Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f4827b-3d1d-4acb-a773-cb168afdb343/1/Y6zS8YDmPj-G6mPuoyZYaq_iW8U.roa
File:                     Y6zS8YDmPj-G6mPuoyZYaq_iW8U.roa (raw, json)
Hash identifier:          pDINxzEN/TTHiwXe/aSdinDHprhgHmQnT+rOZty6IdU=
Subject key identifier:   63:AC:D2:F1:80:E6:3E:3F:86:EA:63:EE:A3:26:58:6A:AF:E2:5B:C5
Certificate issuer:       /CN=eab741acbbaffec75c0d2d423fa200ed3e53f7b5
Certificate serial:       019F2368C0171B27C806CFB34B00CBAB7062
Authority key identifier: EA:B7:41:AC:BB:AF:FE:C7:5C:0D:2D:42:3F:A2:00:ED:3E:53:F7:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6rdBrLuv_sdcDS1CP6IA7T5T97U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f4827b-3d1d-4acb-a773-cb168afdb343/1/Y6zS8YDmPj-G6mPuoyZYaq_iW8U.roa
Signing time:             Thu 02 Jul 2026 15:18:15 +0000
ROA not before:           Thu 02 Jul 2026 15:18:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15830
IP address blocks:        178.211.142.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/f4827b-3d1d-4acb-a773-cb168afdb343/1/6rdBrLuv_sdcDS1CP6IA7T5T97U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/f4827b-3d1d-4acb-a773-cb168afdb343/1/6rdBrLuv_sdcDS1CP6IA7T5T97U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6rdBrLuv_sdcDS1CP6IA7T5T97U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 Jul 2026 06:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:c0:17:1b:27:c8:06:cf:b3:4b:00:cb:ab:70:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eab741acbbaffec75c0d2d423fa200ed3e53f7b5
        Validity
            Not Before: Jul  2 15:18:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=63acd2f180e63e3f86ea63eea326586aafe25bc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:09:11:a6:6a:9a:6f:36:6f:43:c0:9b:c6:a0:
                    19:c7:5a:49:6f:cd:e8:0a:d9:a3:6c:c7:a3:9a:dd:
                    e5:fc:52:eb:ec:6c:10:ce:9e:f5:9f:85:f6:bc:e5:
                    3d:cf:90:05:41:99:a5:95:1a:e4:97:bc:e9:4a:8e:
                    c4:a5:18:68:20:c8:44:9d:92:31:82:b8:68:89:7e:
                    8d:69:55:26:4e:c1:a7:8f:a4:3c:fe:65:e6:1c:ec:
                    82:92:ab:1c:aa:40:ea:d8:70:c5:15:d6:b6:c6:16:
                    b7:db:9d:db:6a:7d:8d:2d:a0:de:48:9e:5d:e2:b0:
                    10:8c:c8:c7:68:f1:a2:b1:ab:58:e4:bd:89:d7:cc:
                    64:03:7d:70:e0:1a:57:e8:d4:b7:24:26:93:59:8a:
                    a4:fa:f4:9e:8f:09:74:88:86:e2:3f:2e:76:93:3d:
                    fe:b7:9e:ad:0c:2b:b3:a3:7c:b4:29:fb:f6:27:21:
                    43:d6:22:3b:f6:b0:92:1a:e8:cc:5d:69:f5:76:79:
                    67:7e:64:8d:de:9c:6f:43:68:26:f8:cd:ed:12:d5:
                    2b:17:a1:cf:64:13:d0:5b:db:aa:8c:99:3e:dd:9c:
                    03:da:fe:fd:a5:1f:37:07:f5:1a:bd:f3:80:e6:77:
                    26:a6:18:15:e0:58:71:93:3f:2b:12:d5:2b:ec:e5:
                    f4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:AC:D2:F1:80:E6:3E:3F:86:EA:63:EE:A3:26:58:6A:AF:E2:5B:C5
            X509v3 Authority Key Identifier:
                keyid:EA:B7:41:AC:BB:AF:FE:C7:5C:0D:2D:42:3F:A2:00:ED:3E:53:F7:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6rdBrLuv_sdcDS1CP6IA7T5T97U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f4827b-3d1d-4acb-a773-cb168afdb343/1/Y6zS8YDmPj-G6mPuoyZYaq_iW8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f4827b-3d1d-4acb-a773-cb168afdb343/1/6rdBrLuv_sdcDS1CP6IA7T5T97U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:7e:34:e1:57:8f:1d:d7:4a:8b:66:25:71:11:e5:3f:8d:13:
         31:0b:dd:d5:cf:b0:ac:af:31:ab:ce:59:e2:dd:49:c4:ce:38:
         07:37:1c:65:47:8a:60:47:77:41:75:3d:1f:7c:3d:db:d6:4f:
         b7:8d:af:e3:d1:97:a1:14:44:af:47:9d:12:3f:d8:21:55:61:
         97:bb:97:b5:d9:de:d8:9b:1b:c3:78:f3:61:9a:9d:21:a1:83:
         71:9d:d2:90:8c:30:25:6d:06:40:c5:93:b3:d3:0f:2a:8f:ec:
         b0:e4:16:2b:22:07:38:2a:c1:27:89:1c:29:06:59:b8:76:bf:
         58:45:9b:b0:86:10:38:bc:48:53:71:c0:ba:af:ca:e0:1f:18:
         c5:dd:37:8f:cf:84:3a:61:f4:2f:cb:9e:7e:79:bd:84:32:03:
         78:ff:e8:f2:5e:82:21:a3:f3:d3:bd:46:89:c3:99:c9:0d:73:
         0e:e3:cd:57:13:c8:d9:08:63:95:79:27:dd:9b:15:ff:21:c0:
         79:10:f1:02:6a:85:3e:fe:5b:37:38:04:bc:9c:16:85:b3:c8:
         e7:49:a7:6e:6c:0c:d9:86:ae:63:7e:ed:c6:a2:16:cc:31:26:
         c2:95:05:dd:f6:36:73:ca:bc:34:fb:9c:8d:ac:52:2b:6f:8c:
         e7:33:5d:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaMAXGyfIBs+zSwDLq3BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYjc0MWFjYmJhZmZlYzc1YzBkMmQ0MjNmYTIwMGVkM2U1
M2Y3YjUwHhcNMjYwNzAyMTUxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2FjZDJmMTgwZTYzZTNmODZlYTYzZWVhMzI2NTg2YWFmZTI1YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgkRpmqabzZvQ8CbxqAZx1pJb83o
CtmjbMejmt3l/FLr7GwQzp71n4X2vOU9z5AFQZmllRrkl7zpSo7EpRhoIMhEnZIx
grhoiX6NaVUmTsGnj6Q8/mXmHOyCkqscqkDq2HDFFda2xha3253ban2NLaDeSJ5d
4rAQjMjHaPGisatY5L2J18xkA31w4BpX6NS3JCaTWYqk+vSejwl0iIbiPy52kz3+
t56tDCuzo3y0Kfv2JyFD1iI79rCSGujMXWn1dnlnfmSN3pxvQ2gm+M3tEtUrF6HP
ZBPQW9uqjJk+3ZwD2v79pR83B/UavfOA5ncmphgV4Fhxkz8rEtUr7OX0TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOs0vGA5j4/hupj7qMmWGqv4lvFMB8GA1UdIwQY
MBaAFOq3Qay7r/7HXA0tQj+iAO0+U/e1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnJkQnJMdXZfc2RjRFMxQ1A2SUE3VDVUOTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mNDgyN2ItM2QxZC00YWNiLWE3NzMt
Y2IxNjhhZmRiMzQzLzEvWTZ6UzhZRG1Qai1HNm1QdW95WllhcV9pVzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mNDgyN2ItM2QxZC00YWNiLWE3NzMtY2IxNjhhZmRiMzQz
LzEvNnJkQnJMdXZfc2RjRFMxQ1A2SUE3VDVUOTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOOMA0G
CSqGSIb3DQEBCwUAA4IBAQCFfjThV48d10qLZiVxEeU/jRMxC93Vz7CsrzGrzlni
3UnEzjgHNxxlR4pgR3dBdT0ffD3b1k+3ja/j0ZehFESvR50SP9ghVWGXu5e12d7Y
mxvDePNhmp0hoYNxndKQjDAlbQZAxZOz0w8qj+yw5BYrIgc4KsEniRwpBlm4dr9Y
RZuwhhA4vEhTccC6r8rgHxjF3TePz4Q6YfQvy55+eb2EMgN4/+jyXoIho/PTvUaJ
w5nJDXMO481XE8jZCGOVeSfdmxX/IcB5EPECaoU+/ls3OAS8nBaFs8jnSadubAzZ
hq5jfu3GohbMMSbClQXd9jZzyrw0+5yNrFIrb4znM10f
-----END CERTIFICATE-----
Generated at Sun Jul 5 11:20:36 2026 by rpki-client