Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/EA0sYoEkGY--aXg03FYbjJMjc6E.roa
File:                     EA0sYoEkGY--aXg03FYbjJMjc6E.roa (raw, json)
Hash identifier:          0QWqzxwOE1IAJYpUFvg8vxdtj+8qJzVTMZwsPgQDB/s=
Subject key identifier:   10:0D:2C:62:81:24:19:8F:BE:69:78:34:DC:56:1B:8C:93:23:73:A1
Certificate issuer:       /CN=c060d46d1d8046b4d74e4d815818c8e3659edbe9
Certificate serial:       019F23687CCF7684987A285FA58D51DF5E87
Authority key identifier: C0:60:D4:6D:1D:80:46:B4:D7:4E:4D:81:58:18:C8:E3:65:9E:DB:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wGDUbR2ARrTXTk2BWBjI42We2-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/EA0sYoEkGY--aXg03FYbjJMjc6E.roa
Signing time:             Thu 02 Jul 2026 15:17:58 +0000
ROA not before:           Thu 02 Jul 2026 15:17:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214271
IP address blocks:        213.220.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/wGDUbR2ARrTXTk2BWBjI42We2-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/wGDUbR2ARrTXTk2BWBjI42We2-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wGDUbR2ARrTXTk2BWBjI42We2-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 Jul 2026 15:19:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:23:68:7c:cf:76:84:98:7a:28:5f:a5:8d:51:df:5e:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c060d46d1d8046b4d74e4d815818c8e3659edbe9
        Validity
            Not Before: Jul  2 15:17:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=100d2c628124198fbe697834dc561b8c932373a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ac:38:4b:58:1b:3b:86:c9:c1:2d:69:37:da:
                    9a:99:dc:c8:fa:17:67:25:76:21:e4:64:90:f0:7c:
                    de:69:44:7b:f7:96:2e:df:68:34:91:ea:70:9e:5f:
                    2f:9c:17:26:f5:a2:95:ec:44:47:2a:79:3d:25:49:
                    50:2f:83:5e:37:76:b1:e6:8e:05:7c:7a:66:98:d9:
                    5d:38:a1:e5:5b:aa:74:74:fd:8d:ff:fc:e3:7e:b6:
                    7b:b3:f7:4a:13:db:0f:a4:85:56:58:71:87:e2:ec:
                    1d:90:8b:3b:c9:e5:52:ff:82:5c:d9:81:0f:3d:4e:
                    74:66:9c:19:75:0f:96:e1:79:c6:e7:20:4a:23:7a:
                    59:c1:1c:d1:68:3b:e1:19:a1:e9:61:fc:55:d9:07:
                    f7:9c:6a:93:0f:57:11:e7:97:08:a7:aa:41:e3:15:
                    73:e3:3d:56:b6:97:d2:a7:76:bf:10:54:8f:b8:a4:
                    06:de:30:a4:50:93:a1:35:64:cb:c7:5d:fb:7c:18:
                    a6:8b:0d:5b:fe:2d:ab:79:13:ef:ec:47:31:45:83:
                    4a:cd:05:15:5a:33:e9:1e:2d:be:3d:a7:52:bb:ef:
                    cd:82:34:f5:2b:c2:6c:d8:08:8d:d9:8a:07:0d:5c:
                    d2:ed:28:64:a0:ba:4c:2b:a6:57:2a:0a:0c:a5:b8:
                    d6:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:0D:2C:62:81:24:19:8F:BE:69:78:34:DC:56:1B:8C:93:23:73:A1
            X509v3 Authority Key Identifier:
                keyid:C0:60:D4:6D:1D:80:46:B4:D7:4E:4D:81:58:18:C8:E3:65:9E:DB:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wGDUbR2ARrTXTk2BWBjI42We2-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/EA0sYoEkGY--aXg03FYbjJMjc6E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/wGDUbR2ARrTXTk2BWBjI42We2-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.220.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:91:77:ff:6c:29:19:26:50:72:9a:65:61:14:d2:05:a1:12:
         bd:ac:f6:67:a9:f4:6c:a5:e8:34:02:5f:6d:31:33:ea:dc:70:
         28:9e:d0:79:35:b8:f2:ed:37:f2:93:8b:00:2f:16:0d:0c:b8:
         97:e3:df:8e:28:41:b1:9e:3a:a8:5b:3c:73:5c:0e:05:47:15:
         c2:1d:23:23:79:09:c3:3e:e4:8a:a9:4c:fd:2b:02:81:38:0c:
         f6:1a:de:89:7e:b7:3d:84:02:96:c5:e9:ec:ea:78:b6:f5:bb:
         c7:43:5c:dd:93:fa:0f:87:44:76:5f:ac:4e:7b:88:b0:d8:db:
         e8:04:30:0f:52:4d:2f:f7:13:be:6d:b8:b3:87:8b:41:28:ab:
         a8:92:a7:c8:17:c7:b5:2e:e0:e8:3f:cb:b1:7d:11:4d:15:d0:
         d9:e5:58:21:f1:6d:ef:e2:8e:18:bf:e3:4a:af:c9:4e:45:17:
         0a:1a:25:7c:b5:11:4e:9e:38:a9:37:20:7e:be:30:bb:71:0d:
         2c:3a:b0:bc:5d:53:52:a3:e0:b3:e3:af:f3:f5:90:bb:7b:27:
         d6:93:c3:da:90:f4:f9:5f:46:3c:f3:8f:68:cb:01:77:0f:a5:
         a9:1f:c1:aa:0f:00:84:72:c8:ab:b0:fe:43:4f:d8:45:0d:b3:
         5b:c9:99:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaHzPdoSYeihfpY1R316HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNjBkNDZkMWQ4MDQ2YjRkNzRlNGQ4MTU4MThjOGUzNjU5
ZWRiZTkwHhcNMjYwNzAyMTUxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDBkMmM2MjgxMjQxOThmYmU2OTc4MzRkYzU2MWI4YzkzMjM3M2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kw4S1gbO4bJwS1pN9qamdzI+hdn
JXYh5GSQ8HzeaUR795Yu32g0kepwnl8vnBcm9aKV7ERHKnk9JUlQL4NeN3ax5o4F
fHpmmNldOKHlW6p0dP2N//zjfrZ7s/dKE9sPpIVWWHGH4uwdkIs7yeVS/4Jc2YEP
PU50ZpwZdQ+W4XnG5yBKI3pZwRzRaDvhGaHpYfxV2Qf3nGqTD1cR55cIp6pB4xVz
4z1WtpfSp3a/EFSPuKQG3jCkUJOhNWTLx137fBimiw1b/i2reRPv7EcxRYNKzQUV
WjPpHi2+PadSu+/NgjT1K8Js2AiN2YoHDVzS7ShkoLpMK6ZXKgoMpbjWCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBANLGKBJBmPvml4NNxWG4yTI3OhMB8GA1UdIwQY
MBaAFMBg1G0dgEa0105NgVgYyONlntvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0dEVWJSMkFSclRYVGsyQldCakk0MldlMi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvRUEwc1lvRWtHWS0tYVhnMDNGWWJqSk1qYzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvd0dEVWJSMkFSclRYVGsyQldCakk0MldlMi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dwFMA0G
CSqGSIb3DQEBCwUAA4IBAQAmkXf/bCkZJlBymmVhFNIFoRK9rPZnqfRspeg0Al9t
MTPq3HAontB5Nbjy7Tfyk4sALxYNDLiX49+OKEGxnjqoWzxzXA4FRxXCHSMjeQnD
PuSKqUz9KwKBOAz2Gt6Jfrc9hAKWxens6ni29bvHQ1zdk/oPh0R2X6xOe4iw2Nvo
BDAPUk0v9xO+bbizh4tBKKuokqfIF8e1LuDoP8uxfRFNFdDZ5Vgh8W3v4o4Yv+NK
r8lORRcKGiV8tRFOnjipNyB+vjC7cQ0sOrC8XVNSo+Cz46/z9ZC7eyfWk8PakPT5
X0Y8849oywF3D6WpH8GqDwCEcsirsP5DT9hFDbNbyZlM
-----END CERTIFICATE-----
Generated at Thu Jul 2 23:47:25 2026 by rpki-client