Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/8Qggno2YHjg36TtfMn5BN8SeGxI.roa
File:                     8Qggno2YHjg36TtfMn5BN8SeGxI.roa (raw, json)
Hash identifier:          BNJSTzUZXiUHMmBD/PDvL/dEUkXGnnm9z+TEzG9ZS2k=
Subject key identifier:   F1:08:20:9E:8D:98:1E:38:37:E9:3B:5F:32:7E:41:37:C4:9E:1B:12
Certificate issuer:       /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial:       019C472D3D982E5EE0FBCDF108C735250114
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/8Qggno2YHjg36TtfMn5BN8SeGxI.roa
Signing time:             Tue 10 Feb 2026 10:51:13 +0000
ROA not before:           Tue 10 Feb 2026 10:51:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     201207
IP address blocks:        212.135.234.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Feb 2026 19:57:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:47:2d:3d:98:2e:5e:e0:fb:cd:f1:08:c7:35:25:01:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e20b034e2c497b1884488def106972704765029
        Validity
            Not Before: Feb 10 10:51:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f108209e8d981e3837e93b5f327e4137c49e1b12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:3b:9f:eb:d7:f8:1d:ab:84:db:8e:f8:02:8f:
                    e9:21:80:d9:16:5e:87:25:50:86:34:07:c2:91:d5:
                    f7:44:34:2f:5f:42:40:82:d9:05:19:7e:63:52:f0:
                    62:34:9d:fc:53:12:f1:4d:8b:16:2b:5e:28:2d:90:
                    e0:70:8c:4f:79:4a:89:44:e8:a0:e6:30:83:a1:e4:
                    a0:8c:65:f5:57:ba:02:cf:2d:ac:75:42:d1:ca:fe:
                    25:b2:94:6e:18:f0:39:32:48:fc:7e:38:00:d4:07:
                    56:3e:90:44:4f:c7:df:9b:4b:37:f6:5f:82:df:8a:
                    f3:96:40:af:6d:02:7d:06:88:9b:45:03:79:2f:7f:
                    0a:b6:a0:7d:fa:47:5a:55:5d:b1:f1:bf:0a:c4:a1:
                    cb:cf:27:1f:fa:54:4c:89:41:bd:ee:49:0f:d2:21:
                    63:46:d4:5d:1a:a0:9b:3f:c6:f8:91:6f:82:94:38:
                    bb:43:94:ce:b9:05:05:be:19:fd:c6:db:49:79:c5:
                    3c:46:97:a6:3a:d7:32:e2:36:bb:13:09:03:4d:b2:
                    31:91:72:cd:b6:73:5b:98:0d:30:1b:85:ba:1e:76:
                    41:79:f6:18:90:81:69:4f:cf:05:8b:e1:2e:05:60:
                    1f:04:ad:8c:32:c7:f1:65:ac:12:88:7c:73:c6:86:
                    3e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:08:20:9E:8D:98:1E:38:37:E9:3B:5F:32:7E:41:37:C4:9E:1B:12
            X509v3 Authority Key Identifier:
                keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/8Qggno2YHjg36TtfMn5BN8SeGxI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.135.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:ab:20:ee:ac:1d:8e:e5:77:1d:10:9a:fb:53:36:96:59:22:
         7e:ab:e9:02:e5:81:c2:97:10:fd:64:4a:56:21:ca:89:a4:13:
         b2:79:c3:a6:ce:1e:b9:f7:c1:9f:67:72:a9:20:ae:7f:e4:8d:
         00:ab:cf:6d:f7:3a:1b:24:0e:8d:85:95:69:d4:2a:71:09:8a:
         63:3b:81:7e:29:5c:0b:2e:92:c8:38:03:41:6f:de:c5:6f:09:
         ce:ec:dd:51:7c:85:45:55:0f:c7:c9:9f:1d:77:10:c8:6d:b8:
         8a:b2:5e:6f:05:64:f7:f5:6f:ac:a9:b3:9c:01:01:c3:73:70:
         c0:f0:41:06:02:57:b1:2c:6e:86:fe:a7:0d:a1:67:ff:21:6f:
         0d:52:22:15:7c:e7:e2:a2:d4:b9:da:ad:45:ff:04:55:66:46:
         a5:0f:fe:63:6d:90:35:3b:c5:35:67:2f:d0:0a:55:0a:a3:a1:
         74:2a:86:63:e2:80:1d:89:ae:22:74:04:18:57:35:1a:7c:99:
         76:aa:94:93:61:83:80:1a:ef:f2:bd:ab:c1:19:ff:26:73:34:
         9c:7b:9b:c0:b5:67:fd:2d:bc:3b:85:bf:c0:c3:e1:9a:75:ab:
         d3:88:4c:fa:86:4d:d1:d5:15:3f:2c:8f:be:f0:2b:51:51:56:
         ad:08:cb:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxHLT2YLl7g+83xCMc1JQEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMjEwMTA1MTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTA4MjA5ZThkOTgxZTM4MzdlOTNiNWYzMjdlNDEzN2M0OWUxYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Tuf69f4HauE2474Ao/pIYDZFl6H
JVCGNAfCkdX3RDQvX0JAgtkFGX5jUvBiNJ38UxLxTYsWK14oLZDgcIxPeUqJROig
5jCDoeSgjGX1V7oCzy2sdULRyv4lspRuGPA5Mkj8fjgA1AdWPpBET8ffm0s39l+C
34rzlkCvbQJ9BoibRQN5L38KtqB9+kdaVV2x8b8KxKHLzycf+lRMiUG97kkP0iFj
RtRdGqCbP8b4kW+ClDi7Q5TOuQUFvhn9xttJecU8RpemOtcy4ja7EwkDTbIxkXLN
tnNbmA0wG4W6HnZBefYYkIFpT88Fi+EuBWAfBK2MMsfxZawSiHxzxoY+lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEIIJ6NmB44N+k7XzJ+QTfEnhsSMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvOFFnZ25vMllIamczNlR0Zk1uNUJOOFNlR3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1IfqMA0G
CSqGSIb3DQEBCwUAA4IBAQA7qyDurB2O5XcdEJr7UzaWWSJ+q+kC5YHClxD9ZEpW
IcqJpBOyecOmzh6598GfZ3KpIK5/5I0Aq89t9zobJA6NhZVp1CpxCYpjO4F+KVwL
LpLIOANBb97FbwnO7N1RfIVFVQ/HyZ8ddxDIbbiKsl5vBWT39W+sqbOcAQHDc3DA
8EEGAlexLG6G/qcNoWf/IW8NUiIVfOfiotS52q1F/wRVZkalD/5jbZA1O8U1Zy/Q
ClUKo6F0KoZj4oAdia4idAQYVzUafJl2qpSTYYOAGu/yvavBGf8mczSce5vAtWf9
Lbw7hb/Aw+GadavTiEz6hk3R1RU/LI++8CtRUVatCMu/
-----END CERTIFICATE-----