Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8FypyHczDEtiJByOSTPNpI9O8Kw.roa
File:                     8FypyHczDEtiJByOSTPNpI9O8Kw.roa (raw, json)
Hash identifier:          L+8hUa8dwIa/iVIaIIcZvFdhfHPf0R6LN3jDZdhf+H4=
Subject key identifier:   F0:5C:A9:C8:77:33:0C:4B:62:24:1C:8E:49:33:CD:A4:8F:4E:F0:AC
Certificate issuer:       /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial:       019F2368CDA8CE6B3D9535247DD14A924C89
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8FypyHczDEtiJByOSTPNpI9O8Kw.roa
Signing time:             Thu 02 Jul 2026 15:18:18 +0000
ROA not before:           Thu 02 Jul 2026 15:18:18 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     146813
IP address blocks:        89.213.1.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:cd:a8:ce:6b:3d:95:35:24:7d:d1:4a:92:4c:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
        Validity
            Not Before: Jul  2 15:18:18 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f05ca9c877330c4b62241c8e4933cda48f4ef0ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c6:59:50:b0:d4:25:20:af:c5:b5:ba:7d:c4:
                    49:ad:11:13:ff:ae:cb:27:a6:d5:02:d3:da:fb:05:
                    48:a6:08:70:62:61:7e:59:b8:17:f4:4f:f6:21:e4:
                    b5:af:4f:97:72:25:72:df:25:d1:84:46:50:7c:47:
                    d3:7a:8b:42:9b:5a:45:08:10:b0:0e:cb:ec:7c:28:
                    98:6c:24:d3:6d:19:f7:ed:da:9c:79:5d:f1:98:d8:
                    66:ff:da:31:81:b8:a3:93:d8:28:a6:21:0a:23:44:
                    e7:6d:12:2a:be:9a:a1:df:48:9c:45:3d:a9:eb:8f:
                    2c:00:65:d5:56:65:fd:f3:93:20:e4:a7:54:f2:68:
                    5e:1d:53:2a:40:85:82:73:d3:c3:c0:49:b6:b5:83:
                    89:e9:e8:d6:76:e0:e4:47:7b:51:0a:a2:c8:05:be:
                    34:68:12:6f:c9:cf:96:cb:0f:c4:bd:5d:af:f1:e1:
                    89:85:80:9f:9b:dc:7e:29:ff:43:e5:76:b8:21:60:
                    ca:d0:4f:1b:46:a3:d3:0a:f6:72:bc:c5:95:1b:1f:
                    6c:61:11:1f:ca:1b:a0:46:ad:d0:cf:66:e1:7e:f3:
                    a7:f9:58:02:c8:35:a9:1b:8f:a9:3f:49:11:8d:a8:
                    b3:e6:a9:7f:89:70:4b:6c:ea:8c:4f:37:a7:16:bb:
                    a2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:5C:A9:C8:77:33:0C:4B:62:24:1C:8E:49:33:CD:A4:8F:4E:F0:AC
            X509v3 Authority Key Identifier:
                keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8FypyHczDEtiJByOSTPNpI9O8Kw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.1.0/24
                  89.213.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:13:01:38:3e:2e:ce:43:eb:2d:0b:4d:18:6d:90:54:a5:e4:
         f8:5d:4a:a8:5a:80:c7:06:2d:f1:fd:3f:69:e7:b2:b1:10:f3:
         5c:e7:03:62:84:9e:e3:56:ad:c6:5f:cf:c2:51:20:86:7b:6f:
         94:30:62:6c:9c:51:a3:01:45:e6:24:1a:08:a6:ed:e5:81:fa:
         c2:64:c2:9a:4f:0f:3e:58:51:a7:95:fa:f7:c1:39:6c:f8:b1:
         b2:ba:b4:ba:b4:dd:d0:4e:15:1e:2e:80:30:3d:68:03:a8:d3:
         73:b8:0c:8d:ea:6a:d8:1d:27:df:be:ed:1c:76:8b:bb:28:69:
         a8:fd:4a:1e:36:17:be:3d:45:18:11:70:31:16:8d:9a:5e:e4:
         dc:3e:79:7c:6c:96:b3:56:b9:32:19:1b:0a:a4:6d:fc:4a:85:
         15:e6:85:c7:9e:0f:1c:06:73:f7:47:81:86:07:4b:bb:9b:26:
         3e:7a:83:5c:9b:c4:da:41:bc:55:bc:97:34:f8:b2:da:e5:0a:
         ce:9b:58:93:a1:13:c0:9f:ee:2b:b5:cb:55:26:c2:70:9c:62:
         3c:cf:b1:fc:4c:16:a8:78:d1:a9:77:15:a9:ca:92:a7:99:73:
         96:72:8f:db:6f:76:55:6d:13:11:05:51:bc:85:87:a0:c9:22:
         7c:2c:9e:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ8jaM2ozms9lTUkfdFKkkyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVjYTljODc3MzMwYzRiNjIyNDFjOGU0OTMzY2RhNDhmNGVmMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMZZULDUJSCvxbW6fcRJrRET/67L
J6bVAtPa+wVIpghwYmF+WbgX9E/2IeS1r0+XciVy3yXRhEZQfEfTeotCm1pFCBCw
DsvsfCiYbCTTbRn37dqceV3xmNhm/9oxgbijk9gopiEKI0TnbRIqvpqh30icRT2p
648sAGXVVmX985Mg5KdU8mheHVMqQIWCc9PDwEm2tYOJ6ejWduDkR3tRCqLIBb40
aBJvyc+Wyw/EvV2v8eGJhYCfm9x+Kf9D5Xa4IWDK0E8bRqPTCvZyvMWVGx9sYREf
yhugRq3Qz2bhfvOn+VgCyDWpG4+pP0kRjaiz5ql/iXBLbOqMTzenFruiwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPBcqch3MwxLYiQcjkkzzaSPTvCsMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOEZ5cHlIY3pERXRpSkJ5T1NUUE5wSTlPOEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdUBAwQA
WdWCMA0GCSqGSIb3DQEBCwUAA4IBAQB1EwE4Pi7OQ+stC00YbZBUpeT4XUqoWoDH
Bi3x/T9p57KxEPNc5wNihJ7jVq3GX8/CUSCGe2+UMGJsnFGjAUXmJBoIpu3lgfrC
ZMKaTw8+WFGnlfr3wTls+LGyurS6tN3QThUeLoAwPWgDqNNzuAyN6mrYHSffvu0c
dou7KGmo/UoeNhe+PUUYEXAxFo2aXuTcPnl8bJazVrkyGRsKpG38SoUV5oXHng8c
BnP3R4GGB0u7myY+eoNcm8TaQbxVvJc0+LLa5QrOm1iToRPAn+4rtctVJsJwnGI8
z7H8TBaoeNGpdxWpypKnmXOWco/bb3ZVbRMRBVG8hYegySJ8LJ5p
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:22:22 2026 by rpki-client