Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS49592.roa
File:                     AS49592.roa (raw, json)
Hash identifier:          Y6Yg/YxXi8v+qkwgDieDGviSfEK1ifXxfje0rkhWsns=
Subject key identifier:   97:EF:3E:CC:0E:BA:17:E4:F1:E8:A9:48:62:2E:36:E1:41:39:67:C5
Certificate issuer:       /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial:       1431C8DB7224D8CC295807A5F92A88EFAB0F899D
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS49592.roa
Signing time:             Tue 30 Jun 2026 11:33:46 +0000
ROA not before:           Tue 30 Jun 2026 11:28:46 +0000
ROA not after:            Tue 29 Jun 2027 11:33:46 +0000
asID:                     49592
IP address blocks:        51.241.104.0/22 maxlen: 24
                          188.220.196.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 09:43:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:31:c8:db:72:24:d8:cc:29:58:07:a5:f9:2a:88:ef:ab:0f:89:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
        Validity
            Not Before: Jun 30 11:28:46 2026 GMT
            Not After : Jun 29 11:33:46 2027 GMT
        Subject: CN=97EF3ECC0EBA17E4F1E8A948622E36E1413967C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:3c:0f:5d:cd:64:2d:62:97:64:66:52:d5:70:
                    df:02:2a:a0:a3:d8:d9:b9:d2:bc:0e:2e:a7:e9:c1:
                    d4:7b:2a:81:12:26:c9:d6:3e:9c:9d:5f:a3:17:78:
                    b5:1d:89:f8:be:59:e0:53:48:4a:25:64:c5:56:d8:
                    36:a1:bf:38:d5:37:e9:ca:0d:7c:b4:bf:ba:3a:5e:
                    35:76:56:0c:28:ae:ba:b1:2f:5a:1f:2a:08:05:e1:
                    75:8d:09:31:bb:2b:73:ea:ea:5e:69:d5:72:5d:44:
                    f4:33:54:a5:de:c9:62:b6:a3:34:64:af:9c:72:56:
                    1a:be:72:c7:01:48:9a:e0:46:ab:ae:6e:e5:c3:ac:
                    93:68:d8:9d:af:22:7d:6c:ae:4f:1f:01:0f:5e:f6:
                    6c:9c:a2:8d:cf:62:1c:98:b5:bc:7b:6c:23:a9:8c:
                    57:0d:71:a0:bc:6e:0a:6a:43:49:7d:02:1e:05:8f:
                    39:25:cb:2b:ac:67:58:45:e3:09:31:a2:46:52:a3:
                    85:90:31:0d:41:a1:c9:e7:fe:09:b3:16:09:e3:85:
                    cb:11:4a:27:4a:01:25:44:11:66:05:8d:b3:ee:03:
                    16:90:91:0b:d6:dc:a0:83:9c:7a:98:31:72:63:ee:
                    6b:71:23:fb:28:06:e3:c3:f9:bf:20:f2:ff:b6:b1:
                    e0:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:EF:3E:CC:0E:BA:17:E4:F1:E8:A9:48:62:2E:36:E1:41:39:67:C5
            X509v3 Authority Key Identifier:
                keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS49592.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.241.104.0/22
                  188.220.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:05:2c:c9:ac:a9:bc:c4:b7:dd:81:b2:02:cc:42:8b:47:52:
         21:cb:3e:ba:ae:fc:37:5d:fd:77:d3:e6:f1:b4:77:6b:65:26:
         1e:ee:72:22:2a:dd:76:82:c3:6d:20:d0:4b:fc:f5:80:0b:e4:
         4b:23:7d:7c:10:1d:b8:8e:61:6e:5f:a7:6c:5c:85:5c:9e:99:
         5f:6e:67:e3:09:9b:83:ab:dd:b3:29:82:09:7a:47:aa:87:d8:
         d0:d7:65:52:e1:fc:bb:38:77:8c:17:40:1c:6e:e8:be:37:5e:
         65:f6:3e:29:6e:bc:f9:82:6d:ea:84:fc:48:9c:c2:4b:61:9b:
         4d:89:f9:fd:44:4b:03:e3:8c:45:bc:ea:3a:60:f2:e5:d0:92:
         ad:4e:0f:dc:14:f1:7c:1a:1e:3b:a3:52:11:2e:34:6e:fe:06:
         72:52:f1:4a:93:de:79:32:1c:dc:f3:31:e0:b5:ba:27:7e:4c:
         f0:2c:f2:f7:21:a5:2e:1b:e1:0f:6f:89:80:9b:63:77:13:e6:
         a7:77:73:4b:df:e7:bd:63:34:66:88:4c:b7:a2:d8:c1:f9:59:
         69:79:c4:86:37:ae:0d:ab:d4:55:4f:b8:9c:9c:33:6a:ee:90:
         d9:d3:15:2c:0b:67:15:56:92:61:21:03:79:f2:df:00:1e:a8:
         4b:79:a7:ac
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUFDHI23Ik2MwpWAel+SqI76sPiZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MzAxMTI4NDZaFw0yNzA2MjkxMTMzNDZaMDMxMTAvBgNV
BAMTKDk3RUYzRUNDMEVCQTE3RTRGMUU4QTk0ODYyMkUzNkUxNDEzOTY3QzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7PA9dzWQtYpdkZlLVcN8CKqCj
2Nm50rwOLqfpwdR7KoESJsnWPpydX6MXeLUdifi+WeBTSEolZMVW2DahvzjVN+nK
DXy0v7o6XjV2VgworrqxL1ofKggF4XWNCTG7K3Pq6l5p1XJdRPQzVKXeyWK2ozRk
r5xyVhq+cscBSJrgRquubuXDrJNo2J2vIn1srk8fAQ9e9mycoo3PYhyYtbx7bCOp
jFcNcaC8bgpqQ0l9Ah4FjzklyyusZ1hF4wkxokZSo4WQMQ1Bocnn/gmzFgnjhcsR
SidKASVEEWYFjbPuAxaQkQvW3KCDnHqYMXJj7mtxI/soBuPD+b8g8v+2seCVAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUl+8+zA66F+Tx6KlIYi424UE5Z8UwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTNDk1OTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAIz8WgD
BAK83MQwDQYJKoZIhvcNAQELBQADggEBACgFLMmsqbzEt92BsgLMQotHUiHLPrqu
/Ddd/XfT5vG0d2tlJh7uciIq3XaCw20g0Ev89YAL5EsjfXwQHbiOYW5fp2xchVye
mV9uZ+MJm4Or3bMpggl6R6qH2NDXZVLh/Ls4d4wXQBxu6L43XmX2PiluvPmCbeqE
/Eicwkthm02J+f1ESwPjjEW86jpg8uXQkq1OD9wU8XwaHjujUhEuNG7+BnJS8UqT
3nkyHNzzMeC1uid+TPAs8vchpS4b4Q9viYCbY3cT5qd3c0vf571jNGaITLei2MH5
WWl5xIY3rg2r1FVPuJycM2rukNnTFSwLZxVWkmEhA3ny3wAeqEt5p6w=
-----END CERTIFICATE-----
Generated at Sun Jul 19 18:45:25 2026 by rpki-client