Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/DMHspTa-m7YS1bn5e9JmcIJBzcE.roa
File: DMHspTa-m7YS1bn5e9JmcIJBzcE.roa (raw, json)
Hash identifier: Tguv/ZlkRRgsKXeIni29cWwqnVhv5X7wO7u2hzkn37U=
Subject key identifier: 0C:C1:EC:A5:36:BE:9B:B6:12:D5:B9:F9:7B:D2:66:70:82:41:CD:C1
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 01989E73FE7E922CAEDA81F4AE1D78C7854C
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/DMHspTa-m7YS1bn5e9JmcIJBzcE.roa
Signing time: Tue 12 Aug 2025 13:24:18 +0000
ROA not before: Tue 12 Aug 2025 13:24:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51088
IP address blocks: 5.10.192.0/24 maxlen: 24
31.41.255.0/24 maxlen: 24
31.134.200.0/21 maxlen: 21
46.244.0.0/21 maxlen: 24
46.244.8.0/22 maxlen: 24
46.244.12.0/23 maxlen: 24
46.244.14.0/23 maxlen: 24
46.244.16.0/23 maxlen: 24
46.244.20.0/24 maxlen: 24
46.244.21.0/24 maxlen: 24
46.244.22.0/24 maxlen: 24
46.244.23.0/24 maxlen: 24
46.244.24.0/22 maxlen: 24
46.244.28.0/24 maxlen: 24
46.244.29.0/24 maxlen: 24
46.244.30.0/24 maxlen: 24
46.244.31.0/24 maxlen: 24
46.244.100.0/22 maxlen: 24
46.244.104.0/22 maxlen: 24
46.244.112.0/23 maxlen: 24
46.244.120.0/23 maxlen: 24
46.244.122.0/23 maxlen: 24
46.244.124.0/23 maxlen: 24
46.244.126.0/24 maxlen: 24
46.244.127.0/24 maxlen: 24
62.3.55.0/24 maxlen: 24
146.19.97.0/24 maxlen: 24
178.249.152.0/21 maxlen: 21
185.51.52.0/23 maxlen: 23
185.205.52.0/22 maxlen: 22
212.24.126.0/24 maxlen: 24
2a02:1668::/32 maxlen: 32
2a02:166a::/32 maxlen: 32
2a02:166b::/32 maxlen: 32
2a05:2900::/29 maxlen: 29
2a06:2600::/29 maxlen: 32
2a06:2600::/32 maxlen: 32
2a06:2602::/32 maxlen: 32
2a0a:e80::/29 maxlen: 29
2a0b:1c0::/29 maxlen: 29
2a0f:ba00::/29 maxlen: 29
2a13:800::/29 maxlen: 29
2a13:2c00::/29 maxlen: 29
2a13:3400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:73:fe:7e:92:2c:ae:da:81:f4:ae:1d:78:c7:85:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Aug 12 13:24:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cc1eca536be9bb612d5b9f97bd266708241cdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:07:8c:5b:2f:d6:27:6e:08:d0:9a:63:f0:18:
41:06:33:b6:58:2e:76:6b:71:6d:ed:f3:49:98:60:
c1:6b:14:9c:4c:69:92:48:1c:b6:41:5c:8c:cb:b2:
7d:8f:a8:d7:6d:33:2b:54:f7:b9:67:b0:aa:db:6c:
d8:4c:2e:fb:1f:76:95:24:c6:2c:13:b4:18:27:d9:
4f:f9:5f:a7:8f:5f:52:c5:7c:f6:de:f4:71:95:57:
4e:e8:d2:8f:3f:29:1b:3d:9c:31:e6:c5:dc:e6:64:
96:f5:50:69:27:ac:a1:58:52:b3:b6:1a:54:4a:57:
d0:bf:b6:8e:4c:a6:46:74:eb:de:cf:57:ef:f3:ed:
b4:86:33:f0:2a:d3:5b:9f:65:06:9a:1b:3e:fc:5a:
21:f2:0c:06:85:51:f8:73:0f:c5:8c:fd:fd:b6:a6:
fa:2c:4c:7c:90:aa:cb:df:58:72:b2:12:b5:a9:ff:
fe:ba:dc:27:cf:a3:08:a2:30:0e:5d:dc:93:ee:95:
a3:54:95:09:36:c5:ef:63:66:cc:36:6c:54:1c:e8:
e3:11:66:af:03:ca:48:7d:ac:65:95:56:d1:d3:0b:
3a:06:e1:6e:d9:67:bb:6f:e4:f9:92:3e:96:6f:4c:
1c:12:29:b4:d3:ca:01:0f:4d:a7:0e:8b:92:57:ac:
c9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C1:EC:A5:36:BE:9B:B6:12:D5:B9:F9:7B:D2:66:70:82:41:CD:C1
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/DMHspTa-m7YS1bn5e9JmcIJBzcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.192.0/24
31.41.255.0/24
31.134.200.0/21
46.244.0.0-46.244.17.255
46.244.20.0-46.244.31.255
46.244.100.0-46.244.107.255
46.244.112.0/23
46.244.120.0/21
62.3.55.0/24
146.19.97.0/24
178.249.152.0/21
185.51.52.0/23
185.205.52.0/22
212.24.126.0/24
IPv6:
2a02:1668::/32
2a02:166a::/31
2a05:2900::/29
2a06:2600::/29
2a0a:e80::/29
2a0b:1c0::/29
2a0f:ba00::/29
2a13:800::/29
2a13:2c00::/29
2a13:3400::/29
Signature Algorithm: sha256WithRSAEncryption
8c:4a:a0:83:e9:0c:20:b4:39:05:52:04:09:b3:91:ab:28:c8:
ac:61:a4:17:a8:9a:5c:88:32:42:c0:78:07:6f:8e:18:52:62:
a7:8a:b5:12:ba:31:c3:89:13:9b:6d:20:e8:15:3b:df:4a:51:
24:70:8c:23:3f:85:22:b2:80:92:96:fa:87:48:4a:8c:65:ed:
9a:57:6d:16:2a:c6:a4:29:45:d6:1b:89:24:30:0a:c4:de:a0:
fa:4e:a3:3d:67:09:60:e5:48:89:86:20:46:58:e0:61:2e:45:
03:ac:9c:0a:f1:f2:91:76:a6:69:d5:c2:a4:fa:86:67:bb:ec:
12:de:2c:c6:45:4b:82:9b:ed:46:b8:22:d0:1d:65:7b:0f:aa:
69:2e:67:3f:14:ce:48:a6:95:37:ee:d6:8f:92:af:c2:e5:ad:
e7:44:9e:ee:ae:84:2b:d9:12:39:9c:78:cb:c7:66:ec:ed:bb:
48:f9:ec:43:8a:02:d6:00:e8:c4:75:a7:c9:57:6e:c7:8d:2f:
3d:0f:eb:73:3c:83:eb:02:b6:81:17:25:e5:4f:55:90:11:34:
b7:54:e2:18:f6:13:6f:56:5d:d4:f5:c9:66:b6:e2:94:61:c3:
bb:af:41:b6:96:63:45:87:02:57:30:2c:84:46:15:c6:e7:9f:
f2:29:bc:93
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZiec/5+kiyu2oH0rh14x4VMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjUwODEyMTMyNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2MxZWNhNTM2YmU5YmI2MTJkNWI5Zjk3YmQyNjY3MDgyNDFjZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAeMWy/WJ24I0Jpj8BhBBjO2WC52
a3Ft7fNJmGDBaxScTGmSSBy2QVyMy7J9j6jXbTMrVPe5Z7Cq22zYTC77H3aVJMYs
E7QYJ9lP+V+nj19SxXz23vRxlVdO6NKPPykbPZwx5sXc5mSW9VBpJ6yhWFKzthpU
SlfQv7aOTKZGdOvez1fv8+20hjPwKtNbn2UGmhs+/Foh8gwGhVH4cw/FjP39tqb6
LEx8kKrL31hyshK1qf/+utwnz6MIojAOXdyT7pWjVJUJNsXvY2bMNmxUHOjjEWav
A8pIfaxllVbR0ws6BuFu2We7b+T5kj6Wb0wcEim008oBD02nDouSV6zJxQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFAzB7KU2vpu2EtW5+XvSZnCCQc3BMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvRE1Ic3BUYS1tN1lTMWJuNWU5Sm1jSUpCemNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTBxBAIAATBrAwQABQrA
AwQAHyn/AwQDH4bIMAsDAwIu9AMEAS70EDAMAwQCLvQUAwQFLvQAMAwDBAIu9GQD
BAIu9GgDBAEu9HADBAMu9HgDBAA+AzcDBACSE2EDBAOy+ZgDBAG5MzQDBAK5zTQD
BADUGH4wTAQCAAIwRgMFACoCFmgDBQEqAhZqAwUDKgUpAAMFAyoGJgADBQMqCg6A
AwUDKgsBwAMFAyoPugADBQMqEwgAAwUDKhMsAAMFAyoTNAAwDQYJKoZIhvcNAQEL
BQADggEBAIxKoIPpDCC0OQVSBAmzkasoyKxhpBeomlyIMkLAeAdvjhhSYqeKtRK6
McOJE5ttIOgVO99KUSRwjCM/hSKygJKW+odISoxl7ZpXbRYqxqQpRdYbiSQwCsTe
oPpOoz1nCWDlSImGIEZY4GEuRQOsnArx8pF2pmnVwqT6hme77BLeLMZFS4Kb7Ua4
ItAdZXsPqmkuZz8UzkimlTfu1o+Sr8LlredEnu6uhCvZEjmceMvHZuztu0j57EOK
AtYA6MR1p8lXbseNLz0P63M8g+sCtoEXJeVPVZARNLdU4hj2E29WXdT1yWa24pRh
w7uvQbaWY0WHAlcwLIRGFcbnn/IpvJM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:16:21 2025 by rpki-client