Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/w7V5W6tGtFfL_BAchKpQFy5syiQ.roa
File:                     w7V5W6tGtFfL_BAchKpQFy5syiQ.roa (raw, json)
Hash identifier:          I5C9YDFx9QETMeUckuLMAsNqiOQar6eqk5eqo/ETE/Y=
Subject key identifier:   C3:B5:79:5B:AB:46:B4:57:CB:FC:10:1C:84:AA:50:17:2E:6C:CA:24
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       019C7FBB9CFC23E96E2CE009F305CAFEFEE8
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/w7V5W6tGtFfL_BAchKpQFy5syiQ.roa
Signing time:             Sat 21 Feb 2026 10:25:27 +0000
ROA not before:           Sat 21 Feb 2026 10:25:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     154408
IP address blocks:        103.245.228.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 24 Feb 2026 15:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:7f:bb:9c:fc:23:e9:6e:2c:e0:09:f3:05:ca:fe:fe:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Feb 21 10:25:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c3b5795bab46b457cbfc101c84aa50172e6cca24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8b:c8:e3:3a:ff:7e:29:7b:36:eb:b4:33:e2:
                    24:b6:53:0b:ca:fb:f9:05:85:7f:f2:f9:5f:3b:16:
                    3d:e8:9e:3f:ed:11:9b:da:44:f4:58:c8:c3:97:ee:
                    21:f4:02:71:94:ed:d0:5a:18:34:63:62:f8:28:30:
                    54:85:bf:55:08:8e:fe:e8:bf:7e:a3:3b:dd:76:d3:
                    c1:25:29:35:e6:93:6f:f1:dc:86:ea:79:60:42:91:
                    f1:22:d4:97:ff:4b:8f:3c:6c:28:2e:8f:9a:c5:c7:
                    ed:e8:30:a5:0b:96:3c:04:ae:80:c8:ed:02:39:9b:
                    71:22:b6:0d:0f:28:5c:8a:fa:2a:ab:c4:7d:21:42:
                    ed:9a:47:21:ef:65:64:71:7d:7c:00:d1:d4:59:2c:
                    c6:75:4c:eb:4d:4f:c1:5e:06:ab:46:a9:89:98:a2:
                    4b:bd:1c:2a:9b:bf:8e:d3:1b:27:7f:19:f4:2f:d4:
                    e4:f8:7a:19:5e:58:ad:bc:3b:26:cd:e2:60:9c:f9:
                    62:21:8a:e0:64:0e:b6:96:02:13:fb:0e:c2:d8:8c:
                    6c:1d:38:cb:08:60:38:4f:ad:f3:73:4c:29:0a:a2:
                    d7:27:87:37:67:29:94:65:81:51:b8:75:5a:0a:d9:
                    2c:9c:f3:16:5e:88:88:97:07:72:4d:64:5a:fb:ea:
                    b0:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B5:79:5B:AB:46:B4:57:CB:FC:10:1C:84:AA:50:17:2E:6C:CA:24
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/w7V5W6tGtFfL_BAchKpQFy5syiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.245.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:09:34:a2:97:a5:bb:11:84:af:ec:12:5d:ad:7d:0c:0b:ba:
         0e:be:2f:bc:94:82:52:b0:13:d6:c6:6f:f0:3d:a9:f6:07:3f:
         20:40:51:79:d7:73:8f:f6:1e:29:4b:e1:84:62:7c:2d:49:ae:
         38:08:04:82:06:4f:db:9e:08:d6:57:8b:55:83:c8:05:38:2c:
         b2:0c:c0:14:b2:3e:6d:fa:f3:f4:4b:78:8d:17:7f:9f:50:61:
         73:db:53:79:4a:33:d5:a3:48:2c:f2:4f:64:88:0d:b8:38:81:
         1b:02:6f:20:89:00:8e:3d:ff:31:a9:9f:e5:a4:1a:48:05:3d:
         fe:59:9a:c7:d0:05:38:d5:08:0a:85:7a:3e:04:89:e5:08:2f:
         7b:60:47:b4:00:da:f9:39:e3:f3:a5:da:2d:c9:56:80:89:c2:
         25:56:06:5b:24:69:92:16:d6:24:4a:68:2e:cf:4d:7c:e9:a6:
         cb:0b:37:bf:bb:50:3f:cd:89:7d:0c:c0:75:dd:f3:9b:0d:9f:
         c3:94:3e:35:cb:59:29:71:29:97:7e:fd:8b:c9:36:be:21:7e:
         11:9f:4b:50:fd:38:d4:3e:2a:71:0c:bf:42:0d:1e:e5:ef:b5:
         93:f6:84:db:e5:17:ec:c6:24:2c:cb:8b:8d:b7:0d:d0:77:f9:
         21:6d:3e:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZx/u5z8I+luLOAJ8wXK/v7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMjIxMTAyNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2I1Nzk1YmFiNDZiNDU3Y2JmYzEwMWM4NGFhNTAxNzJlNmNjYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYvI4zr/fil7Nuu0M+IktlMLyvv5
BYV/8vlfOxY96J4/7RGb2kT0WMjDl+4h9AJxlO3QWhg0Y2L4KDBUhb9VCI7+6L9+
ozvddtPBJSk15pNv8dyG6nlgQpHxItSX/0uPPGwoLo+axcft6DClC5Y8BK6AyO0C
OZtxIrYNDyhcivoqq8R9IULtmkch72VkcX18ANHUWSzGdUzrTU/BXgarRqmJmKJL
vRwqm7+O0xsnfxn0L9Tk+HoZXlitvDsmzeJgnPliIYrgZA62lgIT+w7C2IxsHTjL
CGA4T63zc0wpCqLXJ4c3ZymUZYFRuHVaCtksnPMWXoiIlwdyTWRa++qwqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMO1eVurRrRXy/wQHISqUBcubMokMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdzdWNVc2dEd0RmZMX0JBY2hLcFFGeTVzeWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ/XkMA0G
CSqGSIb3DQEBCwUAA4IBAQBKCTSil6W7EYSv7BJdrX0MC7oOvi+8lIJSsBPWxm/w
Pan2Bz8gQFF513OP9h4pS+GEYnwtSa44CASCBk/bngjWV4tVg8gFOCyyDMAUsj5t
+vP0S3iNF3+fUGFz21N5SjPVo0gs8k9kiA24OIEbAm8giQCOPf8xqZ/lpBpIBT3+
WZrH0AU41QgKhXo+BInlCC97YEe0ANr5OePzpdotyVaAicIlVgZbJGmSFtYkSmgu
z0186abLCze/u1A/zYl9DMB13fObDZ/DlD41y1kpcSmXfv2LyTa+IX4Rn0tQ/TjU
PipxDL9CDR7l77WT9oTb5RfsxiQsy4uNtw3Qd/khbT7F
-----END CERTIFICATE-----