Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199081.roa
File:                     AS199081.roa (raw, json)
Hash identifier:          JWOie8Dwp7tXpktoKWItDiNCTkYJtDKWXZ3LRR7jG4I=
Subject key identifier:   45:A1:40:ED:E6:01:AE:7E:76:75:29:0A:48:2B:78:7D:44:62:4C:72
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       5885CE9A6E73A08DDDC6B0F33AE8C4F20EFB30C1
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199081.roa
Signing time:             Fri 06 Jun 2025 12:41:32 +0000
ROA not before:           Fri 06 Jun 2025 12:36:32 +0000
ROA not after:            Fri 05 Jun 2026 12:41:32 +0000
asID:                     199081
IP address blocks:        92.112.15.0/24 maxlen: 24
                          92.112.50.0/24 maxlen: 24
                          92.112.54.0/24 maxlen: 24
                          92.112.68.0/24 maxlen: 24
                          92.112.82.0/24 maxlen: 24
                          92.112.83.0/24 maxlen: 24
                          92.112.85.0/24 maxlen: 24
                          92.112.91.0/24 maxlen: 24
                          92.112.95.0/24 maxlen: 24
                          92.112.129.0/24 maxlen: 24
                          92.112.132.0/24 maxlen: 24
                          92.112.133.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:85:ce:9a:6e:73:a0:8d:dd:c6:b0:f3:3a:e8:c4:f2:0e:fb:30:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jun  6 12:36:32 2025 GMT
            Not After : Jun  5 12:41:32 2026 GMT
        Subject: CN=45A140EDE601AE7E7675290A482B787D44624C72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:75:12:49:1a:cc:5f:84:d2:93:16:19:22:e7:
                    5b:b6:c4:31:01:76:b1:a1:c7:b9:18:da:bf:d5:79:
                    49:72:8e:a6:fe:a7:b0:51:7f:78:ee:46:cb:42:91:
                    ee:6d:48:e2:64:f1:5b:83:a3:bd:0c:d8:50:5f:25:
                    91:73:ff:ef:a0:46:56:f9:36:2d:87:b5:40:72:dc:
                    32:af:6e:b6:54:5c:55:7d:37:04:94:99:d1:b1:04:
                    2b:83:9f:60:7f:3c:8c:c4:b5:49:76:70:4b:83:ce:
                    fc:82:e0:0d:41:67:36:48:b3:ee:86:2e:f6:da:db:
                    ff:74:c9:f5:47:47:7b:20:9c:16:3a:e7:46:26:ab:
                    dc:d1:c8:e8:02:d8:f4:56:4d:1e:46:c3:22:cb:4d:
                    1b:9e:90:1e:86:f5:67:93:62:aa:e8:42:ac:03:17:
                    65:cb:29:b4:fa:21:7b:09:59:5e:1d:1b:97:27:ce:
                    a1:7a:3d:e1:d2:15:72:a4:a4:3a:da:30:c4:b4:08:
                    e2:56:66:84:02:8a:16:e9:5c:4f:4c:ad:d3:2a:f5:
                    fa:bc:76:d3:65:0a:f9:af:ee:21:34:24:d0:f3:14:
                    a1:f2:3e:0f:04:2a:43:85:49:66:80:e5:35:b8:a7:
                    32:d7:0d:00:64:9b:df:9d:f3:a3:0c:4e:3d:c3:5f:
                    2b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A1:40:ED:E6:01:AE:7E:76:75:29:0A:48:2B:78:7D:44:62:4C:72
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199081.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.112.15.0/24
                  92.112.50.0/24
                  92.112.54.0/24
                  92.112.68.0/24
                  92.112.82.0/23
                  92.112.85.0/24
                  92.112.91.0/24
                  92.112.95.0/24
                  92.112.129.0/24
                  92.112.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:ca:36:a8:1f:bf:23:fc:f5:86:87:f7:a7:0e:47:94:33:61:
         89:f0:53:cd:67:62:a9:55:75:11:7e:69:7f:7e:c1:6e:ce:6d:
         fc:d6:c9:68:1c:50:1a:e6:04:be:f1:24:a6:de:0b:20:c4:ce:
         55:11:f9:e0:f6:31:a5:e0:9a:70:ae:4d:34:ae:99:cd:47:3f:
         66:3b:ac:0e:a2:9f:74:79:5c:d7:24:b1:60:e9:e5:23:b1:03:
         33:ed:1f:1e:21:ce:a9:63:51:a4:38:f4:cf:9b:1a:06:a3:d4:
         bf:a8:4f:da:3f:bd:38:00:fd:0b:d1:f8:b5:51:64:1f:bb:50:
         95:31:3c:b9:c3:4f:0d:73:d4:9d:f7:2e:ba:c4:d8:e9:9f:af:
         69:c4:67:47:e6:10:87:29:a7:a4:0e:78:34:26:b7:23:aa:3d:
         aa:07:e5:ab:65:63:c5:2c:be:cd:26:d0:05:56:9e:73:11:28:
         f5:95:3a:ef:cc:8c:cd:89:7d:d1:05:c9:36:3c:6f:89:e8:1b:
         9f:20:1f:ba:0a:d3:1d:da:f9:c4:35:b3:ee:63:90:48:ad:5e:
         22:ec:83:e7:33:7c:b0:58:b6:cf:e8:97:e6:e3:81:e5:c3:86:
         bf:e1:9b:3a:f7:4a:fc:ca:02:e5:bf:ba:23:ca:b1:ed:94:45:
         61:4a:41:3d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUWIXOmm5zoI3dxrDzOujE8g77MMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MDYxMjM2MzJaFw0yNjA2MDUxMjQxMzJaMDMxMTAvBgNV
BAMTKDQ1QTE0MEVERTYwMUFFN0U3Njc1MjkwQTQ4MkI3ODdENDQ2MjRDNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbdRJJGsxfhNKTFhki51u2xDEB
drGhx7kY2r/VeUlyjqb+p7BRf3juRstCke5tSOJk8VuDo70M2FBfJZFz/++gRlb5
Ni2HtUBy3DKvbrZUXFV9NwSUmdGxBCuDn2B/PIzEtUl2cEuDzvyC4A1BZzZIs+6G
Lvba2/90yfVHR3sgnBY650Ymq9zRyOgC2PRWTR5GwyLLTRuekB6G9WeTYqroQqwD
F2XLKbT6IXsJWV4dG5cnzqF6PeHSFXKkpDraMMS0COJWZoQCihbpXE9MrdMq9fq8
dtNlCvmv7iE0JNDzFKHyPg8EKkOFSWaA5TW4pzLXDQBkm9+d86MMTj3DXysNAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQURaFA7eYBrn52dSkKSCt4fURiTHIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk5MDgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAXHAP
AwQAXHAyAwQAXHA2AwQAXHBEAwQBXHBSAwQAXHBVAwQAXHBbAwQAXHBfAwQAXHCB
AwQBXHCEMA0GCSqGSIb3DQEBCwUAA4IBAQCnyjaoH78j/PWGh/enDkeUM2GJ8FPN
Z2KpVXURfml/fsFuzm381sloHFAa5gS+8SSm3gsgxM5VEfng9jGl4Jpwrk00rpnN
Rz9mO6wOop90eVzXJLFg6eUjsQMz7R8eIc6pY1GkOPTPmxoGo9S/qE/aP704AP0L
0fi1UWQfu1CVMTy5w08Nc9Sd9y66xNjpn69pxGdH5hCHKaekDng0Jrcjqj2qB+Wr
ZWPFLL7NJtAFVp5zESj1lTrvzIzNiX3RBck2PG+J6BufIB+6CtMd2vnENbPuY5BI
rV4i7IPnM3ywWLbP6Jfm44Hlw4a/4Zs690r8ygLlv7ojyrHtlEVhSkE9
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:12:34 2025 by rpki-client