Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5SEhXsmgHJIhlZF7VM-GwfanV7Y.roa
File:                     5SEhXsmgHJIhlZF7VM-GwfanV7Y.roa (raw, json)
Hash identifier:          5dGMgn6pUqW3iyfnxuhUOmQEeYaUpbQDL5AaU9rC+IU=
Subject key identifier:   E5:21:21:5E:C9:A0:1C:92:21:95:91:7B:54:CF:86:C1:F6:A7:57:B6
Certificate issuer:       /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial:       019F2368A8A5D306D5F1DF0D49B3CE69E71B
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5SEhXsmgHJIhlZF7VM-GwfanV7Y.roa
Signing time:             Thu 02 Jul 2026 15:18:09 +0000
ROA not before:           Thu 02 Jul 2026 15:18:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     5511
IP address blocks:        77.93.139.0/24 maxlen: 24
                          82.153.148.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:a8:a5:d3:06:d5:f1:df:0d:49:b3:ce:69:e7:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
        Validity
            Not Before: Jul  2 15:18:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e521215ec9a01c922195917b54cf86c1f6a757b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d1:ff:05:e3:33:7b:e1:c7:77:e7:79:2b:46:
                    06:6c:76:ae:b7:fa:79:07:70:91:af:9d:03:f1:7a:
                    ca:13:11:a3:1c:5a:a3:f3:5a:d0:43:94:08:7c:4d:
                    06:1b:54:71:23:d9:ed:ec:f8:7a:99:83:96:98:63:
                    53:7e:69:91:56:2e:6d:27:c5:44:5c:50:fb:2e:f1:
                    e1:b6:13:9b:f5:ed:f5:10:98:f1:71:4f:b4:c1:9d:
                    0f:b0:92:1c:9f:4f:2e:a4:51:94:dc:aa:d5:b4:b5:
                    86:db:a8:e5:37:37:f7:16:2b:c2:db:6f:49:91:91:
                    3e:0c:28:13:de:98:dc:c5:15:36:37:94:f1:6d:de:
                    49:dc:6a:8c:6c:8e:9a:7e:dd:87:3d:60:cc:59:f9:
                    ec:e9:5f:f3:2c:60:44:dd:06:71:45:aa:ce:c0:20:
                    d7:7e:1d:bb:1f:a3:bc:8f:35:14:db:75:24:3c:1d:
                    ab:08:c3:59:20:f2:15:51:0d:c4:35:13:74:ab:12:
                    df:be:d3:3c:04:29:93:2e:a0:85:04:e4:2e:91:ec:
                    e8:6d:7d:a1:f0:8f:ea:4d:36:bb:e9:09:e2:c7:8e:
                    bf:a4:27:4b:71:4a:85:46:68:f6:fe:36:c2:78:90:
                    ec:c6:fa:85:c4:55:7c:95:84:9f:33:b0:bf:cc:28:
                    7c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:21:21:5E:C9:A0:1C:92:21:95:91:7B:54:CF:86:C1:F6:A7:57:B6
            X509v3 Authority Key Identifier:
                keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5SEhXsmgHJIhlZF7VM-GwfanV7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.93.139.0/24
                  82.153.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:dc:28:f5:31:31:8d:4a:94:b4:13:7e:98:ee:c4:41:86:bc:
         a3:19:a8:c5:44:96:c4:26:07:83:c4:0c:8f:29:b6:f0:40:f8:
         14:4e:35:a5:0f:49:a7:40:59:71:5e:19:8d:b4:1c:99:2e:79:
         cd:94:dc:34:c8:20:94:33:bc:e7:c1:33:d7:86:82:46:e6:7f:
         5a:6d:4c:d5:75:8e:23:76:2c:47:01:43:c9:84:e5:50:4a:6e:
         71:5e:7f:ec:ba:bd:4f:32:28:b3:2f:15:61:15:82:dd:4c:f2:
         25:e9:4a:38:6b:59:19:d3:aa:92:73:f0:f1:86:86:22:d3:10:
         7d:0b:5e:72:73:a6:e0:7d:ef:db:1c:ac:e0:dd:23:22:0c:d6:
         7e:fd:e4:a4:96:34:e9:c3:3f:86:dc:c7:4d:69:17:10:37:b3:
         b8:a6:b9:36:f0:2e:45:c8:3e:54:a9:fe:f4:73:9f:0f:79:78:
         a8:fa:bf:2f:d7:34:f1:81:02:71:39:e3:83:75:e1:1c:04:d9:
         1e:f5:b8:82:ff:b2:3a:f6:31:53:c0:01:2d:80:ab:3b:eb:d5:
         99:19:7a:8a:ae:1b:8e:f2:0f:42:bb:93:4e:9c:41:15:c2:f1:
         21:ac:5f:8f:0f:65:cc:1c:eb:90:fb:72:5e:af:34:1f:3b:8e:
         a0:5e:ab:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ8jaKil0wbV8d8NSbPOaecbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIxMjE1ZWM5YTAxYzkyMjE5NTkxN2I1NGNmODZjMWY2YTc1N2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNH/BeMze+HHd+d5K0YGbHaut/p5
B3CRr50D8XrKExGjHFqj81rQQ5QIfE0GG1RxI9nt7Ph6mYOWmGNTfmmRVi5tJ8VE
XFD7LvHhthOb9e31EJjxcU+0wZ0PsJIcn08upFGU3KrVtLWG26jlNzf3FivC229J
kZE+DCgT3pjcxRU2N5Txbd5J3GqMbI6aft2HPWDMWfns6V/zLGBE3QZxRarOwCDX
fh27H6O8jzUU23UkPB2rCMNZIPIVUQ3ENRN0qxLfvtM8BCmTLqCFBOQukezobX2h
8I/qTTa76Qnix46/pCdLcUqFRmj2/jbCeJDsxvqFxFV8lYSfM7C/zCh8YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOUhIV7JoBySIZWRe1TPhsH2p1e2MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNVNFaFhzbWdISklobFpGN1ZNLUd3ZmFuVjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATV2LAwQA
UpmUMA0GCSqGSIb3DQEBCwUAA4IBAQBX3Cj1MTGNSpS0E36Y7sRBhryjGajFRJbE
JgeDxAyPKbbwQPgUTjWlD0mnQFlxXhmNtByZLnnNlNw0yCCUM7znwTPXhoJG5n9a
bUzVdY4jdixHAUPJhOVQSm5xXn/sur1PMiizLxVhFYLdTPIl6Uo4a1kZ06qSc/Dx
hoYi0xB9C15yc6bgfe/bHKzg3SMiDNZ+/eSkljTpwz+G3MdNaRcQN7O4prk28C5F
yD5Uqf70c58PeXio+r8v1zTxgQJxOeODdeEcBNke9biC/7I69jFTwAEtgKs769WZ
GXqKrhuO8g9Cu5NOnEEVwvEhrF+PD2XMHOuQ+3JerzQfO46gXqso
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:20:06 2026 by rpki-client