Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/cTqqZ8EZL5CVbn9iDxm1gMobbtQ.roa
File: cTqqZ8EZL5CVbn9iDxm1gMobbtQ.roa (raw, json)
Hash identifier: q8ilyeI7HJCy0KwqUBGDpRhrf43OmwTjYcPx/gS2klY=
Subject key identifier: 71:3A:AA:67:C1:19:2F:90:95:6E:7F:62:0F:19:B5:80:CA:1B:6E:D4
Certificate issuer: /CN=eb78358a6a97d19b2f5afff1cfc793fbb4eafc9d
Certificate serial: 01985512FEBE7565ABE54E5456491A8390EB
Authority key identifier: EB:78:35:8A:6A:97:D1:9B:2F:5A:FF:F1:CF:C7:93:FB:B4:EA:FC:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/cTqqZ8EZL5CVbn9iDxm1gMobbtQ.roa
Signing time: Tue 29 Jul 2025 07:26:04 +0000
ROA not before: Tue 29 Jul 2025 07:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 31.204.1.0/24 maxlen: 24
31.204.2.0/23 maxlen: 24
31.204.4.0/22 maxlen: 24
31.204.8.0/21 maxlen: 24
31.204.16.0/20 maxlen: 24
31.204.26.0/24 maxlen: 24
31.204.32.0/19 maxlen: 24
31.204.49.0/24 maxlen: 24
31.204.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.mft
rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:12:fe:be:75:65:ab:e5:4e:54:56:49:1a:83:90:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb78358a6a97d19b2f5afff1cfc793fbb4eafc9d
Validity
Not Before: Jul 29 07:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=713aaa67c1192f90956e7f620f19b580ca1b6ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:70:b0:a3:3c:ca:82:82:da:8b:d3:b0:35:d7:
56:52:20:66:a8:7f:9c:aa:92:ff:91:37:3f:77:93:
62:af:4d:ab:f0:e4:2d:82:0d:02:12:20:f3:60:af:
1f:36:88:e9:05:96:ea:75:90:cd:6b:38:67:54:6f:
5c:d7:9a:3f:bc:14:d2:26:e1:c9:f8:fe:56:28:b8:
d2:58:0d:72:94:9f:93:a5:07:4c:33:8f:cb:90:20:
db:84:3e:47:21:3b:84:16:ee:b8:6a:a5:28:81:82:
1a:fa:9e:0c:62:26:e1:c1:5b:ac:a9:ce:a5:04:ae:
43:9d:46:c6:36:10:f8:0e:0b:09:54:9d:2e:6c:ec:
85:8d:d9:d6:dd:b1:e9:f6:d3:6b:de:ae:c4:bd:13:
42:27:35:ec:c4:15:7c:de:49:5c:1e:1a:36:21:44:
81:05:d9:dc:25:21:ad:99:48:c6:63:e9:58:8b:5b:
02:8f:6b:02:83:67:14:e9:9e:fb:bd:b2:d7:d4:5e:
8b:4c:03:d8:42:9e:a3:5c:76:f8:15:dc:fc:67:0a:
34:57:8f:1c:b9:00:ea:b0:0e:b4:b9:a3:fd:d7:6d:
6e:0a:65:e2:e3:94:31:e5:c6:99:c2:0c:02:2d:ba:
00:bd:d6:ff:96:13:1f:c7:c1:05:51:d1:63:7b:b2:
2f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3A:AA:67:C1:19:2F:90:95:6E:7F:62:0F:19:B5:80:CA:1B:6E:D4
X509v3 Authority Key Identifier:
keyid:EB:78:35:8A:6A:97:D1:9B:2F:5A:FF:F1:CF:C7:93:FB:B4:EA:FC:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/cTqqZ8EZL5CVbn9iDxm1gMobbtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.1.0-31.204.63.255
Signature Algorithm: sha256WithRSAEncryption
d0:1e:1c:98:fb:13:47:29:c4:3a:7a:02:1f:96:14:7b:d8:e6:
82:46:c1:09:81:9f:ec:40:c9:05:6b:00:51:67:54:38:01:44:
31:7a:b8:cc:16:10:fb:98:c4:62:54:fc:79:95:4a:93:1d:1f:
50:20:fa:2f:f2:e4:4d:47:40:52:bc:41:c8:66:f1:49:2f:53:
91:d9:11:fb:c1:82:e6:c7:84:0d:a4:24:19:44:af:05:05:45:
53:3e:0d:9e:c0:6c:af:48:dd:48:d7:3f:09:e9:a9:78:c7:5e:
e9:f7:bc:ac:55:34:33:af:9b:46:30:52:fe:69:9f:25:1a:bc:
1c:c3:10:f0:40:9a:f9:4b:bb:ad:61:33:31:d4:ec:c9:65:10:
d3:89:f3:9f:f2:b8:54:8a:47:d4:9b:39:11:ae:dc:a4:de:15:
a0:57:39:1e:55:19:b1:75:cd:c5:c3:f2:a3:50:9b:de:26:9c:
1a:ee:9b:51:07:bc:38:6d:ff:dd:03:68:85:c0:52:20:08:67:
61:1c:bd:a2:15:d6:6c:6f:7e:4b:0b:75:97:df:cb:c5:d9:44:
f5:2a:fc:19:3a:50:90:f3:de:7b:2f:9e:df:95:62:0b:d9:55:
b4:df:dd:ff:bd:65:81:f4:f0:98:78:6b:e8:5e:d0:0d:9a:4e:
62:1b:b4:c4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZhVEv6+dWWr5U5UVkkag5DrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNzgzNThhNmE5N2QxOWIyZjVhZmZmMWNmYzc5M2ZiYjRl
YWZjOWQwHhcNMjUwNzI5MDcyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTNhYWE2N2MxMTkyZjkwOTU2ZTdmNjIwZjE5YjU4MGNhMWI2ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnCwozzKgoLai9OwNddWUiBmqH+c
qpL/kTc/d5Nir02r8OQtgg0CEiDzYK8fNojpBZbqdZDNazhnVG9c15o/vBTSJuHJ
+P5WKLjSWA1ylJ+TpQdMM4/LkCDbhD5HITuEFu64aqUogYIa+p4MYibhwVusqc6l
BK5DnUbGNhD4DgsJVJ0ubOyFjdnW3bHp9tNr3q7EvRNCJzXsxBV83klcHho2IUSB
BdncJSGtmUjGY+lYi1sCj2sCg2cU6Z77vbLX1F6LTAPYQp6jXHb4Fdz8Zwo0V48c
uQDqsA60uaP9121uCmXi45Qx5caZwgwCLboAvdb/lhMfx8EFUdFje7IvdQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHE6qmfBGS+QlW5/Yg8ZtYDKG27UMB8GA1UdIwQY
MBaAFOt4NYpql9GbL1r/8c/Hk/u06vydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjNnMWltcVgwWnN2V3ZfeHo4ZVQtN1RxX0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NjhiNzUtNTk5NC00OGZiLWE4NWQt
NGE1ZWVkMWVlNWJjLzEvY1RxcVo4RVpMNUNWYm45aUR4bTFnTW9iYnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NjhiNzUtNTk5NC00OGZiLWE4NWQtNGE1ZWVkMWVlNWJj
LzEvNjNnMWltcVgwWnN2V3ZfeHo4ZVQtN1RxX0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAfzAED
BAYfzAAwDQYJKoZIhvcNAQELBQADggEBANAeHJj7E0cpxDp6Ah+WFHvY5oJGwQmB
n+xAyQVrAFFnVDgBRDF6uMwWEPuYxGJU/HmVSpMdH1Ag+i/y5E1HQFK8Qchm8Ukv
U5HZEfvBgubHhA2kJBlErwUFRVM+DZ7AbK9I3UjXPwnpqXjHXun3vKxVNDOvm0Yw
Uv5pnyUavBzDEPBAmvlLu61hMzHU7MllENOJ85/yuFSKR9SbORGu3KTeFaBXOR5V
GbF1zcXD8qNQm94mnBrum1EHvDht/90DaIXAUiAIZ2EcvaIV1mxvfksLdZffy8XZ
RPUq/Bk6UJDz3nsvnt+VYgvZVbTf3f+9ZYH08Jh4a+he0A2aTmIbtMQ=
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:09:56 2025 by rpki-client