Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w_lif8tAtb_guv_xCjnWfr6vy1Q.roa
File:                     w_lif8tAtb_guv_xCjnWfr6vy1Q.roa (raw, json)
Hash identifier:          zFSMtrUQa0Vkq9wCvZ5M9NCcPFLAzhS8LXad9lkdB74=
Subject key identifier:   C3:F9:62:7F:CB:40:B5:BF:E0:BA:FF:F1:0A:39:D6:7E:BE:AF:CB:54
Certificate issuer:       /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial:       019F2368C847322562236EE3223DC0135A2A
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w_lif8tAtb_guv_xCjnWfr6vy1Q.roa
Signing time:             Thu 02 Jul 2026 15:18:17 +0000
ROA not before:           Thu 02 Jul 2026 15:18:17 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     134477
IP address blocks:        213.210.55.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:c8:47:32:25:62:23:6e:e3:22:3d:c0:13:5a:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
        Validity
            Not Before: Jul  2 15:18:17 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c3f9627fcb40b5bfe0bafff10a39d67ebeafcb54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5a:54:cd:65:a9:73:2d:af:45:c5:30:a6:89:
                    3a:c2:f7:8c:30:6f:2e:9b:d8:ec:50:b7:eb:b3:3c:
                    d0:d6:07:5f:8d:9e:1a:74:5d:39:25:c2:d9:9a:36:
                    44:99:f8:11:91:6c:e8:4e:32:fc:31:bf:7e:63:a7:
                    ab:61:ef:a5:6e:b0:7e:6b:06:c1:c7:12:25:56:10:
                    c4:81:36:bd:b9:22:7c:4a:aa:99:61:d0:55:e0:ae:
                    72:49:83:b6:0a:62:25:6e:25:dc:04:de:93:e2:6c:
                    a3:74:7b:1d:03:ef:5b:25:9a:68:c0:ee:3e:cc:5b:
                    9e:ee:e4:97:0b:1f:b3:1f:6a:c8:c0:1a:3b:bd:4d:
                    a2:ad:00:f2:10:8d:ed:10:f0:4c:5f:9c:a6:8f:e4:
                    fd:22:7d:9b:db:53:fc:20:32:c7:00:c9:a8:94:61:
                    86:64:af:ee:a4:5b:04:b3:4d:e8:65:05:64:1f:a9:
                    a7:1a:6c:2b:9d:6b:a4:6f:08:27:1f:9f:3a:34:95:
                    cd:1e:0c:66:a0:ce:fc:a1:67:61:c3:be:8b:8b:53:
                    0e:e0:a9:de:e4:36:e7:82:dd:0b:c2:f3:34:43:f5:
                    a6:ca:8b:ae:98:12:72:a3:46:e1:fa:76:f6:a2:3a:
                    65:5e:f8:d8:8d:27:a4:a3:55:53:c5:90:cd:10:6c:
                    73:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:F9:62:7F:CB:40:B5:BF:E0:BA:FF:F1:0A:39:D6:7E:BE:AF:CB:54
            X509v3 Authority Key Identifier:
                keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w_lif8tAtb_guv_xCjnWfr6vy1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.210.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:b7:ce:10:d5:7c:d4:b0:7b:89:f8:96:71:7d:4e:8c:68:ae:
         b7:40:56:5e:9e:a2:0f:fc:1b:be:01:2d:74:a3:46:c9:ff:68:
         5d:97:13:ae:ec:0a:83:18:fd:35:f3:f9:89:9b:28:f3:92:d9:
         85:d3:44:e0:18:d2:1a:32:e5:c6:8d:db:0b:61:47:10:dd:2b:
         53:a6:43:71:ee:be:b4:fa:a6:0d:c9:21:47:64:d0:67:bc:14:
         27:5d:3a:db:5a:9d:e7:ed:65:02:d7:38:27:f9:7b:7d:bc:f4:
         ff:9d:bf:f0:90:fb:f2:50:81:7a:23:a4:d9:ec:c5:00:7b:59:
         cc:5a:5d:06:58:01:53:c0:fe:cb:f4:c4:56:7b:cd:ef:b1:9a:
         4f:62:8c:af:9e:f1:0c:a9:ed:12:1a:39:11:6f:45:18:99:d4:
         b1:74:17:00:ba:f3:ea:80:a9:c9:f7:ea:af:ea:1e:69:cc:62:
         ab:5e:df:3a:5b:46:30:fc:5d:d5:b6:8d:49:a5:5c:3a:88:36:
         15:82:cf:fd:fa:1a:8c:b2:a3:95:98:11:24:ef:cf:4d:98:99:
         aa:b6:0a:cf:72:27:26:01:76:4a:4a:70:e5:a8:fa:27:ac:e4:
         c8:e7:02:0c:53:77:8e:e1:fb:d7:19:9f:d5:0d:b1:79:b2:4c:
         af:98:8c:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaMhHMiViI27jIj3AE1oqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Y5NjI3ZmNiNDBiNWJmZTBiYWZmZjEwYTM5ZDY3ZWJlYWZjYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lpUzWWpcy2vRcUwpok6wveMMG8u
m9jsULfrszzQ1gdfjZ4adF05JcLZmjZEmfgRkWzoTjL8Mb9+Y6erYe+lbrB+awbB
xxIlVhDEgTa9uSJ8SqqZYdBV4K5ySYO2CmIlbiXcBN6T4myjdHsdA+9bJZpowO4+
zFue7uSXCx+zH2rIwBo7vU2irQDyEI3tEPBMX5ymj+T9In2b21P8IDLHAMmolGGG
ZK/upFsEs03oZQVkH6mnGmwrnWukbwgnH586NJXNHgxmoM78oWdhw76Li1MO4Kne
5Dbngt0LwvM0Q/WmyouumBJyo0bh+nb2ojplXvjYjSeko1VTxZDNEGxzdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMP5Yn/LQLW/4Lr/8Qo51n6+r8tUMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd19saWY4dEF0Yl9ndXZfeENqbldmcjZ2eTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dI3MA0G
CSqGSIb3DQEBCwUAA4IBAQBJt84Q1XzUsHuJ+JZxfU6MaK63QFZenqIP/Bu+AS10
o0bJ/2hdlxOu7AqDGP018/mJmyjzktmF00TgGNIaMuXGjdsLYUcQ3StTpkNx7r60
+qYNySFHZNBnvBQnXTrbWp3n7WUC1zgn+Xt9vPT/nb/wkPvyUIF6I6TZ7MUAe1nM
Wl0GWAFTwP7L9MRWe83vsZpPYoyvnvEMqe0SGjkRb0UYmdSxdBcAuvPqgKnJ9+qv
6h5pzGKrXt86W0Yw/F3Vto1JpVw6iDYVgs/9+hqMsqOVmBEk789NmJmqtgrPcicm
AXZKSnDlqPonrOTI5wIMU3eO4fvXGZ/VDbF5skyvmIxo
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:22:42 2026 by rpki-client