Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/63Q4sf5DnbzbMu1UxkFJUAbL8Yw.roa
File:                     63Q4sf5DnbzbMu1UxkFJUAbL8Yw.roa (raw, json)
Hash identifier:          2EyeHcueOdxTrHDlCNUYConq7i5pgR/vM4NtPqvLMBc=
Subject key identifier:   EB:74:38:B1:FE:43:9D:BC:DB:32:ED:54:C6:41:49:50:06:CB:F1:8C
Certificate issuer:       /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial:       019F2368C2AEA1B6942EE8A4F989CAB4BD05
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/63Q4sf5DnbzbMu1UxkFJUAbL8Yw.roa
Signing time:             Thu 02 Jul 2026 15:18:15 +0000
ROA not before:           Thu 02 Jul 2026 15:18:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     56971
IP address blocks:        217.145.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:c2:ae:a1:b6:94:2e:e8:a4:f9:89:ca:b4:bd:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
        Validity
            Not Before: Jul  2 15:18:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=eb7438b1fe439dbcdb32ed54c641495006cbf18c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:21:37:1b:60:fc:10:50:89:d1:2a:b9:6a:aa:
                    98:2a:17:f0:5a:3d:cc:71:96:9c:fb:45:1c:31:72:
                    50:01:3d:30:88:90:4e:a6:5a:ce:74:7c:fd:4e:2b:
                    6c:05:21:42:ce:c3:4d:60:32:99:f2:b0:5a:39:c1:
                    7d:33:e9:88:a6:19:15:c1:c1:a0:f3:32:37:ae:08:
                    e2:55:90:c3:5f:d5:18:f1:72:47:d3:ff:fd:54:01:
                    ed:a1:b0:53:ab:32:c5:f2:73:f7:26:29:1c:49:75:
                    ac:1a:99:66:75:2f:7a:b7:70:6e:f3:ec:cd:e3:a9:
                    12:a7:17:d3:25:f3:a7:83:78:73:70:28:ae:fd:ee:
                    ef:01:ed:4f:40:6c:02:a4:8c:94:6f:cb:5d:23:ff:
                    54:b7:e8:9c:a1:73:68:a3:5f:96:f4:c3:1f:87:d3:
                    fe:ee:55:ac:1d:fc:ae:37:83:b3:de:b8:7c:b9:8e:
                    6e:e8:22:61:e1:b2:3b:e7:b5:ec:68:c2:43:18:0e:
                    ca:85:e9:96:dd:32:7b:a6:50:9c:84:9c:25:2f:7f:
                    4a:d7:ab:29:e4:14:79:09:22:b2:2d:99:8e:d0:f5:
                    12:c8:41:28:af:0f:8b:4e:f4:7f:cc:13:74:c5:8d:
                    47:df:52:42:e7:36:ee:45:e5:51:f9:6d:0f:bd:10:
                    b5:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:74:38:B1:FE:43:9D:BC:DB:32:ED:54:C6:41:49:50:06:CB:F1:8C
            X509v3 Authority Key Identifier:
                keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/63Q4sf5DnbzbMu1UxkFJUAbL8Yw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.145.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:8e:91:f9:9f:7c:16:86:e0:48:6c:2e:3d:bd:b1:a1:23:f6:
         ee:58:bd:9e:c8:dc:05:14:b7:49:67:ac:98:45:66:50:65:c9:
         7c:e1:72:42:7a:54:dd:0f:77:62:f6:8a:fd:5a:6b:41:c9:85:
         02:db:3e:ba:4e:3d:b4:36:ae:fb:2c:7b:80:d1:94:87:13:9a:
         e6:cf:90:df:50:33:c8:36:94:2b:8b:21:08:57:d8:eb:3b:c2:
         f5:89:9b:26:ef:56:c0:82:f2:b5:f1:5c:60:5e:2c:b1:7a:4c:
         53:c1:8a:51:8b:13:ad:62:f2:aa:2f:20:d2:de:cb:b0:e6:44:
         13:9a:d5:51:be:4e:ff:43:3e:58:ca:29:8e:2c:0b:67:be:6e:
         80:37:17:b3:1a:e5:06:75:d2:7e:59:0e:e0:02:88:45:f9:fd:
         c5:d9:67:75:8b:b7:06:a2:9e:af:a2:2c:da:d7:b5:e7:29:9b:
         fd:d9:1d:90:ab:51:30:2e:a9:6b:5d:d8:9e:5e:8c:98:cc:b8:
         65:80:3b:83:a0:af:ce:75:e9:22:14:f6:ec:b7:13:8b:5e:1c:
         ec:57:51:9e:64:e4:ee:58:fd:a6:61:6e:3c:8f:09:c5:3d:e6:
         31:b9:50:67:be:7e:6d:4f:0b:c8:d2:1f:c3:ab:52:66:b9:f2:
         71:8c:2c:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaMKuobaULuik+YnKtL0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc0MzhiMWZlNDM5ZGJjZGIzMmVkNTRjNjQxNDk1MDA2Y2JmMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCE3G2D8EFCJ0Sq5aqqYKhfwWj3M
cZac+0UcMXJQAT0wiJBOplrOdHz9TitsBSFCzsNNYDKZ8rBaOcF9M+mIphkVwcGg
8zI3rgjiVZDDX9UY8XJH0//9VAHtobBTqzLF8nP3JikcSXWsGplmdS96t3Bu8+zN
46kSpxfTJfOng3hzcCiu/e7vAe1PQGwCpIyUb8tdI/9Ut+icoXNoo1+W9MMfh9P+
7lWsHfyuN4Oz3rh8uY5u6CJh4bI757XsaMJDGA7KhemW3TJ7plCchJwlL39K16sp
5BR5CSKyLZmO0PUSyEEorw+LTvR/zBN0xY1H31JC5zbuReVR+W0PvRC1iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOt0OLH+Q5282zLtVMZBSVAGy/GMMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjNRNHNmNURuYnpiTXUxVXhrRkpVQWJMOFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZFPMA0G
CSqGSIb3DQEBCwUAA4IBAQBejpH5n3wWhuBIbC49vbGhI/buWL2eyNwFFLdJZ6yY
RWZQZcl84XJCelTdD3di9or9WmtByYUC2z66Tj20Nq77LHuA0ZSHE5rmz5DfUDPI
NpQriyEIV9jrO8L1iZsm71bAgvK18VxgXiyxekxTwYpRixOtYvKqLyDS3suw5kQT
mtVRvk7/Qz5YyimOLAtnvm6ANxezGuUGddJ+WQ7gAohF+f3F2Wd1i7cGop6voiza
17XnKZv92R2Qq1EwLqlrXdieXoyYzLhlgDuDoK/OdekiFPbstxOLXhzsV1GeZOTu
WP2mYW48jwnFPeYxuVBnvn5tTwvI0h/Dq1JmufJxjCxl
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:21:32 2026 by rpki-client