Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8HWvr8BGBzO6B_SEBf2q82C7ExM.roa
File:                     8HWvr8BGBzO6B_SEBf2q82C7ExM.roa (raw, json)
Hash identifier:          sfVmmFXxOINm47solXVNvM0/Nl/+3TDRWmU40BZanmE=
Subject key identifier:   F0:75:AF:AF:C0:46:07:33:BA:07:F4:84:05:FD:AA:F3:60:BB:13:13
Certificate issuer:       /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial:       019F2368B0ECD9141FEF0CC41CEA552E06A1
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8HWvr8BGBzO6B_SEBf2q82C7ExM.roa
Signing time:             Thu 02 Jul 2026 15:18:11 +0000
ROA not before:           Thu 02 Jul 2026 15:18:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        77.93.137.0/24 maxlen: 24
                          77.93.149.0/24 maxlen: 24
                          82.153.208.0/22 maxlen: 22
                          82.163.19.0/24 maxlen: 24
                          89.213.58.0/24 maxlen: 24
                          89.213.228.0/24 maxlen: 24
                          213.210.16.0/24 maxlen: 24
                          213.210.18.0/24 maxlen: 24
                          213.210.33.0/24 maxlen: 24
                          213.210.51.0/24 maxlen: 24
                          213.218.220.0/24 maxlen: 24
                          217.144.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:b0:ec:d9:14:1f:ef:0c:c4:1c:ea:55:2e:06:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
        Validity
            Not Before: Jul  2 15:18:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f075afafc0460733ba07f48405fdaaf360bb1313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4f:8a:45:08:53:2c:0c:e8:21:bb:4c:57:3e:
                    14:31:89:65:fa:6b:f5:b6:c6:9b:17:5e:66:53:16:
                    f0:68:56:85:09:a5:64:44:b8:7d:94:a3:81:be:fb:
                    05:9d:93:98:68:61:48:7e:0a:d6:21:de:be:52:32:
                    8d:42:c1:6a:61:4a:ca:02:4f:65:ab:bc:3a:b1:b5:
                    81:fe:be:cd:cc:8e:69:82:03:42:ab:20:53:bc:49:
                    fa:8b:e2:3f:17:53:62:91:4c:2c:30:0a:3a:2e:cc:
                    db:86:51:5d:2a:2a:c3:28:05:85:b1:c3:1c:f1:9e:
                    53:a8:2c:db:cd:10:9c:a4:f9:a1:18:08:1e:ba:38:
                    98:bc:fa:bd:e1:6a:20:db:fc:bc:10:30:8a:54:3c:
                    56:71:a7:f4:32:fb:eb:82:96:3e:d4:3a:6c:29:f2:
                    a0:6b:05:a0:99:62:e1:7d:f3:76:93:06:08:e0:4e:
                    1a:7e:ab:ec:97:e5:61:24:f1:22:a7:ac:cd:4d:02:
                    97:b7:87:de:a4:ad:76:65:c6:d1:4a:ab:a0:2b:d9:
                    ef:bc:43:75:bd:6b:95:a0:27:28:c7:22:94:e8:9d:
                    81:95:1b:eb:70:c8:b9:94:42:02:f2:09:a4:75:5c:
                    23:1f:a6:6d:bc:d2:93:ba:c1:8e:a3:24:a0:91:87:
                    e1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:75:AF:AF:C0:46:07:33:BA:07:F4:84:05:FD:AA:F3:60:BB:13:13
            X509v3 Authority Key Identifier:
                keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8HWvr8BGBzO6B_SEBf2q82C7ExM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.93.137.0/24
                  77.93.149.0/24
                  82.153.208.0/22
                  82.163.19.0/24
                  89.213.58.0/24
                  89.213.228.0/24
                  213.210.16.0/24
                  213.210.18.0/24
                  213.210.33.0/24
                  213.210.51.0/24
                  213.218.220.0/24
                  217.144.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:c8:51:97:24:71:7a:3a:18:f4:3c:5f:37:fd:42:29:a8:1d:
         a3:06:16:67:03:3f:dd:28:73:85:cb:95:13:03:9d:bd:4d:6f:
         cd:79:78:c0:3a:4c:52:0f:1c:22:4b:43:5e:e0:ff:8d:8a:4b:
         b4:68:b5:fe:16:7c:73:50:fc:53:04:ec:d8:34:13:6d:f7:92:
         e7:b8:41:6d:03:a3:ec:3c:d9:9b:8f:34:a6:d8:57:66:f7:6f:
         27:a8:bf:d4:73:d7:ff:b9:e3:2c:82:18:4d:61:3f:58:6a:cb:
         39:4f:03:7d:bd:e0:ca:7c:ec:38:7b:eb:0b:78:dc:fd:86:f3:
         48:e8:a2:7c:66:9e:b8:36:29:d4:e5:52:b9:da:a5:7d:68:66:
         e0:41:41:6d:27:64:82:49:5f:98:3c:0e:50:32:cb:b2:46:da:
         24:1d:3f:c8:a2:aa:cf:e4:9f:97:ff:6b:17:f6:5d:67:e7:b5:
         4a:f7:78:ea:13:68:3d:69:a5:65:f2:00:ca:6c:2b:7b:9b:87:
         9a:21:3e:52:ac:d1:f0:56:69:5e:13:29:90:09:68:26:9d:e3:
         bd:ef:56:08:8b:26:a7:ea:6c:1f:4c:2c:56:5d:da:e7:17:31:
         71:90:53:81:77:33:79:3c:b3:d3:0d:38:c3:b8:ff:4d:70:54:
         c1:ad:e1:75
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ8jaLDs2RQf7wzEHOpVLgahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDc1YWZhZmMwNDYwNzMzYmEwN2Y0ODQwNWZkYWFmMzYwYmIxMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU+KRQhTLAzoIbtMVz4UMYll+mv1
tsabF15mUxbwaFaFCaVkRLh9lKOBvvsFnZOYaGFIfgrWId6+UjKNQsFqYUrKAk9l
q7w6sbWB/r7NzI5pggNCqyBTvEn6i+I/F1NikUwsMAo6LszbhlFdKirDKAWFscMc
8Z5TqCzbzRCcpPmhGAgeujiYvPq94Wog2/y8EDCKVDxWcaf0MvvrgpY+1DpsKfKg
awWgmWLhffN2kwYI4E4afqvsl+VhJPEip6zNTQKXt4fepK12ZcbRSqugK9nvvEN1
vWuVoCcoxyKU6J2BlRvrcMi5lEIC8gmkdVwjH6ZtvNKTusGOoySgkYfhOQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPB1r6/ARgczugf0hAX9qvNguxMTMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOEhXdnI4QkdCek82Ql9TRUJmMnE4MkM3RXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQATV2JAwQA
TV2VAwQCUpnQAwQAUqMTAwQAWdU6AwQAWdXkAwQA1dIQAwQA1dISAwQA1dIhAwQA
1dIzAwQA1drcAwQA2ZCXMA0GCSqGSIb3DQEBCwUAA4IBAQB/yFGXJHF6Ohj0PF83
/UIpqB2jBhZnAz/dKHOFy5UTA529TW/NeXjAOkxSDxwiS0Ne4P+Niku0aLX+Fnxz
UPxTBOzYNBNt95LnuEFtA6PsPNmbjzSm2Fdm928nqL/Uc9f/ueMsghhNYT9Yass5
TwN9veDKfOw4e+sLeNz9hvNI6KJ8Zp64NinU5VK52qV9aGbgQUFtJ2SCSV+YPA5Q
MsuyRtokHT/IoqrP5J+X/2sX9l1n57VK93jqE2g9aaVl8gDKbCt7m4eaIT5SrNHw
VmleEymQCWgmneO971YIiyan6mwfTCxWXdrnFzFxkFOBdzN5PLPTDTjDuP9NcFTB
reF1
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:20:09 2026 by rpki-client