Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q4iWnKz-W7z_h846gLzSZtawGCM.roa
File:                     q4iWnKz-W7z_h846gLzSZtawGCM.roa (raw, json)
Hash identifier:          Vr/T5TvtRU0IaVxnyssErrMwblCwpUI3reo2kNMCBng=
Subject key identifier:   AB:88:96:9C:AC:FE:5B:BC:FF:87:CE:3A:80:BC:D2:66:D6:B0:18:23
Certificate issuer:       /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial:       019F2368A3E8F68DDDD242197838A3A7EC4F
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q4iWnKz-W7z_h846gLzSZtawGCM.roa
Signing time:             Thu 02 Jul 2026 15:18:07 +0000
ROA not before:           Thu 02 Jul 2026 15:18:07 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     174
IP address blocks:        80.240.95.0/24 maxlen: 24
                          82.152.56.0/24 maxlen: 24
                          82.152.78.0/24 maxlen: 24
                          82.152.80.0/24 maxlen: 24
                          82.152.112.0/24 maxlen: 24
                          82.152.113.0/24 maxlen: 24
                          82.152.119.0/24 maxlen: 24
                          82.152.123.0/24 maxlen: 24
                          82.152.124.0/24 maxlen: 24
                          82.152.125.0/24 maxlen: 24
                          82.152.126.0/24 maxlen: 24
                          82.152.135.0/24 maxlen: 24
                          82.152.137.0/24 maxlen: 24
                          82.152.185.0/24 maxlen: 24
                          82.152.235.0/24 maxlen: 24
                          82.152.237.0/24 maxlen: 24
                          82.152.239.0/24 maxlen: 24
                          82.153.47.0/24 maxlen: 24
                          82.153.48.0/24 maxlen: 24
                          82.153.59.0/24 maxlen: 24
                          82.153.87.0/24 maxlen: 24
                          82.153.176.0/24 maxlen: 24
                          82.153.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:a3:e8:f6:8d:dd:d2:42:19:78:38:a3:a7:ec:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
        Validity
            Not Before: Jul  2 15:18:07 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ab88969cacfe5bbcff87ce3a80bcd266d6b01823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7e:8b:0e:5f:8d:fd:d1:f6:49:fd:1e:76:52:
                    f6:05:d3:c4:02:62:f5:36:19:8a:09:08:bb:8e:56:
                    f4:21:3d:cc:cd:0e:d9:bf:6a:c4:29:90:6b:16:83:
                    48:59:cd:41:4a:b2:d8:f1:0f:45:b2:cb:cc:a0:27:
                    16:46:87:3c:55:00:b4:d9:bf:4c:7a:e9:4e:72:17:
                    22:64:94:65:63:1a:29:72:e1:80:c4:88:d5:b7:c8:
                    78:c9:b0:89:8a:37:3a:ba:1b:32:f2:0d:7b:11:e4:
                    53:02:c8:1b:0a:b7:0e:9a:8b:e9:60:b7:83:4c:f7:
                    3f:e9:b6:95:dc:ac:3d:68:01:58:cc:41:16:04:00:
                    01:70:60:d1:b7:7a:ed:9e:6d:98:86:6e:cf:20:9c:
                    26:6f:b7:39:40:35:08:cb:b2:b4:fe:2c:f2:f6:93:
                    98:f4:cd:ec:45:ce:bd:ec:71:cf:cc:de:1a:65:77:
                    76:34:94:5c:69:dc:41:24:4d:c3:55:ef:cc:91:fd:
                    94:9e:8f:70:fb:ac:b1:b4:9f:c9:c5:28:84:7e:91:
                    44:3d:cf:92:4b:86:1c:d6:bc:be:17:83:d4:d2:17:
                    8d:dc:fb:a2:13:f7:b6:e4:58:0d:63:72:d8:2b:ad:
                    2f:07:32:b8:22:e4:be:9d:b6:82:4c:29:d7:1b:e2:
                    8c:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:88:96:9C:AC:FE:5B:BC:FF:87:CE:3A:80:BC:D2:66:D6:B0:18:23
            X509v3 Authority Key Identifier:
                keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q4iWnKz-W7z_h846gLzSZtawGCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.240.95.0/24
                  82.152.56.0/24
                  82.152.78.0/24
                  82.152.80.0/24
                  82.152.112.0/23
                  82.152.119.0/24
                  82.152.123.0-82.152.126.255
                  82.152.135.0/24
                  82.152.137.0/24
                  82.152.185.0/24
                  82.152.235.0/24
                  82.152.237.0/24
                  82.152.239.0/24
                  82.153.47.0-82.153.48.255
                  82.153.59.0/24
                  82.153.87.0/24
                  82.153.176.0/24
                  82.153.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:72:6d:4c:9b:c8:38:e0:9c:fe:fe:8a:93:5d:d2:da:2f:38:
         c6:4e:d5:c2:8b:08:eb:a3:99:10:3a:1b:39:8d:aa:87:8c:09:
         f3:2b:e6:99:17:3c:c5:80:be:6b:17:b9:f0:43:2a:32:6f:6d:
         bf:6d:bd:f0:bd:db:55:76:7c:4b:a0:b7:39:f4:99:f6:63:85:
         77:33:0d:4d:d4:97:a1:17:0d:7c:d9:fd:56:33:2e:10:e0:be:
         f9:0b:38:c5:fa:7d:7b:9d:ab:1f:a6:d9:34:8f:f2:6c:02:45:
         b1:15:aa:b5:a2:2d:6b:02:32:59:98:a9:9a:f3:9c:6a:fa:83:
         95:d3:d7:48:aa:86:31:92:86:1d:bb:6b:b4:97:50:d8:15:f1:
         55:68:bd:f0:5d:88:a6:dd:c9:a8:50:7f:7f:ac:5d:29:c5:e4:
         db:c4:f7:e1:0e:44:a3:b9:0a:1a:2c:4b:79:0f:ea:13:66:8f:
         b3:f3:1a:5a:a2:ec:c4:37:7e:24:bc:19:05:bd:a2:02:9b:6d:
         81:1f:98:c0:1f:65:9f:3e:6c:31:9e:2e:90:f4:38:a6:94:ae:
         25:0d:2f:40:22:e3:c2:4c:2c:2d:c5:dc:7f:b4:2d:74:bf:0b:
         74:3c:32:e5:ad:62:44:7c:80:fc:5b:f7:df:9d:1e:81:2f:61:
         32:8f:82:a5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZ8jaKPo9o3d0kIZeDijp+xPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjg4OTY5Y2FjZmU1YmJjZmY4N2NlM2E4MGJjZDI2NmQ2YjAxODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH6LDl+N/dH2Sf0edlL2BdPEAmL1
NhmKCQi7jlb0IT3MzQ7Zv2rEKZBrFoNIWc1BSrLY8Q9FssvMoCcWRoc8VQC02b9M
eulOchciZJRlYxopcuGAxIjVt8h4ybCJijc6uhsy8g17EeRTAsgbCrcOmovpYLeD
TPc/6baV3Kw9aAFYzEEWBAABcGDRt3rtnm2Yhm7PIJwmb7c5QDUIy7K0/izy9pOY
9M3sRc697HHPzN4aZXd2NJRcadxBJE3DVe/Mkf2Uno9w+6yxtJ/JxSiEfpFEPc+S
S4Yc1ry+F4PU0heN3PuiE/e25FgNY3LYK60vBzK4IuS+nbaCTCnXG+KM2QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKuIlpys/lu8/4fOOoC80mbWsBgjMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcTRpV25Lei1XN3pfaDg0NmdMelNadGF3R0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAFDw
XwMEAFKYOAMEAFKYTgMEAFKYUAMEAVKYcAMEAFKYdzAMAwQAUph7AwQAUph+AwQA
UpiHAwQAUpiJAwQAUpi5AwQAUpjrAwQAUpjtAwQAUpjvMAwDBABSmS8DBABSmTAD
BABSmTsDBABSmVcDBABSmbADBABSmbwwDQYJKoZIhvcNAQELBQADggEBABxybUyb
yDjgnP7+ipNd0tovOMZO1cKLCOujmRA6GzmNqoeMCfMr5pkXPMWAvmsXufBDKjJv
bb9tvfC921V2fEugtzn0mfZjhXczDU3Ul6EXDXzZ/VYzLhDgvvkLOMX6fXudqx+m
2TSP8mwCRbEVqrWiLWsCMlmYqZrznGr6g5XT10iqhjGShh27a7SXUNgV8VVovfBd
iKbdyahQf3+sXSnF5NvE9+EORKO5ChosS3kP6hNmj7PzGlqi7MQ3fiS8GQW9ogKb
bYEfmMAfZZ8+bDGeLpD0OKaUriUNL0Ai48JMLC3F3H+0LXS/C3Q8MuWtYkR8gPxb
99+dHoEvYTKPgqU=
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:22:41 2026 by rpki-client