Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/0X-5PKZtZ7slARK8e40z1bnoMFw.roa
File:                     0X-5PKZtZ7slARK8e40z1bnoMFw.roa (raw, json)
Hash identifier:          FSNo1Xv7gSywiq56rw1Ts4EOsLlsS5zybrQAx4E58hY=
Subject key identifier:   D1:7F:B9:3C:A6:6D:67:BB:25:01:12:BC:7B:8D:33:D5:B9:E8:30:5C
Certificate issuer:       /CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Certificate serial:       019EC9C5EBC2099C361DE2B963FBEB307409
Authority key identifier: 46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/0X-5PKZtZ7slARK8e40z1bnoMFw.roa
Signing time:             Mon 15 Jun 2026 05:34:11 +0000
ROA not before:           Mon 15 Jun 2026 05:34:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     29695
IP address blocks:        5.152.136.0/21 maxlen: 21
                          5.172.182.0/24 maxlen: 24
                          45.14.52.0/22 maxlen: 22
                          79.160.0.0/15 maxlen: 24
                          80.203.0.0/17 maxlen: 17
                          81.166.0.0/15 maxlen: 24
                          84.234.128.0/17 maxlen: 24
                          89.11.128.0/17 maxlen: 17
                          92.220.0.0/15 maxlen: 21
                          109.247.0.0/16 maxlen: 21
                          141.0.64.0/18 maxlen: 18
                          213.167.96.0/19 maxlen: 19
                          2a01:798::/29 maxlen: 32
                          2a11:5100::/29 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c9:c5:eb:c2:09:9c:36:1d:e2:b9:63:fb:eb:30:74:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
        Validity
            Not Before: Jun 15 05:34:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d17fb93ca66d67bb250112bc7b8d33d5b9e8305c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:96:07:f9:4f:f0:48:9e:31:a1:d7:37:36:3f:
                    59:3b:6e:e5:02:ff:44:0a:8a:23:de:48:44:24:8b:
                    1f:f0:85:f7:0e:ee:e6:8b:df:61:07:01:3d:77:ab:
                    98:b6:48:2b:cb:e1:87:ed:94:d3:b0:98:d9:d1:ae:
                    8c:89:bf:e9:e9:6a:2e:10:c6:6d:31:54:fa:03:12:
                    dc:28:01:3a:27:6b:25:c8:6e:f7:8c:d2:8d:45:d9:
                    1d:26:b2:5f:47:90:98:20:b3:a5:45:ec:85:cf:b2:
                    d3:bb:5a:94:f8:60:f3:4f:09:51:5d:40:a3:82:f1:
                    39:d7:f7:d3:06:e6:52:7e:3c:eb:0d:85:ba:1e:76:
                    4d:ce:05:10:71:34:67:e7:ee:9a:24:93:07:05:71:
                    67:02:f4:11:14:fb:e1:d4:3b:db:e9:91:99:d6:31:
                    c3:87:b5:c9:76:97:f3:df:43:b8:83:9f:4e:ff:07:
                    43:d5:b7:4e:fe:f4:34:34:96:a5:7e:e5:5c:6a:fa:
                    10:ac:82:65:80:8b:06:9c:6c:ec:4f:29:ff:2d:e1:
                    0f:ec:69:ec:d9:af:76:09:40:2e:51:68:a0:e9:3c:
                    2f:78:24:af:ae:25:81:83:5d:6e:21:f3:59:f6:26:
                    26:e5:3b:d3:cd:03:3e:b7:a9:3d:7e:53:2c:7b:6c:
                    34:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:7F:B9:3C:A6:6D:67:BB:25:01:12:BC:7B:8D:33:D5:B9:E8:30:5C
            X509v3 Authority Key Identifier:
                keyid:46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/0X-5PKZtZ7slARK8e40z1bnoMFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.152.136.0/21
                  5.172.182.0/24
                  45.14.52.0/22
                  79.160.0.0/15
                  80.203.0.0/17
                  81.166.0.0/15
                  84.234.128.0/17
                  89.11.128.0/17
                  92.220.0.0/15
                  109.247.0.0/16
                  141.0.64.0/18
                  213.167.96.0/19
                IPv6:
                  2a01:798::/29
                  2a11:5100::/29

    Signature Algorithm: sha256WithRSAEncryption
         98:fe:38:a8:55:91:5c:d3:68:87:15:f5:b3:ab:cf:ec:10:5e:
         c6:3b:6c:ee:88:b4:35:09:53:64:f2:04:41:1c:12:8e:48:92:
         93:30:1e:ce:47:d6:e4:45:38:95:f8:7c:3f:4e:80:a9:28:17:
         0e:cc:53:6e:9b:6b:41:0d:29:9f:04:a7:67:71:71:83:79:f4:
         41:5d:c8:9e:28:1a:e3:a8:f5:96:46:f9:95:29:73:6f:5f:9d:
         b7:85:bb:94:53:71:2c:93:1e:ff:bd:d2:9a:08:74:a3:2c:f8:
         3c:a5:e6:ad:b1:e9:bd:ba:d4:3d:fd:8d:5b:7d:26:d2:64:c3:
         5c:c8:65:62:03:3b:0a:63:7c:9a:19:c7:42:42:e2:45:36:01:
         6c:d1:a2:7e:59:75:0c:ee:04:99:57:82:5d:ae:2e:36:e2:cf:
         10:4b:15:fb:ff:70:b0:18:b5:8e:0f:ff:4c:5d:a9:63:01:db:
         e2:28:68:ee:a2:5f:68:77:c0:82:dd:b1:ac:4c:f1:17:2d:8d:
         04:8c:8d:67:88:41:82:db:ea:9f:87:74:e1:a5:4d:70:0d:aa:
         b3:06:6d:79:30:92:27:cf:a1:a7:47:cc:f8:54:73:ca:35:64:
         b8:74:a2:60:13:28:bc:ec:94:98:57:15:3e:48:f7:e8:53:c4:
         b7:ff:01:98
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ7JxevCCZw2HeK5Y/vrMHQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmI4MjE1YjIyNjZkYTNjMGY2Y2E1NWNjN2JhODAwZTlh
ZGUyYTIwHhcNMjYwNjE1MDUzNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTdmYjkzY2E2NmQ2N2JiMjUwMTEyYmM3YjhkMzNkNWI5ZTgzMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZYH+U/wSJ4xodc3Nj9ZO27lAv9E
Cooj3khEJIsf8IX3Du7mi99hBwE9d6uYtkgry+GH7ZTTsJjZ0a6Mib/p6WouEMZt
MVT6AxLcKAE6J2slyG73jNKNRdkdJrJfR5CYILOlReyFz7LTu1qU+GDzTwlRXUCj
gvE51/fTBuZSfjzrDYW6HnZNzgUQcTRn5+6aJJMHBXFnAvQRFPvh1Dvb6ZGZ1jHD
h7XJdpfz30O4g59O/wdD1bdO/vQ0NJalfuVcavoQrIJlgIsGnGzsTyn/LeEP7Gns
2a92CUAuUWig6TwveCSvriWBg11uIfNZ9iYm5TvTzQM+t6k9flMse2w0bwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNF/uTymbWe7JQESvHuNM9W56DBcMB8GA1UdIwQY
MBaAFEa7ghWyJm2jwPbKVcx7qADpreKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMt
N2E1NGRiNTllYzJkLzEvMFgtNVBLWnRaN3NsQVJLOGU0MHoxYm5vTUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMtN2E1NGRiNTllYzJk
LzEvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQDBZiIAwQA
Bay2AwQCLQ40AwMBT6ADBAdQywADAwFRpgMEB1TqgAMEB1kLgAMDAVzcAwMAbfcD
BAaNAEADBAXVp2AwFAQCAAIwDgMFAyoBB5gDBQMqEVEAMA0GCSqGSIb3DQEBCwUA
A4IBAQCY/jioVZFc02iHFfWzq8/sEF7GO2zuiLQ1CVNk8gRBHBKOSJKTMB7OR9bk
RTiV+Hw/ToCpKBcOzFNum2tBDSmfBKdncXGDefRBXcieKBrjqPWWRvmVKXNvX523
hbuUU3Eskx7/vdKaCHSjLPg8peatsem9utQ9/Y1bfSbSZMNcyGViAzsKY3yaGcdC
QuJFNgFs0aJ+WXUM7gSZV4Jdri424s8QSxX7/3CwGLWOD/9MXaljAdviKGjuol9o
d8CC3bGsTPEXLY0EjI1niEGC2+qfh3ThpU1wDaqzBm15MJInz6GnR8z4VHPKNWS4
dKJgEyi87JSYVxU+SPfoU8S3/wGY
-----END CERTIFICATE-----
Generated at Wed Jul 1 01:34:32 2026 by rpki-client