Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
File:                     AS4766.roa (raw, json)
Hash identifier:          or8tpdWN32jkanu1dhwt22EEP3Qrto34qY9S1vWIXy4=
Subject key identifier:   AC:48:63:51:F7:DC:14:CE:7C:F8:4F:71:6B:F8:43:1F:75:3A:BF:9F
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       6EBC9D07A51DADC290336AABCCDB022484F76012
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
Signing time:             Mon 22 Jun 2026 15:24:35 +0000
ROA not before:           Mon 22 Jun 2026 15:19:35 +0000
ROA not after:            Mon 21 Jun 2027 15:24:35 +0000
asID:                     4766
IP address blocks:        82.22.240.0/24 maxlen: 24
                          82.23.198.0/24 maxlen: 24
                          82.23.240.0/24 maxlen: 24
                          82.24.209.0/24 maxlen: 24
                          82.24.219.0/24 maxlen: 24
                          82.24.233.0/24 maxlen: 24
                          82.24.240.0/24 maxlen: 24
                          82.24.250.0/24 maxlen: 24
                          82.25.208.0/24 maxlen: 24
                          82.25.211.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:bc:9d:07:a5:1d:ad:c2:90:33:6a:ab:cc:db:02:24:84:f7:60:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 22 15:19:35 2026 GMT
            Not After : Jun 21 15:24:35 2027 GMT
        Subject: CN=AC486351F7DC14CE7CF84F716BF8431F753ABF9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c4:84:30:fc:b1:43:f7:c3:ed:ff:73:6f:b1:
                    0c:98:4d:fd:13:bd:9d:67:13:f5:91:c9:0e:b9:17:
                    ef:ab:35:63:6f:dc:6b:18:f6:bf:c6:41:1c:90:aa:
                    ee:ba:72:51:d5:a7:96:c9:2b:54:c9:be:59:b2:1d:
                    aa:5c:f2:03:c0:83:ad:85:09:27:3d:8d:2e:8b:ed:
                    cf:13:32:d4:8d:cb:80:d5:51:97:e1:da:c8:9e:18:
                    c3:1c:a4:14:3c:bc:12:f4:4b:87:4f:30:57:77:3a:
                    9e:3a:4f:fb:d3:e8:ac:4a:a7:e3:74:00:76:ec:34:
                    4c:00:8d:ee:00:f0:92:29:95:5e:60:cf:df:3a:10:
                    35:3f:2a:0a:4c:78:c3:fa:73:d1:a3:7e:3f:ad:51:
                    2f:50:03:a7:aa:0c:f5:0d:7b:55:be:15:19:d7:d0:
                    ea:a1:2d:5d:cc:a5:36:dc:f1:63:7a:b4:65:b7:ad:
                    cc:2e:9b:8a:ee:d2:80:1a:14:7e:54:21:f2:f6:c8:
                    05:d1:63:79:a1:31:68:7f:5c:c5:ed:3e:06:b9:08:
                    0d:05:9e:94:96:7a:90:b4:cf:28:db:5d:c8:d6:f7:
                    b3:ce:45:78:0d:5a:8b:81:5d:68:44:89:37:f7:a7:
                    66:07:6b:64:a4:1a:04:0c:ca:5a:1d:28:fc:60:e5:
                    9d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:48:63:51:F7:DC:14:CE:7C:F8:4F:71:6B:F8:43:1F:75:3A:BF:9F
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.240.0/24
                  82.23.198.0/24
                  82.23.240.0/24
                  82.24.209.0/24
                  82.24.219.0/24
                  82.24.233.0/24
                  82.24.240.0/24
                  82.24.250.0/24
                  82.25.208.0/24
                  82.25.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:f7:1c:fd:cb:f3:a5:e1:f4:b3:26:4e:d2:1c:2f:57:da:ba:
         8f:c0:d1:b9:89:f0:8f:b5:a2:e0:93:17:b8:cd:83:85:90:84:
         f9:9a:bf:b1:e5:72:1d:aa:02:ad:15:b1:7f:18:9a:2a:b9:20:
         7d:e5:fe:b8:78:a5:9a:48:b1:ff:b5:c9:6c:48:bd:6d:61:45:
         40:92:af:1e:07:25:a5:21:1a:81:94:f0:a6:42:eb:e0:6d:46:
         e8:2d:1a:47:92:ea:cb:46:66:e8:0a:a7:22:5c:69:b5:ec:7a:
         dc:ee:f7:b8:6c:17:52:a0:14:de:60:95:c4:b5:83:73:36:10:
         cd:82:79:28:11:a2:27:b6:42:7c:64:37:15:0e:2b:34:3f:0c:
         05:27:06:58:01:7f:52:17:3b:6a:aa:f6:fd:ec:9b:63:33:09:
         ad:fc:26:f3:ce:a1:15:06:02:33:64:9f:24:7e:87:16:84:6b:
         48:62:75:e8:67:5c:21:2e:f4:7e:ae:55:58:0d:65:6e:ec:98:
         17:71:3e:25:5e:24:12:d2:db:98:9b:12:e3:3e:ab:cc:5d:52:
         58:5f:2e:78:74:0f:06:9e:63:9a:b6:8c:23:37:92:50:02:a6:
         a7:62:76:05:3d:43:d8:b7:3a:71:96:2d:73:5e:55:d9:82:b5:
         d8:20:51:cc
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUbrydB6UdrcKQM2qrzNsCJIT3YBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjIxNTE5MzVaFw0yNzA2MjExNTI0MzVaMDMxMTAvBgNV
BAMTKEFDNDg2MzUxRjdEQzE0Q0U3Q0Y4NEY3MTZCRjg0MzFGNzUzQUJGOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjxIQw/LFD98Pt/3NvsQyYTf0T
vZ1nE/WRyQ65F++rNWNv3GsY9r/GQRyQqu66clHVp5bJK1TJvlmyHapc8gPAg62F
CSc9jS6L7c8TMtSNy4DVUZfh2sieGMMcpBQ8vBL0S4dPMFd3Op46T/vT6KxKp+N0
AHbsNEwAje4A8JIplV5gz986EDU/KgpMeMP6c9Gjfj+tUS9QA6eqDPUNe1W+FRnX
0OqhLV3MpTbc8WN6tGW3rcwum4ru0oAaFH5UIfL2yAXRY3mhMWh/XMXtPga5CA0F
npSWepC0zyjbXcjW97PORXgNWouBXWhEiTf3p2YHa2SkGgQMylodKPxg5Z3vAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUrEhjUffcFM58+E9xa/hDH3U6v58wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDc2Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFIW8AME
AFIXxgMEAFIX8AMEAFIY0QMEAFIY2wMEAFIY6QMEAFIY8AMEAFIY+gMEAFIZ0AME
AFIZ0zANBgkqhkiG9w0BAQsFAAOCAQEAUPcc/cvzpeH0syZO0hwvV9q6j8DRuYnw
j7Wi4JMXuM2DhZCE+Zq/seVyHaoCrRWxfxiaKrkgfeX+uHilmkix/7XJbEi9bWFF
QJKvHgclpSEagZTwpkLr4G1G6C0aR5Lqy0Zm6AqnIlxptex63O73uGwXUqAU3mCV
xLWDczYQzYJ5KBGiJ7ZCfGQ3FQ4rND8MBScGWAF/Uhc7aqr2/eybYzMJrfwm886h
FQYCM2SfJH6HFoRrSGJ16GdcIS70fq5VWA1lbuyYF3E+JV4kEtLbmJsS4z6rzF1S
WF8ueHQPBp5jmraMIzeSUAKmp2J2BT1D2Lc6cZYtc15V2YK12CBRzA==
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:06:33 2026 by rpki-client