Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199081.roa
File:                     AS199081.roa (raw, json)
Hash identifier:          uf9jFO0aiqR3gd/Va8oRFvvjG5d9Imc0sD8N9KBcFTQ=
Subject key identifier:   2E:BB:54:4B:4A:90:3C:F4:A7:68:5C:AC:1C:48:2E:42:AA:DF:62:EE
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       68176F664A0292583E9F34C213879ABA150714E7
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199081.roa
Signing time:             Fri 26 Jun 2026 11:48:41 +0000
ROA not before:           Fri 26 Jun 2026 11:43:41 +0000
ROA not after:            Fri 25 Jun 2027 11:48:41 +0000
asID:                     199081
IP address blocks:        92.112.15.0/24 maxlen: 24
                          92.112.50.0/24 maxlen: 24
                          92.112.82.0/24 maxlen: 24
                          92.112.83.0/24 maxlen: 24
                          92.112.85.0/24 maxlen: 24
                          92.112.91.0/24 maxlen: 24
                          92.112.95.0/24 maxlen: 24
                          92.112.129.0/24 maxlen: 24
                          92.112.132.0/24 maxlen: 24
                          92.112.133.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Jul 2026 23:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:17:6f:66:4a:02:92:58:3e:9f:34:c2:13:87:9a:ba:15:07:14:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jun 26 11:43:41 2026 GMT
            Not After : Jun 25 11:48:41 2027 GMT
        Subject: CN=2EBB544B4A903CF4A7685CAC1C482E42AADF62EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e9:34:75:4e:a3:17:a8:2f:0b:54:4a:ec:5e:
                    9a:6c:fa:6b:e6:70:6b:c4:2e:79:d5:04:0d:5c:59:
                    5d:29:d4:86:14:f6:82:0e:28:79:83:1e:16:79:10:
                    56:a9:f6:90:f9:5b:1a:28:bd:a6:d8:bd:f9:2e:59:
                    29:a0:4d:7f:46:07:37:b6:5d:b4:28:30:65:69:ac:
                    56:14:2e:69:6c:23:c8:f8:24:18:ad:fa:cb:2a:f8:
                    fe:e3:61:26:3d:d0:24:2a:a8:be:9f:7c:55:d7:6e:
                    20:e0:3a:f7:5c:99:92:b2:79:39:ec:c2:90:32:63:
                    e0:44:00:d7:ae:e0:58:06:5e:3d:8f:e6:e8:ea:f3:
                    50:02:90:14:30:08:5c:73:61:65:0c:db:dd:54:48:
                    60:88:40:61:24:df:e0:05:26:d3:f0:b5:71:f5:9e:
                    16:dc:78:73:6e:be:08:62:61:26:6f:fe:f8:67:15:
                    65:ef:b3:ee:84:4e:31:93:5c:d4:80:fa:bc:5d:28:
                    f1:e3:8f:2f:28:26:bb:3d:94:c9:26:a5:ae:07:cb:
                    68:17:24:8a:47:48:6a:f7:a7:85:b2:e9:45:d5:05:
                    6c:f4:5f:72:ea:bc:63:3b:a0:7f:15:33:20:23:a0:
                    7f:ed:24:99:7f:aa:75:c1:fd:8b:f5:23:4a:e3:ea:
                    e3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:BB:54:4B:4A:90:3C:F4:A7:68:5C:AC:1C:48:2E:42:AA:DF:62:EE
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199081.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.112.15.0/24
                  92.112.50.0/24
                  92.112.82.0/23
                  92.112.85.0/24
                  92.112.91.0/24
                  92.112.95.0/24
                  92.112.129.0/24
                  92.112.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:1f:4f:61:22:3f:5d:ef:31:26:07:21:67:d7:ae:fe:31:b8:
         0e:e0:1f:ca:37:83:ae:e9:2d:b4:07:54:c9:4e:3d:47:45:2a:
         d5:79:79:84:b4:d8:b0:0f:54:a9:49:a3:7d:28:e7:33:be:14:
         60:52:d9:5b:c9:0d:d1:93:26:b8:ba:c3:20:97:5f:08:ea:d9:
         cd:27:2f:7b:0e:dc:66:90:3a:76:92:c0:e1:4b:e4:5a:35:df:
         02:ee:d1:ba:0a:61:45:a1:85:f1:af:33:5c:ab:22:47:40:cc:
         74:0f:b7:a8:a3:9e:b8:bc:21:e1:a2:29:88:0f:ed:3b:7b:11:
         0f:92:b9:55:e5:f5:af:f7:e2:f3:aa:88:95:41:f8:8e:c5:3d:
         c2:91:c2:75:0a:86:8b:21:67:49:b5:09:d8:13:7c:46:e1:c0:
         46:ca:12:64:09:57:d5:63:e5:f1:48:27:65:75:b6:8d:a5:7c:
         e7:d7:4c:80:f2:42:74:de:80:4c:8d:63:14:49:7a:0d:18:a4:
         8f:3c:f7:bf:a5:7b:c2:d6:03:5b:b4:b4:78:ef:7d:40:66:a7:
         7c:03:f6:48:36:e3:2c:f8:41:13:ac:b2:aa:f5:08:7e:32:9e:
         7c:65:9b:bd:6b:d6:da:bd:22:f3:c3:c6:0f:94:21:34:a7:17:
         a4:32:b3:d8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUaBdvZkoCklg+nzTCE4eauhUHFOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MjYxMTQzNDFaFw0yNzA2MjUxMTQ4NDFaMDMxMTAvBgNV
BAMTKDJFQkI1NDRCNEE5MDNDRjRBNzY4NUNBQzFDNDgyRTQyQUFERjYyRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC56TR1TqMXqC8LVErsXpps+mvm
cGvELnnVBA1cWV0p1IYU9oIOKHmDHhZ5EFap9pD5WxoovabYvfkuWSmgTX9GBze2
XbQoMGVprFYULmlsI8j4JBit+ssq+P7jYSY90CQqqL6ffFXXbiDgOvdcmZKyeTns
wpAyY+BEANeu4FgGXj2P5ujq81ACkBQwCFxzYWUM291USGCIQGEk3+AFJtPwtXH1
nhbceHNuvghiYSZv/vhnFWXvs+6ETjGTXNSA+rxdKPHjjy8oJrs9lMkmpa4Hy2gX
JIpHSGr3p4Wy6UXVBWz0X3LqvGM7oH8VMyAjoH/tJJl/qnXB/Yv1I0rj6uOJAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQULrtUS0qQPPSnaFysHEguQqrfYu4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk5MDgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAXHAP
AwQAXHAyAwQBXHBSAwQAXHBVAwQAXHBbAwQAXHBfAwQAXHCBAwQBXHCEMA0GCSqG
SIb3DQEBCwUAA4IBAQA5H09hIj9d7zEmByFn167+MbgO4B/KN4Ou6S20B1TJTj1H
RSrVeXmEtNiwD1SpSaN9KOczvhRgUtlbyQ3Rkya4usMgl18I6tnNJy97DtxmkDp2
ksDhS+RaNd8C7tG6CmFFoYXxrzNcqyJHQMx0D7eoo564vCHhoimID+07exEPkrlV
5fWv9+LzqoiVQfiOxT3CkcJ1CoaLIWdJtQnYE3xG4cBGyhJkCVfVY+XxSCdldbaN
pXzn10yA8kJ03oBMjWMUSXoNGKSPPPe/pXvC1gNbtLR4731AZqd8A/ZINuMs+EET
rLKq9Qh+Mp58ZZu9a9bavSLzw8YPlCE0pxekMrPY
-----END CERTIFICATE-----
Generated at Fri Jul 17 06:46:26 2026 by rpki-client