Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/208623-268c-4bf6-b947-f459235d987b/1/VjBVb7qAWY4H2MSTTk3mE7tLdAI.roa
File:                     VjBVb7qAWY4H2MSTTk3mE7tLdAI.roa (raw, json)
Hash identifier:          rsEp+YspuHuBffI28dbqNM5X9+3GHXkR3gxoffTTdrs=
Subject key identifier:   56:30:55:6F:BA:80:59:8E:07:D8:C4:93:4E:4D:E6:13:BB:4B:74:02
Certificate issuer:       /CN=ccf69ef8a54830c5a7b637891fc3c90ab12cba78
Certificate serial:       0197F50890F69AA65CE3564F1D74B3C454B4
Authority key identifier: CC:F6:9E:F8:A5:48:30:C5:A7:B6:37:89:1F:C3:C9:0A:B1:2C:BA:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zPae-KVIMMWntjeJH8PJCrEsung.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/208623-268c-4bf6-b947-f459235d987b/1/VjBVb7qAWY4H2MSTTk3mE7tLdAI.roa
Signing time:             Thu 10 Jul 2025 15:51:08 +0000
ROA not before:           Thu 10 Jul 2025 15:51:08 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     39686
IP address blocks:        185.92.199.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/208623-268c-4bf6-b947-f459235d987b/1/zPae-KVIMMWntjeJH8PJCrEsung.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/208623-268c-4bf6-b947-f459235d987b/1/zPae-KVIMMWntjeJH8PJCrEsung.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zPae-KVIMMWntjeJH8PJCrEsung.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Jul 2025 16:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:f5:08:90:f6:9a:a6:5c:e3:56:4f:1d:74:b3:c4:54:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccf69ef8a54830c5a7b637891fc3c90ab12cba78
        Validity
            Not Before: Jul 10 15:51:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5630556fba80598e07d8c4934e4de613bb4b7402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:fc:50:69:84:e6:cd:db:6b:33:82:78:3b:1d:
                    bb:9c:e3:b2:97:ae:15:77:5d:9c:d0:48:eb:a8:6d:
                    12:86:68:a2:d0:c6:55:05:45:45:f1:55:a6:78:a1:
                    a4:80:43:f1:9e:81:12:e1:ef:15:c8:47:89:4c:ce:
                    75:d2:50:56:66:8a:83:bc:8f:67:b7:76:d1:7e:11:
                    f7:db:a2:57:7b:50:ce:b1:9f:9e:5b:c3:6e:fe:81:
                    b0:a1:1d:b6:e6:4a:e8:ad:f0:4e:f7:94:24:61:bb:
                    6f:b6:5d:cf:3f:f4:ae:1b:c3:8e:dc:33:f5:99:fb:
                    8a:60:43:e9:82:ca:16:58:65:b6:28:71:7d:a2:19:
                    6f:f6:14:88:62:41:30:c3:e5:b8:fa:f0:2b:03:09:
                    79:a4:af:85:21:b6:ac:9c:6e:35:1d:3d:3e:ae:ff:
                    3d:77:c8:90:ac:57:38:58:53:f5:1f:73:3b:a0:ce:
                    f9:3f:04:1a:bb:a5:b4:37:bc:46:aa:64:a7:4f:d3:
                    3d:8a:0e:76:4b:bb:c3:16:49:cc:83:b4:05:d8:76:
                    d8:8f:b8:e5:3d:ad:39:ff:a5:2a:33:70:f9:41:71:
                    34:ab:65:02:ab:48:b2:14:d8:5d:ac:55:1d:d4:3a:
                    79:ba:b1:26:c4:2b:d5:64:cc:b5:14:d7:c4:22:da:
                    6e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:30:55:6F:BA:80:59:8E:07:D8:C4:93:4E:4D:E6:13:BB:4B:74:02
            X509v3 Authority Key Identifier:
                keyid:CC:F6:9E:F8:A5:48:30:C5:A7:B6:37:89:1F:C3:C9:0A:B1:2C:BA:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPae-KVIMMWntjeJH8PJCrEsung.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/208623-268c-4bf6-b947-f459235d987b/1/VjBVb7qAWY4H2MSTTk3mE7tLdAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/208623-268c-4bf6-b947-f459235d987b/1/zPae-KVIMMWntjeJH8PJCrEsung.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:90:31:89:55:32:dd:37:a9:89:28:4c:e4:e6:8f:e0:b6:19:
         10:16:64:13:0c:a9:47:d1:aa:72:b9:a7:40:52:5a:2e:4a:13:
         8d:42:99:1f:3b:81:32:e3:ac:7b:93:18:33:60:27:9d:45:2d:
         99:af:98:9c:d7:14:7a:1f:74:74:90:7e:5e:32:9b:07:01:64:
         be:84:d3:5d:9a:27:1c:84:f1:d7:75:9c:3b:1d:5a:00:b7:ec:
         4f:89:2a:5a:bb:d8:ea:bf:4a:94:3f:3f:8d:e5:57:c6:72:79:
         9f:79:d0:c5:e4:27:6c:05:8d:89:e9:9e:aa:b8:90:fd:15:33:
         e3:30:8d:a6:3e:ac:07:e1:e3:bc:2f:26:21:37:32:24:71:b6:
         83:b3:6c:13:4c:cd:92:02:41:57:84:63:0a:07:05:6c:51:b2:
         3e:e8:ac:e6:37:7b:87:9e:f4:ee:06:3f:6a:1a:8f:1c:39:25:
         44:78:cb:36:3f:6c:4e:19:4f:f0:a7:de:94:c5:d3:5b:36:f3:
         56:f3:a8:f8:e9:3e:ab:af:52:15:c3:4a:43:0a:24:11:fb:67:
         f2:b4:d3:94:21:95:f2:6e:15:c4:aa:70:70:1b:f1:40:2b:d2:
         58:ab:a9:d0:08:7c:68:f8:4d:9b:69:4f:35:b0:36:78:06:94:
         9c:d6:07:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZf1CJD2mqZc41ZPHXSzxFS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZjY5ZWY4YTU0ODMwYzVhN2I2Mzc4OTFmYzNjOTBhYjEy
Y2JhNzgwHhcNMjUwNzEwMTU1MTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjMwNTU2ZmJhODA1OThlMDdkOGM0OTM0ZTRkZTYxM2JiNGI3NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvxQaYTmzdtrM4J4Ox27nOOyl64V
d12c0EjrqG0Shmii0MZVBUVF8VWmeKGkgEPxnoES4e8VyEeJTM510lBWZoqDvI9n
t3bRfhH326JXe1DOsZ+eW8Nu/oGwoR225krorfBO95QkYbtvtl3PP/SuG8OO3DP1
mfuKYEPpgsoWWGW2KHF9ohlv9hSIYkEww+W4+vArAwl5pK+FIbasnG41HT0+rv89
d8iQrFc4WFP1H3M7oM75PwQau6W0N7xGqmSnT9M9ig52S7vDFknMg7QF2HbYj7jl
Pa05/6UqM3D5QXE0q2UCq0iyFNhdrFUd1Dp5urEmxCvVZMy1FNfEItpuTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYwVW+6gFmOB9jEk05N5hO7S3QCMB8GA1UdIwQY
MBaAFMz2nvilSDDFp7Y3iR/DyQqxLLp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelBhZS1LVklNTVdudGplSkg4UEpDckVzdW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMDg2MjMtMjY4Yy00YmY2LWI5NDct
ZjQ1OTIzNWQ5ODdiLzEvVmpCVmI3cUFXWTRIMk1TVFRrM21FN3RMZEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMDg2MjMtMjY4Yy00YmY2LWI5NDctZjQ1OTIzNWQ5ODdi
LzEvelBhZS1LVklNTVdudGplSkg4UEpDckVzdW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVzHMA0G
CSqGSIb3DQEBCwUAA4IBAQADkDGJVTLdN6mJKEzk5o/gthkQFmQTDKlH0apyuadA
UlouShONQpkfO4Ey46x7kxgzYCedRS2Zr5ic1xR6H3R0kH5eMpsHAWS+hNNdmicc
hPHXdZw7HVoAt+xPiSpau9jqv0qUPz+N5VfGcnmfedDF5CdsBY2J6Z6quJD9FTPj
MI2mPqwH4eO8LyYhNzIkcbaDs2wTTM2SAkFXhGMKBwVsUbI+6KzmN3uHnvTuBj9q
Go8cOSVEeMs2P2xOGU/wp96UxdNbNvNW86j46T6rr1IVw0pDCiQR+2fytNOUIZXy
bhXEqnBwG/FAK9JYq6nQCHxo+E2baU81sDZ4BpSc1gdr
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:36:10 2025 by rpki-client