Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/DFMQmamXY8KP4-va7usbXjlGlEo.roa
File: DFMQmamXY8KP4-va7usbXjlGlEo.roa (raw, json)
Hash identifier: fx5UdUFk/K5Ywascggz+vk7SyrVRgrnQmsBsJAgWyoY=
Subject key identifier: 0C:53:10:99:A9:97:63:C2:8F:E3:EB:DA:EE:EB:1B:5E:39:46:94:4A
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 019908CA8D94019644A987A19B360782C509
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/DFMQmamXY8KP4-va7usbXjlGlEo.roa
Signing time: Tue 02 Sep 2025 04:58:36 +0000
ROA not before: Tue 02 Sep 2025 04:58:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 31.7.16.0/20 maxlen: 20
46.182.112.0/21 maxlen: 21
62.142.0.0/16 maxlen: 16
62.148.192.0/19 maxlen: 19
62.216.96.0/19 maxlen: 19
62.240.64.0/19 maxlen: 19
62.248.128.0/17 maxlen: 17
77.109.192.0/18 maxlen: 18
80.81.160.0/19 maxlen: 19
80.88.176.0/20 maxlen: 20
80.186.0.0/16 maxlen: 16
80.248.96.0/19 maxlen: 19
81.197.0.0/16 maxlen: 16
81.209.0.0/17 maxlen: 17
82.103.192.0/18 maxlen: 18
82.118.192.0/19 maxlen: 19
82.141.64.0/18 maxlen: 18
82.215.192.0/18 maxlen: 18
83.245.128.0/17 maxlen: 17
84.230.0.0/15 maxlen: 15
85.76.0.0/14 maxlen: 14
85.156.0.0/16 maxlen: 16
85.157.0.0/16 maxlen: 16
85.217.0.0/17 maxlen: 17
88.112.0.0/14 maxlen: 14
91.152.0.0/13 maxlen: 13
94.22.0.0/16 maxlen: 16
109.163.248.0/21 maxlen: 21
109.232.80.0/21 maxlen: 21
139.97.0.0/16 maxlen: 16
178.251.56.0/21 maxlen: 21
192.77.120.0/22 maxlen: 22
192.102.36.0/24 maxlen: 24
192.102.37.0/24 maxlen: 24
192.102.38.0/24 maxlen: 24
192.102.39.0/24 maxlen: 24
192.102.40.0/24 maxlen: 24
192.102.41.0/24 maxlen: 24
192.102.42.0/24 maxlen: 24
192.102.49.0/24 maxlen: 24
192.102.50.0/24 maxlen: 24
192.126.1.0/24 maxlen: 24
192.126.23.0/24 maxlen: 24
192.126.24.0/24 maxlen: 24
192.126.35.0/24 maxlen: 24
192.126.44.0/24 maxlen: 24
192.126.46.0/24 maxlen: 24
192.163.32.0/19 maxlen: 19
192.163.64.0/18 maxlen: 18
192.163.128.0/19 maxlen: 19
192.175.45.0/24 maxlen: 24
193.64.0.0/15 maxlen: 15
193.66.0.0/16 maxlen: 16
193.94.0.0/16 maxlen: 16
193.184.0.0/15 maxlen: 15
193.199.0.0/16 maxlen: 16
193.229.0.0/16 maxlen: 16
194.86.0.0/16 maxlen: 16
194.136.0.0/16 maxlen: 16
194.157.0.0/16 maxlen: 16
194.188.0.0/16 maxlen: 16
194.211.0.0/16 maxlen: 16
194.240.0.0/15 maxlen: 15
195.16.192.0/19 maxlen: 19
195.74.0.0/19 maxlen: 19
195.170.128.0/19 maxlen: 19
195.197.0.0/16 maxlen: 16
195.218.64.0/19 maxlen: 19
195.236.0.0/15 maxlen: 15
195.238.192.0/19 maxlen: 19
195.255.0.0/16 maxlen: 16
212.38.224.0/20 maxlen: 20
212.38.240.0/24 maxlen: 24
212.38.241.0/24 maxlen: 24
212.38.242.0/24 maxlen: 24
212.38.243.0/24 maxlen: 24
212.38.244.0/24 maxlen: 24
212.50.192.0/19 maxlen: 19
212.54.0.0/19 maxlen: 19
212.63.0.0/19 maxlen: 19
212.226.0.0/16 maxlen: 16
212.246.0.0/16 maxlen: 16
213.130.224.0/19 maxlen: 19
213.161.32.0/19 maxlen: 19
213.169.0.0/19 maxlen: 19
213.192.128.0/18 maxlen: 18
213.250.64.0/18 maxlen: 18
217.24.96.0/20 maxlen: 20
217.25.96.0/20 maxlen: 20
217.77.192.0/20 maxlen: 20
217.152.0.0/16 maxlen: 16
2001:671::/48 maxlen: 48
2001:671:fc00::/40 maxlen: 40
2001:671:fd00::/40 maxlen: 40
2001:671:fe00::/40 maxlen: 40
2001:671:ff00::/40 maxlen: 40
2001:998::/29 maxlen: 32
2001:9f0::/29 maxlen: 29
2001:1658::/29 maxlen: 29
2a00:1dd0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:08:ca:8d:94:01:96:44:a9:87:a1:9b:36:07:82:c5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Sep 2 04:58:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c531099a99763c28fe3ebdaeeeb1b5e3946944a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:f4:37:8f:c3:ac:7c:59:ab:22:26:61:19:
06:cb:b0:27:cc:67:ac:1b:d5:df:88:f4:a0:ca:36:
77:b8:46:f9:2f:cd:0b:a8:fa:12:8a:45:09:8f:6d:
35:50:e2:0e:7b:50:e2:36:23:4a:0a:c6:18:2d:a8:
14:6f:bc:74:03:53:a8:08:3f:e4:43:c9:da:78:ed:
db:cf:85:e3:26:4f:76:16:3e:a8:0b:76:26:f6:f8:
bb:55:18:be:ed:6d:1e:76:95:7f:2a:e9:5f:ea:c8:
3f:fd:ec:92:11:a8:ab:8f:36:29:95:68:91:93:22:
bc:84:51:e6:30:bb:01:69:eb:d3:7b:fb:93:c5:11:
53:28:26:a7:67:07:b2:6e:ed:4f:0a:4e:34:43:78:
d4:50:62:10:73:00:f0:01:4c:87:92:c4:0c:5e:95:
85:99:5a:4c:49:4a:04:ee:4a:26:f2:40:19:29:80:
d6:a2:00:b4:7a:91:e6:46:06:c4:a5:45:fd:9b:be:
66:dd:9a:ba:df:f4:46:a8:56:48:7a:cf:fb:23:62:
7c:a6:ad:da:76:4e:0f:d7:6f:09:42:c9:b3:44:ab:
56:e8:5e:15:7a:2d:e0:76:7d:94:b9:a8:b4:ee:ae:
65:74:93:80:67:85:cd:a8:7e:3d:54:15:4d:25:1e:
60:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:53:10:99:A9:97:63:C2:8F:E3:EB:DA:EE:EB:1B:5E:39:46:94:4A
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/DFMQmamXY8KP4-va7usbXjlGlEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.16.0/20
46.182.112.0/21
62.142.0.0/16
62.148.192.0/19
62.216.96.0/19
62.240.64.0/19
62.248.128.0/17
77.109.192.0/18
80.81.160.0/19
80.88.176.0/20
80.186.0.0/16
80.248.96.0/19
81.197.0.0/16
81.209.0.0/17
82.103.192.0/18
82.118.192.0/19
82.141.64.0/18
82.215.192.0/18
83.245.128.0/17
84.230.0.0/15
85.76.0.0/14
85.156.0.0/15
85.217.0.0/17
88.112.0.0/14
91.152.0.0/13
94.22.0.0/16
109.163.248.0/21
109.232.80.0/21
139.97.0.0/16
178.251.56.0/21
192.77.120.0/22
192.102.36.0-192.102.42.255
192.102.49.0-192.102.50.255
192.126.1.0/24
192.126.23.0-192.126.24.255
192.126.35.0/24
192.126.44.0/24
192.126.46.0/24
192.163.32.0-192.163.159.255
192.175.45.0/24
193.64.0.0-193.66.255.255
193.94.0.0/16
193.184.0.0/15
193.199.0.0/16
193.229.0.0/16
194.86.0.0/16
194.136.0.0/16
194.157.0.0/16
194.188.0.0/16
194.211.0.0/16
194.240.0.0/15
195.16.192.0/19
195.74.0.0/19
195.170.128.0/19
195.197.0.0/16
195.218.64.0/19
195.236.0.0/15
195.238.192.0/19
195.255.0.0/16
212.38.224.0-212.38.244.255
212.50.192.0/19
212.54.0.0/19
212.63.0.0/19
212.226.0.0/16
212.246.0.0/16
213.130.224.0/19
213.161.32.0/19
213.169.0.0/19
213.192.128.0/18
213.250.64.0/18
217.24.96.0/20
217.25.96.0/20
217.77.192.0/20
217.152.0.0/16
IPv6:
2001:671::/48
2001:671:fc00::/38
2001:998::/29
2001:9f0::/29
2001:1658::/29
2a00:1dd0::/29
Signature Algorithm: sha256WithRSAEncryption
67:d7:a5:ab:3e:ed:51:6c:38:64:cf:05:7f:f0:b6:84:04:73:
8e:66:ec:dc:e8:1d:5c:3a:60:99:2c:a9:87:2c:da:55:41:cc:
29:7e:54:bd:86:f8:f1:4e:93:0e:86:fd:03:f5:5d:eb:69:da:
97:22:9a:fc:0e:df:78:d0:b6:da:77:b2:9c:70:8b:c6:f9:24:
ef:df:1e:04:0c:95:80:1e:df:43:83:06:03:d0:28:0d:35:6f:
38:fe:ca:62:9a:47:e5:98:24:a1:f2:56:30:20:86:05:09:aa:
0b:91:2e:d1:d0:44:ea:82:29:cb:ce:2f:3f:5d:70:23:d9:c9:
d3:5a:c5:10:8e:65:c8:46:b7:1e:4f:da:e6:c6:06:0e:50:70:
7e:9d:df:92:05:f8:4f:6a:41:6d:80:fd:fa:93:65:37:66:18:
26:e2:3d:ab:8e:5d:0b:5b:da:03:18:16:45:4e:d7:af:95:9f:
c7:88:d7:2f:dc:ca:33:34:b8:58:79:d6:dd:92:54:69:04:7c:
01:17:98:5b:ea:62:44:29:75:3c:72:1e:bb:7c:75:89:60:78:
6f:0f:0e:f3:d0:44:0b:8d:ab:09:a1:97:d1:c1:32:27:87:f6:
80:1f:db:fc:98:24:97:70:d8:6a:6b:28:d4:c5:df:ca:a2:3c:
a0:af:01:cc
-----BEGIN CERTIFICATE-----
MIIHBjCCBe6gAwIBAgISAZkIyo2UAZZEqYehmzYHgsUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUwOTAyMDQ1ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUzMTA5OWE5OTc2M2MyOGZlM2ViZGFlZWViMWI1ZTM5NDY5NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveD0N4/DrHxZqyImYRkGy7AnzGes
G9XfiPSgyjZ3uEb5L80LqPoSikUJj201UOIOe1DiNiNKCsYYLagUb7x0A1OoCD/k
Q8naeO3bz4XjJk92Fj6oC3Ym9vi7VRi+7W0edpV/Kulf6sg//eySEairjzYplWiR
kyK8hFHmMLsBaevTe/uTxRFTKCanZweybu1PCk40Q3jUUGIQcwDwAUyHksQMXpWF
mVpMSUoE7kom8kAZKYDWogC0epHmRgbEpUX9m75m3Zq63/RGqFZIes/7I2J8pq3a
dk4P128JQsmzRKtW6F4Vei3gdn2Uuai07q5ldJOAZ4XNqH49VBVNJR5gNwIDAQAB
o4IEEjCCBA4wHQYDVR0OBBYEFAxTEJmpl2PCj+Pr2u7rG145RpRKMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvREZNUW1hbVhZOEtQNC12YTd1c2JYamxHbEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICJgYIKwYBBQUHAQcBAf8EggIVMIICETCCAdgEAgABMIIB
0AMEBB8HEAMEAy62cAMDAD6OAwQFPpTAAwQFPthgAwQFPvBAAwQHPviAAwQGTW3A
AwQFUFGgAwQEUFiwAwMAULoDBAVQ+GADAwBRxQMEB1HRAAMEBlJnwAMEBVJ2wAME
BlKNQAMEBlLXwAMEB1P1gAMDAVTmAwMCVUwDAwFVnAMEB1XZAAMDAlhwAwMDW5gD
AwBeFgMEA22j+AMEA23oUAMDAIthAwQDsvs4AwQCwE14MAwDBALAZiQDBADAZiow
DAMEAMBmMQMEAMBmMgMEAMB+ATAMAwQAwH4XAwQAwH4YAwQAwH4jAwQAwH4sAwQA
wH4uMAwDBAXAoyADBAXAo4ADBADAry0wCgMDBsFAAwMAwUIDAwDBXgMDAcG4AwMA
wccDAwDB5QMDAMJWAwMAwogDAwDCnQMDAMK8AwMAwtMDAwHC8AMEBcMQwAMEBcNK
AAMEBcOqgAMDAMPFAwQFw9pAAwMBw+wDBAXD7sADAwDD/zAMAwQF1CbgAwQA1Cb0
AwQF1DLAAwQF1DYAAwQF1D8AAwMA1OIDAwDU9gMEBdWC4AMEBdWhIAMEBdWpAAME
BtXAgAMEBtX6QAMEBNkYYAMEBNkZYAMEBNlNwAMDANmYMDMEAgACMC0DBwAgAQZx
AAADBgIgAQZx/AMFAyABCZgDBQMgAQnwAwUDIAEWWAMFAyoAHdAwDQYJKoZIhvcN
AQELBQADggEBAGfXpas+7VFsOGTPBX/wtoQEc45m7NzoHVw6YJksqYcs2lVBzCl+
VL2G+PFOkw6G/QP1Xetp2pcimvwO33jQttp3spxwi8b5JO/fHgQMlYAe30ODBgPQ
KA01bzj+ymKaR+WYJKHyVjAghgUJqguRLtHQROqCKcvOLz9dcCPZydNaxRCOZchG
tx5P2ubGBg5QcH6d35IF+E9qQW2A/fqTZTdmGCbiPauOXQtb2gMYFkVO16+Vn8eI
1y/cyjM0uFh51t2SVGkEfAEXmFvqYkQpdTxyHrt8dYlgeG8PDvPQRAuNqwmhl9HB
MieH9oAf2/yYJJdw2GprKNTF38qiPKCvAcw=
-----END CERTIFICATE-----
Generated at Wed Sep 10 15:18:33 2025 by rpki-client