Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/DwPSTi5dIPTLM8ktf-sdtoXF7qI.roa
File: DwPSTi5dIPTLM8ktf-sdtoXF7qI.roa (raw, json)
Hash identifier: P8iiPec0Zpi09SNtPrSeFAi8fwt9MnKZ4qvy9bGC1D0=
Subject key identifier: 0F:03:D2:4E:2E:5D:20:F4:CB:33:C9:2D:7F:EB:1D:B6:85:C5:EE:A2
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0199CE9B17FD82A44A49B8148509EFCD4889
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/DwPSTi5dIPTLM8ktf-sdtoXF7qI.roa
Signing time: Fri 10 Oct 2025 14:51:34 +0000
ROA not before: Fri 10 Oct 2025 14:51:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
195.203.156.0/22 maxlen: 22
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:7::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:127::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:197::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:227::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:247::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
2a03:5000:271::/48 maxlen: 48
2a03:5000:272::/48 maxlen: 48
2a03:5000:291::/48 maxlen: 48
2a03:5000:292::/48 maxlen: 48
2a03:5000:311::/48 maxlen: 48
2a03:5000:312::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:9b:17:fd:82:a4:4a:49:b8:14:85:09:ef:cd:48:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Oct 10 14:51:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f03d24e2e5d20f4cb33c92d7feb1db685c5eea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:25:38:8b:eb:ba:45:89:c0:b5:e8:3b:b8:
10:3a:6a:21:0a:f8:02:1e:32:af:40:6c:00:56:92:
22:95:a8:3b:9d:dd:4b:6d:49:b4:0c:23:7c:23:05:
de:0f:50:0e:b7:fd:bb:a9:98:4a:68:b8:23:7b:c3:
24:45:a3:c4:ed:03:79:eb:b1:2a:d8:35:d5:58:6c:
9d:60:f4:cd:9f:ae:7e:58:cf:54:fa:8f:22:78:8d:
4a:9a:ba:be:94:32:2a:75:43:76:8b:d3:cd:58:d2:
85:65:47:da:55:42:f4:2b:46:2d:cf:d4:48:e7:58:
ab:c1:e5:f2:bd:cc:7f:ef:c6:a0:1b:df:c3:2f:57:
cd:c0:89:e2:69:bc:92:1c:ee:3a:51:81:b3:c1:e9:
1e:8d:ee:39:7f:de:dc:5f:f2:5b:bf:19:a8:06:fa:
05:f6:b7:c8:5a:2f:a4:71:23:de:f8:96:9e:d4:4c:
c9:a7:a8:b7:37:7e:5d:d1:f1:38:85:5e:82:3d:17:
10:b5:88:f4:0f:d3:93:c6:11:5d:5d:5f:42:4f:10:
e2:af:7b:96:ca:e2:62:ff:ea:e9:a2:35:27:9e:85:
76:61:61:fe:7c:33:24:77:96:8f:e3:58:16:e0:c3:
5a:91:cd:34:92:75:3a:78:23:2b:b9:95:bb:40:7c:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:03:D2:4E:2E:5D:20:F4:CB:33:C9:2D:7F:EB:1D:B6:85:C5:EE:A2
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/DwPSTi5dIPTLM8ktf-sdtoXF7qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0-217.27.4.255
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:7::/48
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:127::/48
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:197::/48
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:227::/48
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:247::/48
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
2a03:5000:271::-2a03:5000:272:ffff:ffff:ffff:ffff:ffff
2a03:5000:291::-2a03:5000:292:ffff:ffff:ffff:ffff:ffff
2a03:5000:311::-2a03:5000:312:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
be:b2:de:76:c6:e9:4d:ed:67:89:f0:68:da:ce:3b:0a:a9:c1:
7f:c6:0f:f5:68:c9:3b:dd:06:55:10:ca:a3:25:fb:21:03:fa:
54:23:bc:6d:b5:8a:ab:f0:50:51:7d:63:cd:b8:87:5c:43:9e:
1b:02:13:5c:4b:32:11:7c:7d:bc:4d:09:0c:9e:e6:91:ae:fe:
62:e2:05:67:8d:39:7b:84:da:6a:10:f4:94:f2:0b:6e:59:f6:
74:92:8c:b4:bb:b5:5a:fe:2a:2b:a4:3b:69:54:14:70:2b:8e:
94:1d:18:fe:d1:3d:b0:42:68:58:d1:21:d2:2b:f8:1f:a5:7d:
68:5c:c0:2d:5d:fa:fc:7b:2c:9d:ca:e3:87:ba:ee:80:d6:3e:
7d:bb:c9:e5:4b:be:78:59:e4:49:f7:58:f0:a4:0a:b7:8e:cd:
a7:e9:bb:fa:2b:f5:c2:60:19:97:84:11:3f:6d:30:53:8a:3d:
50:ac:85:97:72:84:89:6a:58:88:52:e7:ff:1a:b0:20:43:18:
60:b9:78:eb:52:51:4f:17:d9:e9:8d:64:f4:53:f3:c9:95:a6:
7e:7a:f1:ba:46:80:25:8a:ae:f7:df:88:db:39:03:dd:c0:05:
f6:72:39:68:0f:b8:0f:26:a7:93:8d:cf:ad:b9:69:6e:d8:8b:
e1:c5:58:b1
-----BEGIN CERTIFICATE-----
MIIHnTCCBoWgAwIBAgISAZnOmxf9gqRKSbgUhQnvzUiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUxMDEwMTQ1MTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjAzZDI0ZTJlNWQyMGY0Y2IzM2M5MmQ3ZmViMWRiNjg1YzVlZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5clOIvrukWJwLXoO7gQOmohCvgC
HjKvQGwAVpIilag7nd1LbUm0DCN8IwXeD1AOt/27qZhKaLgje8MkRaPE7QN567Eq
2DXVWGydYPTNn65+WM9U+o8ieI1Kmrq+lDIqdUN2i9PNWNKFZUfaVUL0K0Ytz9RI
51irweXyvcx/78agG9/DL1fNwIniabySHO46UYGzwekeje45f97cX/JbvxmoBvoF
9rfIWi+kcSPe+Jae1EzJp6i3N35d0fE4hV6CPRcQtYj0D9OTxhFdXV9CTxDir3uW
yuJi/+rpojUnnoV2YWH+fDMkd5aP41gW4MNakc00knU6eCMruZW7QHzzlwIDAQAB
o4IEqTCCBKUwHQYDVR0OBBYEFA8D0k4uXSD0yzPJLX/rHbaFxe6iMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvRHdQU1RpNWRJUFRMTThrdGYtc2R0b1hGN3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICvQYIKwYBBQUHAQcBAf8EggKsMIICqDApBAIAATAjAwMA
lfoDBADAbewDAwDDyzALAwMA2RsDBADZGwQDBAHZGwYwggJ5BAIAAjCCAnEwEgMH
ACoDUAAAAQMHACoDUAAAAgMHACoDUAAABzASAwcAKgNQAAARAwcAKgNQAAASMBID
BwUqA1AAACADBwAqA1AAACIwEgMHBCoDUAAAMAMHACoDUAAAMjASAwcAKgNQAABB
AwcAKgNQAABCMBIDBwAqA1AAAFEDBwAqA1AAAFIwEgMHACoDUAAAYQMHACoDUAAA
YjASAwcAKgNQAABxAwcAKgNQAAByMBIDBwAqA1AAAIEDBwAqA1AAAIIwEgMHACoD
UAAAkQMHACoDUAAAkjASAwcAKgNQAAEBAwcAKgNQAAECMBIDBwAqA1AAAREDBwAq
A1AAARIwEgMHACoDUAABIQMHACoDUAABIgMHACoDUAABJzASAwcAKgNQAAExAwcA
KgNQAAEyMBIDBwAqA1AAAUEDBwAqA1AAAUIwEgMHACoDUAABUQMHACoDUAABUjAS
AwcAKgNQAAFhAwcAKgNQAAFiMBIDBwAqA1AAAXEDBwAqA1AAAXIwEgMHACoDUAAB
gQMHACoDUAABgjASAwcAKgNQAAGRAwcAKgNQAAGSAwcAKgNQAAGXMBIDBwAqA1AA
AgEDBwAqA1AAAgIwEgMHACoDUAACEQMHACoDUAACEjASAwcAKgNQAAIhAwcAKgNQ
AAIiAwcAKgNQAAInMBIDBwAqA1AAAjEDBwAqA1AAAjIwEgMHACoDUAACQQMHACoD
UAACQgMHACoDUAACRzASAwcAKgNQAAJRAwcAKgNQAAJSMBIDBwAqA1AAAnEDBwAq
A1AAAnIwEgMHACoDUAACkQMHACoDUAACkjASAwcAKgNQAAMRAwcAKgNQAAMSMA0G
CSqGSIb3DQEBCwUAA4IBAQC+st52xulN7WeJ8GjazjsKqcF/xg/1aMk73QZVEMqj
JfshA/pUI7xttYqr8FBRfWPNuIdcQ54bAhNcSzIRfH28TQkMnuaRrv5i4gVnjTl7
hNpqEPSU8gtuWfZ0koy0u7Va/iorpDtpVBRwK46UHRj+0T2wQmhY0SHSK/gfpX1o
XMAtXfr8eyydyuOHuu6A1j59u8nlS754WeRJ91jwpAq3js2n6bv6K/XCYBmXhBE/
bTBTij1QrIWXcoSJaliIUuf/GrAgQxhguXjrUlFPF9npjWT0U/PJlaZ+evG6RoAl
iq7334jbOQPdwAX2cjloD7gPJqeTjc+tuWlu2IvhxVix
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:09 2025 by rpki-client