Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/E0YDnplsMhRv_5P7NeihdkPoCMI.roa
File:                     E0YDnplsMhRv_5P7NeihdkPoCMI.roa (raw, json)
Hash identifier:          0qJERKK5vYebRSf+uQVyPmCQWjwOOZWdknFX9IMADds=
Subject key identifier:   13:46:03:9E:99:6C:32:14:6F:FF:93:FB:35:E8:A1:76:43:E8:08:C2
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0197EA220AC323000CD2B61E026C80BF3F3A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/E0YDnplsMhRv_5P7NeihdkPoCMI.roa
Signing time:             Tue 08 Jul 2025 13:03:08 +0000
ROA not before:           Tue 08 Jul 2025 13:03:08 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     215081
IP address blocks:        82.115.0.0/24 maxlen: 24
                          178.173.240.0/24 maxlen: 24
                          188.253.9.0/24 maxlen: 24
                          193.36.73.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ea:22:0a:c3:23:00:0c:d2:b6:1e:02:6c:80:bf:3f:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jul  8 13:03:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1346039e996c32146fff93fb35e8a17643e808c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:84:46:be:38:1e:e4:9a:74:e8:a2:bc:49:95:
                    20:3f:fb:c4:d8:f1:4a:44:f0:c9:97:17:b9:c4:44:
                    81:ce:6e:1e:30:b7:74:3c:75:84:3e:f9:0b:f7:89:
                    89:17:9c:73:ba:f0:5e:be:a9:85:21:dd:f0:4d:2c:
                    de:c9:f0:b9:3b:0f:c1:fe:b0:3a:f2:fd:dc:db:3d:
                    04:69:a6:77:4e:5f:0a:5b:ee:d0:ca:f7:62:ce:8e:
                    0f:b7:ce:1c:5c:55:ce:81:16:4e:81:3f:da:38:b0:
                    c8:9a:b9:0a:3e:2e:c5:d0:1e:06:2a:d9:78:e2:19:
                    7c:a7:0b:1f:26:c1:e5:e0:6c:49:97:13:ba:34:d2:
                    6f:cd:c0:4e:80:c5:30:07:21:98:c8:66:bd:93:55:
                    b2:19:0c:37:43:ae:18:8f:c6:55:be:9a:e8:17:ca:
                    72:c7:75:19:20:53:ab:c2:fd:dc:e7:e0:f9:c2:c8:
                    08:d8:d0:92:0a:e4:33:42:2e:5c:33:08:3f:e8:0e:
                    7e:94:80:54:d5:c7:a5:7b:df:9f:87:18:aa:ef:0d:
                    9b:e7:86:98:5d:50:cd:37:f1:10:06:b6:b3:14:d3:
                    bf:da:87:74:60:e0:b4:fa:8e:b3:43:57:cd:fb:a0:
                    53:4a:c9:b2:ad:45:d6:69:98:f5:e6:da:d4:c3:24:
                    5b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:46:03:9E:99:6C:32:14:6F:FF:93:FB:35:E8:A1:76:43:E8:08:C2
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/E0YDnplsMhRv_5P7NeihdkPoCMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.0.0/24
                  178.173.240.0/24
                  188.253.9.0/24
                  193.36.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:48:0b:2e:bd:93:94:00:85:0d:fe:dd:a5:08:fe:ac:c8:43:
         cd:be:ac:64:9d:20:77:6b:7b:02:58:40:18:1d:f9:f1:de:0c:
         4e:18:1f:24:5b:e0:d2:a6:23:b2:01:24:41:55:6b:b1:9e:15:
         dc:d5:af:bd:cd:dd:e7:56:6d:ec:13:d7:ce:05:90:aa:7d:e5:
         2b:e1:95:31:ee:18:95:e0:76:54:ef:3a:2b:60:83:ad:bc:45:
         b0:61:ed:3c:b6:b7:88:d2:a9:b7:b6:6e:ba:d4:db:4e:d2:4f:
         64:3c:65:ad:74:7a:55:29:9d:95:95:e8:b6:94:68:ba:e6:d0:
         12:db:ac:52:54:64:f3:b3:7e:63:9a:b1:e5:4d:3f:92:5a:be:
         ad:b8:33:38:e2:b0:1c:e5:06:79:d2:4f:d8:06:34:21:92:95:
         43:5c:ab:91:0f:bc:93:49:3d:c4:d0:f8:b8:81:ac:1c:8c:ef:
         89:b4:f1:06:b4:7f:9b:a5:3e:f7:ea:32:45:8a:11:9e:2d:b2:
         ef:5e:09:6e:4f:91:c9:93:ff:70:c5:60:6b:a8:c5:dd:17:4c:
         30:c5:fe:88:38:35:01:e6:f0:ef:e7:27:cd:6c:f6:ac:d5:41:
         91:f8:70:3e:68:36:e2:4e:ec:d4:3e:62:8d:c4:3b:12:d5:ad:
         69:17:38:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfqIgrDIwAM0rYeAmyAvz86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNzA4MTMwMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQ2MDM5ZTk5NmMzMjE0NmZmZjkzZmIzNWU4YTE3NjQzZTgwOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYRGvjge5Jp06KK8SZUgP/vE2PFK
RPDJlxe5xESBzm4eMLd0PHWEPvkL94mJF5xzuvBevqmFId3wTSzeyfC5Ow/B/rA6
8v3c2z0EaaZ3Tl8KW+7Qyvdizo4Pt84cXFXOgRZOgT/aOLDImrkKPi7F0B4GKtl4
4hl8pwsfJsHl4GxJlxO6NNJvzcBOgMUwByGYyGa9k1WyGQw3Q64Yj8ZVvproF8py
x3UZIFOrwv3c5+D5wsgI2NCSCuQzQi5cMwg/6A5+lIBU1cele9+fhxiq7w2b54aY
XVDNN/EQBrazFNO/2od0YOC0+o6zQ1fN+6BTSsmyrUXWaZj15trUwyRbPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBNGA56ZbDIUb/+T+zXooXZD6AjCMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRTBZRG5wbHNNaFJ2XzVQN05laWhka1BvQ01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUnMAAwQA
sq3wAwQAvP0JAwQAwSRJMA0GCSqGSIb3DQEBCwUAA4IBAQCFSAsuvZOUAIUN/t2l
CP6syEPNvqxknSB3a3sCWEAYHfnx3gxOGB8kW+DSpiOyASRBVWuxnhXc1a+9zd3n
Vm3sE9fOBZCqfeUr4ZUx7hiV4HZU7zorYIOtvEWwYe08treI0qm3tm661NtO0k9k
PGWtdHpVKZ2Vlei2lGi65tAS26xSVGTzs35jmrHlTT+SWr6tuDM44rAc5QZ50k/Y
BjQhkpVDXKuRD7yTST3E0Pi4gawcjO+JtPEGtH+bpT736jJFihGeLbLvXgluT5HJ
k/9wxWBrqMXdF0wwxf6IODUB5vDv5yfNbPas1UGR+HA+aDbiTuzUPmKNxDsS1a1p
FziT
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:25:18 2025 by rpki-client