa:19:6c:b5:
2f:6d:52:05:86:a8:0b:a6:8e:63:d4:f5:26:f4:0f:bd:a6:69:
be:cc:c1:a7:23:93:8b:29:94:3e:bb:24:d8:9e:2b:b3:09:43:
da:92:77:bd:9c:fe:1f:63:f1:c7:b9:df:ad:03:55:71:5e:fa:
76:00:ba:75
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZhVEv/NpXmMZoz1TYLzLPpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNzgzNThhNmE5N2QxOWIyZjVhZmZmMWNmYzc5M2ZiYjRl
YWZjOWQwHhcNMjUwNzI5MDcyNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTBjMWYxNTMzYjhiOGZmMTJlOTk3ZTVlMmEwZmJjMmI5MjRmN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh67qQ5auFqwc5iy7ACPYhCzx3kef
powBHD2Yqc/DjBwuh5uk9Kb7ON/UzVzyJ9GMVpZ48fZM5jD3mju46qr62oiKoKcL
zvCDOOtc53mohvp0P2XV2wt+tLzT7t7zzcPDzwsqArG32GYeYW7U7BWk8y/1VSl0
r62ytNpw/+7cFeWR8D8EAj/dlwfm+qkb++tLN9arnwUP2l6at/ymB5W8Z7XTjBlY
mhNcVORws8aFDD+yi5X/ai9qoU64PwVggD3HOJ///NIjpL2XgTaODOBRZUM9M1zy
+1Bft+ptchS35Owb2BeF4Z/8XWZyxyakTrLQTxp4sgzritgvkTMgG1l17QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBoMHxUzuLj/EumX5eKg+8K5JPe0MB8GA1UdIwQY
MBaAFOt4NYpql9GbL1r/8c/Hk/u06vydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjNnMWltcVgwWnN2V3ZfeHo4ZVQtN1RxX0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NjhiNzUtNTk5NC00OGZiLWE4NWQt
NGE1ZWVkMWVlNWJjLzEvR2d3ZkZUTzR1UDhTNlpmbDRxRDd3cmtrOTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NjhiNzUtNTk5NC00OGZiLWE4NWQtNGE1ZWVkMWVlNWJj
LzEvNjNnMWltcVgwWnN2V3ZfeHo4ZVQtN1RxX0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAfzAED
BAYfzAAwDQYJKoZIhvcNAQELBQADggEBAJ5TH/sN7CTKjuhT1G0IUDZcRbG8Lg7P
yX5aED8BlTvjztY7i4NJy413sWYm8Oou2Xzg4OO2ny4/ICAz8zTEZe8y8/dX088/
osiIUf3is56wvK0pDix7fL2rUNIKfEzuMelDQ3DtTJIVj7BRzEp06EATKPCGOJ9k
5Brtv5k4uabSOo6qqUZZKteCqQSlwn06QEzwgumF/cUXKaA/63aZzxA9atGOkRfK
0Hx8wtMH4LxKHVHfNpJ+Tx731uYTcNrTpn+6qhlstS9tUgWGqAumjmPU9Sb0D72m
ab7Mwacjk4splD67JNieK7MJQ9qSd72c/h9j8ce5360DVXFe+nYAunU=
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:52:49 2025 by rpki-client