Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/arnRM2lSkUGUCk_xO-cIc8RCuRY.roa
File: arnRM2lSkUGUCk_xO-cIc8RCuRY.roa (raw, json)
Hash identifier: boEE4wT0kwQUB6JKZ1jq/E9huR7syRrDn9qtNkdgQ1o=
Subject key identifier: 6A:B9:D1:33:69:52:91:41:94:0A:4F:F1:3B:E7:08:73:C4:42:B9:16
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0199CE9B1780C856BC2377F7C265248345FD
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/arnRM2lSkUGUCk_xO-cIc8RCuRY.roa
Signing time: Fri 10 Oct 2025 14:51:34 +0000
ROA not before: Fri 10 Oct 2025 14:51:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
195.203.156.0/22 maxlen: 22
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:7::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:127::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:197::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:227::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:247::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
2a03:5000:271::/48 maxlen: 48
2a03:5000:272::/48 maxlen: 48
2a03:5000:291::/48 maxlen: 48
2a03:5000:292::/48 maxlen: 48
2a03:5000:311::/48 maxlen: 48
2a03:5000:312::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:9b:17:80:c8:56:bc:23:77:f7:c2:65:24:83:45:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Oct 10 14:51:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ab9d13369529141940a4ff13be70873c442b916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4d:66:5b:f8:f7:32:ca:6c:a8:c2:0e:d1:4e:
7f:fc:4b:43:4b:36:19:c3:ed:30:ea:49:11:ae:16:
4a:ad:85:f3:d8:8d:d1:52:1d:1b:0a:36:e0:fc:6b:
f1:9a:59:19:5b:1c:8e:8b:c6:07:42:34:e3:1d:42:
d8:62:9a:00:a1:c8:ed:ab:d8:01:b4:cf:e8:e8:bc:
0a:62:50:65:c9:53:3a:ea:2c:a6:62:55:5a:df:66:
82:ed:6a:ac:b3:21:87:cc:94:ff:c0:13:0f:8c:b0:
9f:ee:f5:b5:8e:cb:23:01:55:1d:85:e4:1d:d6:bb:
e1:ac:ec:e5:fc:9a:24:6a:f4:2b:1d:30:70:f9:14:
2e:83:28:42:fd:ea:d7:2a:4d:97:51:30:aa:eb:7c:
98:55:8c:ca:f8:5f:f7:0e:92:bc:c4:35:3f:fc:c1:
d4:1b:e1:1d:48:6f:60:4a:59:20:d7:2d:11:86:41:
d5:6f:85:e1:fb:a2:94:64:e3:6b:e0:83:d2:9a:ae:
33:0d:47:b7:82:87:8f:4f:1e:c2:05:55:25:f3:ee:
46:f9:87:33:8f:ee:fa:75:86:ad:dc:00:19:c3:69:
39:34:4d:c6:04:cc:66:60:e9:25:65:08:14:94:7f:
f2:b4:b9:bc:45:44:ae:56:01:70:0a:36:75:d5:7d:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B9:D1:33:69:52:91:41:94:0A:4F:F1:3B:E7:08:73:C4:42:B9:16
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/arnRM2lSkUGUCk_xO-cIc8RCuRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0-217.27.4.255
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:7::/48
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:127::/48
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:197::/48
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:227::/48
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:247::/48
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
2a03:5000:271::-2a03:5000:272:ffff:ffff:ffff:ffff:ffff
2a03:5000:291::-2a03:5000:292:ffff:ffff:ffff:ffff:ffff
2a03:5000:311::-2a03:5000:312:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:b4:12:d1:8b:9e:2a:56:a1:e7:ab:0f:ef:ba:b8:3c:98:5c:
6c:ff:85:22:a3:c5:be:e0:9e:d6:02:d3:11:e8:56:74:5b:9d:
88:c8:30:a9:07:84:d6:8d:3f:72:8b:17:a3:59:d9:d0:69:d1:
40:48:72:4c:64:cc:65:ae:8b:e9:a8:c6:4b:fc:aa:64:03:48:
a3:a8:72:8e:c7:21:cc:83:4b:cf:c3:c9:78:c4:67:a6:d5:15:
8e:e9:6c:1a:f6:07:b9:95:bd:32:57:49:22:fa:d4:90:c2:58:
de:4c:a5:27:4f:97:b9:27:1c:49:de:c8:18:ef:c2:de:3c:fa:
eb:57:2b:12:17:94:90:42:91:0e:c9:7b:61:75:38:ed:3f:d4:
11:d9:fc:76:72:e3:9b:81:da:d6:79:ac:fc:f8:72:5b:76:9c:
c7:dc:0a:38:b8:3d:90:e2:49:12:09:ec:25:d8:b5:ea:14:8f:
41:0e:da:5a:77:00:59:54:2b:cc:66:5f:02:71:e6:52:fb:29:
23:e8:96:06:e8:7e:72:8a:92:09:03:01:fa:ac:ca:6f:86:f3:
4a:06:c3:d3:03:2f:83:6b:6f:69:6b:8a:d4:b0:ec:21:4d:de:
cf:65:23:c6:ce:50:9f:1a:ae:64:ef:00:e4:43:b9:75:6d:b8:
ee:f9:82:22
-----BEGIN CERTIFICATE-----
MIIHnTCCBoWgAwIBAgISAZnOmxeAyFa8I3f3wmUkg0X9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUxMDEwMTQ1MTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWI5ZDEzMzY5NTI5MTQxOTQwYTRmZjEzYmU3MDg3M2M0NDJiOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk01mW/j3MspsqMIO0U5//EtDSzYZ
w+0w6kkRrhZKrYXz2I3RUh0bCjbg/GvxmlkZWxyOi8YHQjTjHULYYpoAocjtq9gB
tM/o6LwKYlBlyVM66iymYlVa32aC7WqssyGHzJT/wBMPjLCf7vW1jssjAVUdheQd
1rvhrOzl/JokavQrHTBw+RQugyhC/erXKk2XUTCq63yYVYzK+F/3DpK8xDU//MHU
G+EdSG9gSlkg1y0RhkHVb4Xh+6KUZONr4IPSmq4zDUe3goePTx7CBVUl8+5G+Ycz
j+76dYat3AAZw2k5NE3GBMxmYOklZQgUlH/ytLm8RUSuVgFwCjZ11X3CPQIDAQAB
o4IEqTCCBKUwHQYDVR0OBBYEFGq50TNpUpFBlApP8TvnCHPEQrkWMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvYXJuUk0ybFNrVUdVQ2tfeE8tY0ljOFJDdVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICvQYIKwYBBQUHAQcBAf8EggKsMIICqDApBAIAATAjAwMA
lfoDBADAbewDAwDDyzALAwMA2RsDBADZGwQDBAHZGwYwggJ5BAIAAjCCAnEwEgMH
ACoDUAAAAQMHACoDUAAAAgMHACoDUAAABzASAwcAKgNQAAARAwcAKgNQAAASMBID
BwUqA1AAACADBwAqA1AAACIwEgMHBCoDUAAAMAMHACoDUAAAMjASAwcAKgNQAABB
AwcAKgNQAABCMBIDBwAqA1AAAFEDBwAqA1AAAFIwEgMHACoDUAAAYQMHACoDUAAA
YjASAwcAKgNQAABxAwcAKgNQAAByMBIDBwAqA1AAAIEDBwAqA1AAAIIwEgMHACoD
UAAAkQMHACoDUAAAkjASAwcAKgNQAAEBAwcAKgNQAAECMBIDBwAqA1AAAREDBwAq
A1AAARIwEgMHACoDUAABIQMHACoDUAABIgMHACoDUAABJzASAwcAKgNQAAExAwcA
KgNQAAEyMBIDBwAqA1AAAUEDBwAqA1AAAUIwEgMHACoDUAABUQMHACoDUAABUjAS
AwcAKgNQAAFhAwcAKgNQAAFiMBIDBwAqA1AAAXEDBwAqA1AAAXIwEgMHACoDUAAB
gQMHACoDUAABgjASAwcAKgNQAAGRAwcAKgNQAAGSAwcAKgNQAAGXMBIDBwAqA1AA
AgEDBwAqA1AAAgIwEgMHACoDUAACEQMHACoDUAACEjASAwcAKgNQAAIhAwcAKgNQ
AAIiAwcAKgNQAAInMBIDBwAqA1AAAjEDBwAqA1AAAjIwEgMHACoDUAACQQMHACoD
UAACQgMHACoDUAACRzASAwcAKgNQAAJRAwcAKgNQAAJSMBIDBwAqA1AAAnEDBwAq
A1AAAnIwEgMHACoDUAACkQMHACoDUAACkjASAwcAKgNQAAMRAwcAKgNQAAMSMA0G
CSqGSIb3DQEBCwUAA4IBAQCStBLRi54qVqHnqw/vurg8mFxs/4Uio8W+4J7WAtMR
6FZ0W52IyDCpB4TWjT9yixejWdnQadFASHJMZMxlrovpqMZL/KpkA0ijqHKOxyHM
g0vPw8l4xGem1RWO6Wwa9ge5lb0yV0ki+tSQwljeTKUnT5e5JxxJ3sgY78LePPrr
VysSF5SQQpEOyXthdTjtP9QR2fx2cuObgdrWeaz8+HJbdpzH3Ao4uD2Q4kkSCewl
2LXqFI9BDtpadwBZVCvMZl8CceZS+ykj6JYG6H5yipIJAwH6rMpvhvNKBsPTAy+D
a29pa4rUsOwhTd7PZSPGzlCfGq5k7wDkQ7l1bbju+YIi
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:44 2025 by rpki-client