Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/RvNLAe_RSP56uzDHYQxY7j2RYDA.roa
File:                     RvNLAe_RSP56uzDHYQxY7j2RYDA.roa (raw, json)
Hash identifier:          138Cifhmc2WWQk/qLf2plQLxN1qV8R840l4XB+Ds6Qg=
Subject key identifier:   46:F3:4B:01:EF:D1:48:FE:7A:BB:30:C7:61:0C:58:EE:3D:91:60:30
Certificate issuer:       /CN=6a0e16cc2a8b91cb483f451e813b678ae97582b0
Certificate serial:       019F236841E2A2E32E74484F4772212EEBEE
Authority key identifier: 6A:0E:16:CC:2A:8B:91:CB:48:3F:45:1E:81:3B:67:8A:E9:75:82:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ag4WzCqLkctIP0UegTtniul1grA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/RvNLAe_RSP56uzDHYQxY7j2RYDA.roa
Signing time:             Thu 02 Jul 2026 15:17:42 +0000
ROA not before:           Thu 02 Jul 2026 15:17:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3320
IP address blocks:        86.110.57.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/ag4WzCqLkctIP0UegTtniul1grA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/ag4WzCqLkctIP0UegTtniul1grA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ag4WzCqLkctIP0UegTtniul1grA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 Jul 2026 03:02:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:41:e2:a2:e3:2e:74:48:4f:47:72:21:2e:eb:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a0e16cc2a8b91cb483f451e813b678ae97582b0
        Validity
            Not Before: Jul  2 15:17:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=46f34b01efd148fe7abb30c7610c58ee3d916030
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:24:01:cd:8f:19:16:56:73:24:9d:55:e5:bd:
                    4c:cd:43:f4:a9:25:55:7a:10:c5:6a:a1:d0:5e:5c:
                    70:ef:a2:6b:e5:ee:29:18:b6:43:16:74:87:82:b5:
                    2f:2d:eb:33:c3:a5:dd:89:d5:5f:04:d7:3e:60:80:
                    f3:11:af:98:28:7f:96:01:0c:e5:d2:20:7e:d4:37:
                    3f:e6:62:aa:3e:a3:89:df:56:db:da:05:21:30:3e:
                    d3:cd:90:2a:8b:86:20:07:83:4c:2a:33:77:69:e2:
                    c1:da:f2:fe:ab:26:e5:fd:58:42:4f:0d:9c:70:2b:
                    02:47:37:91:d7:8d:e0:c1:61:8f:25:e3:0e:2f:0a:
                    64:19:79:16:0a:a0:6e:4e:0c:04:05:5e:f5:8c:5d:
                    0d:ba:71:01:25:8a:bc:6f:92:a8:b9:e9:b5:fd:44:
                    1b:54:e2:de:93:23:46:05:4b:2e:ef:56:70:45:19:
                    2c:fa:ba:4e:22:c7:0c:f4:85:c1:d0:39:ed:42:d7:
                    d9:8a:06:a7:08:46:e3:52:2a:ba:0a:de:5e:1c:4a:
                    7a:a4:9d:6a:2f:c8:a6:87:ac:14:5f:b7:c0:83:f3:
                    ae:27:59:9c:bb:c4:b5:9a:fc:cf:55:9a:8b:86:24:
                    fa:ff:1b:d3:57:9d:9a:44:80:0c:ee:87:f9:e6:c7:
                    f4:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:F3:4B:01:EF:D1:48:FE:7A:BB:30:C7:61:0C:58:EE:3D:91:60:30
            X509v3 Authority Key Identifier:
                keyid:6A:0E:16:CC:2A:8B:91:CB:48:3F:45:1E:81:3B:67:8A:E9:75:82:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ag4WzCqLkctIP0UegTtniul1grA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/RvNLAe_RSP56uzDHYQxY7j2RYDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/ag4WzCqLkctIP0UegTtniul1grA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.110.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:0c:38:22:0b:33:5a:0d:57:b5:58:4b:72:c8:f8:b4:23:10:
         86:f1:2f:00:e8:5f:e0:e4:5b:32:79:e2:08:8e:c6:54:c9:55:
         dc:eb:82:7c:5d:e7:bf:d6:0b:79:de:d2:18:5d:d0:76:9f:de:
         0d:40:50:03:f5:6f:cf:d0:dd:d5:8f:62:6e:ae:af:fe:b0:e4:
         f1:38:44:19:32:d9:40:83:70:01:d0:c1:64:3f:bd:a8:f9:ff:
         5d:cc:11:fd:3d:b2:db:9c:e3:ad:81:d9:ad:a6:81:6d:4f:f7:
         15:6a:db:f9:9c:c0:9b:46:7b:6f:fb:53:14:ba:89:f3:cf:83:
         cb:10:cf:32:4c:08:b9:ae:39:0c:24:d9:6d:cc:8b:bc:dd:da:
         1e:c4:cb:bb:b2:29:19:0d:95:c3:ed:0e:fc:b0:f9:2c:f4:0e:
         53:8e:c0:2b:4d:47:e6:33:0e:0b:8d:05:54:48:c1:84:7a:f8:
         b1:3a:e1:1f:1a:c8:a6:41:16:cb:0a:7e:9b:ca:ef:c9:e2:cc:
         7e:0d:42:4c:8a:35:a1:5d:dd:27:20:b0:bd:b5:84:0c:da:ba:
         84:d5:b7:ed:f3:52:17:54:5d:35:db:9f:69:e7:28:c2:75:ca:
         23:19:a6:97:b6:54:24:39:00:11:07:c7:e9:d9:15:d4:c5:06:
         64:a4:ff:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaEHiouMudEhPR3IhLuvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGUxNmNjMmE4YjkxY2I0ODNmNDUxZTgxM2I2NzhhZTk3
NTgyYjAwHhcNMjYwNzAyMTUxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmYzNGIwMWVmZDE0OGZlN2FiYjMwYzc2MTBjNThlZTNkOTE2MDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyQBzY8ZFlZzJJ1V5b1MzUP0qSVV
ehDFaqHQXlxw76Jr5e4pGLZDFnSHgrUvLeszw6XdidVfBNc+YIDzEa+YKH+WAQzl
0iB+1Dc/5mKqPqOJ31bb2gUhMD7TzZAqi4YgB4NMKjN3aeLB2vL+qybl/VhCTw2c
cCsCRzeR143gwWGPJeMOLwpkGXkWCqBuTgwEBV71jF0NunEBJYq8b5Kouem1/UQb
VOLekyNGBUsu71ZwRRks+rpOIscM9IXB0DntQtfZiganCEbjUiq6Ct5eHEp6pJ1q
L8imh6wUX7fAg/OuJ1mcu8S1mvzPVZqLhiT6/xvTV52aRIAM7of55sf0jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbzSwHv0Uj+erswx2EMWO49kWAwMB8GA1UdIwQY
MBaAFGoOFswqi5HLSD9FHoE7Z4rpdYKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWc0V3pDcUxrY3RJUDBVZWdUdG5pdWwxZ3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvUnZOTEFlX1JTUDU2dXpESFlReFk3ajJSWURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvYWc0V3pDcUxrY3RJUDBVZWdUdG5pdWwxZ3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm45MA0G
CSqGSIb3DQEBCwUAA4IBAQB9DDgiCzNaDVe1WEtyyPi0IxCG8S8A6F/g5FsyeeII
jsZUyVXc64J8Xee/1gt53tIYXdB2n94NQFAD9W/P0N3Vj2Jurq/+sOTxOEQZMtlA
g3AB0MFkP72o+f9dzBH9PbLbnOOtgdmtpoFtT/cVatv5nMCbRntv+1MUuonzz4PL
EM8yTAi5rjkMJNltzIu83doexMu7sikZDZXD7Q78sPks9A5TjsArTUfmMw4LjQVU
SMGEevixOuEfGsimQRbLCn6byu/J4sx+DUJMijWhXd0nILC9tYQM2rqE1bft81IX
VF01259p5yjCdcojGaaXtlQkOQARB8fp2RXUxQZkpP/z
-----END CERTIFICATE-----
Generated at Sat Jul 4 09:18:20 2026 by rpki-client