Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e50b83-b292-4117-8991-b67d320990c6/1/_V91AFMDX79rJy9LZzxIy2NAvZI.roa
File:                     _V91AFMDX79rJy9LZzxIy2NAvZI.roa (raw, json)
Hash identifier:          CvwFuxiDJChNGv61mlWI/2kt69xBouJPI8bb/2Ux424=
Subject key identifier:   FD:5F:75:00:53:03:5F:BF:6B:27:2F:4B:67:3C:48:CB:63:40:BD:92
Certificate issuer:       /CN=f57d9c8ffc204b6dbde01205303bdf8b50638aa6
Certificate serial:       019EFA295B124D1AF1DB7406CAE611F80678
Authority key identifier: F5:7D:9C:8F:FC:20:4B:6D:BD:E0:12:05:30:3B:DF:8B:50:63:8A:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9X2cj_wgS2294BIFMDvfi1BjiqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/e50b83-b292-4117-8991-b67d320990c6/1/_V91AFMDX79rJy9LZzxIy2NAvZI.roa
Signing time:             Wed 24 Jun 2026 15:04:34 +0000
ROA not before:           Wed 24 Jun 2026 15:04:34 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     210405
IP address blocks:        109.70.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/e50b83-b292-4117-8991-b67d320990c6/1/9X2cj_wgS2294BIFMDvfi1BjiqY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/e50b83-b292-4117-8991-b67d320990c6/1/9X2cj_wgS2294BIFMDvfi1BjiqY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9X2cj_wgS2294BIFMDvfi1BjiqY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:fa:29:5b:12:4d:1a:f1:db:74:06:ca:e6:11:f8:06:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f57d9c8ffc204b6dbde01205303bdf8b50638aa6
        Validity
            Not Before: Jun 24 15:04:34 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fd5f750053035fbf6b272f4b673c48cb6340bd92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:09:a1:6c:26:42:95:f0:ba:06:a5:c4:78:25:
                    db:aa:2d:42:2b:c8:46:64:7b:e7:93:cf:91:8d:6f:
                    8d:61:df:66:c0:87:04:51:23:50:91:03:66:60:f0:
                    4a:82:8d:86:f8:c1:ca:49:cb:b9:16:4a:11:56:78:
                    5b:67:52:b5:4b:2a:cd:05:94:a8:ab:1d:09:f9:5a:
                    f6:ab:5a:59:3d:cd:8b:7c:9f:2d:99:5a:cf:39:13:
                    76:01:4b:57:82:c9:66:96:5d:72:b8:42:96:fd:40:
                    c2:e6:90:6b:69:2b:0b:98:d4:8a:0d:70:64:35:9b:
                    67:83:4f:f6:ad:98:31:95:65:b2:62:1e:80:2e:11:
                    e1:af:51:01:4a:af:f6:b3:5d:b1:13:28:52:e7:4e:
                    cc:10:84:2e:76:6e:ea:c3:5f:49:40:db:13:6e:39:
                    f2:34:ce:b1:3b:51:1f:2e:22:60:a7:ab:cf:6a:88:
                    94:28:60:e1:7c:74:46:5a:89:e9:7c:f7:11:22:e5:
                    0c:7a:64:35:49:18:16:4a:33:3f:81:35:12:33:b1:
                    9d:1b:88:64:2e:08:62:02:e0:c2:5d:cc:cc:7d:1a:
                    72:7f:32:4b:fc:21:7a:ac:35:6b:a2:bc:54:a0:c8:
                    64:75:12:73:71:04:33:8b:3c:73:15:38:b9:d3:0c:
                    20:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:5F:75:00:53:03:5F:BF:6B:27:2F:4B:67:3C:48:CB:63:40:BD:92
            X509v3 Authority Key Identifier:
                keyid:F5:7D:9C:8F:FC:20:4B:6D:BD:E0:12:05:30:3B:DF:8B:50:63:8A:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9X2cj_wgS2294BIFMDvfi1BjiqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e50b83-b292-4117-8991-b67d320990c6/1/_V91AFMDX79rJy9LZzxIy2NAvZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e50b83-b292-4117-8991-b67d320990c6/1/9X2cj_wgS2294BIFMDvfi1BjiqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.70.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:39:e9:18:de:aa:3d:5c:66:80:b6:b3:63:29:d2:36:d9:6f:
         32:d9:60:00:b0:23:b8:7a:65:c4:00:37:73:20:23:8f:53:60:
         13:a0:ff:76:dc:1d:80:6b:f0:c2:57:0e:67:6a:67:e9:d7:8a:
         12:ae:b0:b2:db:4e:15:ca:06:1e:e8:71:b4:9b:cc:3c:7e:33:
         42:f7:d4:3b:14:a8:71:bc:d0:51:29:2d:c7:d4:22:6f:77:41:
         34:b5:94:9b:02:a6:dc:75:e3:06:8e:95:86:3d:76:42:55:bc:
         b9:54:3b:19:73:f8:cd:c7:e9:08:bb:f2:e1:7b:39:78:85:02:
         67:b0:0b:95:85:04:5a:ba:2a:10:c1:84:e3:af:49:99:cd:ec:
         99:42:a0:0d:5f:7c:27:97:69:29:44:15:b6:f5:30:93:7a:51:
         96:77:00:c2:ad:f1:ff:63:ed:2e:31:81:05:77:70:0d:62:3d:
         c5:bb:49:36:6e:ff:a8:35:41:93:82:a0:7a:61:0e:6e:3d:fd:
         ed:57:cf:c9:11:c1:6a:3c:50:ae:72:ef:47:0e:c9:98:20:58:
         7a:ee:6b:30:e3:a1:c2:5e:f8:ef:a1:08:18:1a:de:06:62:15:
         4a:02:45:91:1d:f5:93:f8:bc:19:af:a4:e6:85:36:43:c9:31:
         45:20:20:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ76KVsSTRrx23QGyuYR+AZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2Q5YzhmZmMyMDRiNmRiZGUwMTIwNTMwM2JkZjhiNTA2
MzhhYTYwHhcNMjYwNjI0MTUwNDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVmNzUwMDUzMDM1ZmJmNmIyNzJmNGI2NzNjNDhjYjYzNDBiZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQmhbCZClfC6BqXEeCXbqi1CK8hG
ZHvnk8+RjW+NYd9mwIcEUSNQkQNmYPBKgo2G+MHKScu5FkoRVnhbZ1K1SyrNBZSo
qx0J+Vr2q1pZPc2LfJ8tmVrPORN2AUtXgslmll1yuEKW/UDC5pBraSsLmNSKDXBk
NZtng0/2rZgxlWWyYh6ALhHhr1EBSq/2s12xEyhS507MEIQudm7qw19JQNsTbjny
NM6xO1EfLiJgp6vPaoiUKGDhfHRGWonpfPcRIuUMemQ1SRgWSjM/gTUSM7GdG4hk
LghiAuDCXczMfRpyfzJL/CF6rDVrorxUoMhkdRJzcQQzizxzFTi50wwgfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1fdQBTA1+/aycvS2c8SMtjQL2SMB8GA1UdIwQY
MBaAFPV9nI/8IEttveASBTA734tQY4qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVgyY2pfd2dTMjI5NEJJRk1EdmZpMUJqaXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lNTBiODMtYjI5Mi00MTE3LTg5OTEt
YjY3ZDMyMDk5MGM2LzEvX1Y5MUFGTURYNzlySnk5TFp6eEl5Mk5BdlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lNTBiODMtYjI5Mi00MTE3LTg5OTEtYjY3ZDMyMDk5MGM2
LzEvOVgyY2pfd2dTMjI5NEJJRk1EdmZpMUJqaXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUZOMA0G
CSqGSIb3DQEBCwUAA4IBAQBOOekY3qo9XGaAtrNjKdI22W8y2WAAsCO4emXEADdz
ICOPU2AToP923B2Aa/DCVw5namfp14oSrrCy204VygYe6HG0m8w8fjNC99Q7FKhx
vNBRKS3H1CJvd0E0tZSbAqbcdeMGjpWGPXZCVby5VDsZc/jNx+kIu/Lhezl4hQJn
sAuVhQRauioQwYTjr0mZzeyZQqANX3wnl2kpRBW29TCTelGWdwDCrfH/Y+0uMYEF
d3ANYj3Fu0k2bv+oNUGTgqB6YQ5uPf3tV8/JEcFqPFCucu9HDsmYIFh67msw46HC
XvjvoQgYGt4GYhVKAkWRHfWT+LwZr6TmhTZDyTFFICD1
-----END CERTIFICATE-----
Generated at Wed Jul 1 05:20:49 2026 by rpki-client