Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199524.roa
File:                     AS199524.roa (raw, json)
Hash identifier:          iYGZx/3S6NTLFyOk2sgYj+T/7z/8QcXHVDs3N5HjM8c=
Subject key identifier:   B8:81:76:88:B6:1C:8F:92:CA:31:A4:08:44:13:49:C7:96:3A:D3:36
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       5788FF797FA986DFDC249A34FE95C09157396052
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199524.roa
Signing time:             Sun 15 Feb 2026 16:37:05 +0000
ROA not before:           Sun 15 Feb 2026 16:32:05 +0000
ROA not after:            Sun 14 Feb 2027 16:37:05 +0000
asID:                     199524
IP address blocks:        46.203.55.0/24 maxlen: 24
                          91.124.87.0/24 maxlen: 24
                          95.135.0.0/24 maxlen: 24
                          95.135.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Feb 2026 15:25:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:88:ff:79:7f:a9:86:df:dc:24:9a:34:fe:95:c0:91:57:39:60:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Feb 15 16:32:05 2026 GMT
            Not After : Feb 14 16:37:05 2027 GMT
        Subject: CN=B8817688B61C8F92CA31A408441349C7963AD336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:19:4a:96:32:da:a9:c0:6a:5e:a4:bb:b8:9a:
                    88:01:25:7c:ea:0e:90:40:12:1d:59:8e:d7:e7:6b:
                    67:62:aa:ab:c8:cf:ef:ef:4f:89:24:ed:e7:93:fe:
                    cb:0a:e5:d7:d9:88:1f:ae:f1:1c:c6:e1:2c:79:ad:
                    af:1e:60:21:bd:22:28:5b:05:04:3c:64:d1:a1:01:
                    85:8f:5c:e9:a0:1a:7c:e9:9c:75:4a:20:91:3d:e2:
                    d4:f4:88:b6:e4:5a:26:48:54:33:8d:8f:e5:d8:3c:
                    52:65:39:03:46:68:53:25:80:23:98:ee:65:63:36:
                    01:74:30:c8:4a:08:cd:fb:fb:7b:bc:3f:b6:73:5a:
                    b4:9f:d1:c8:b7:59:4d:e5:38:db:fd:4f:42:f6:ed:
                    e2:cc:43:7b:e8:fb:8c:48:e7:e4:bf:89:b8:df:75:
                    ba:a9:32:a3:c5:f4:e0:d8:fb:0b:f6:97:09:02:92:
                    44:5c:55:42:62:a7:16:eb:a3:b7:a8:c0:78:db:c9:
                    4a:cf:1c:56:1f:df:12:6b:9a:ab:5c:e9:4b:57:d0:
                    c2:83:44:4c:59:45:7a:e6:1c:ac:cd:d9:38:77:48:
                    3e:a5:39:d6:32:26:67:a8:8e:31:14:a0:a2:c2:95:
                    ff:9b:6d:d3:c5:a7:f5:e2:da:51:6b:8d:c1:f9:cd:
                    28:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:81:76:88:B6:1C:8F:92:CA:31:A4:08:44:13:49:C7:96:3A:D3:36
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199524.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.203.55.0/24
                  91.124.87.0/24
                  95.135.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:95:09:5e:a3:74:9f:45:c4:46:fb:e2:dd:a4:04:e3:c5:9a:
         9e:6e:19:ec:f7:08:17:2f:06:62:69:a5:d0:8c:1f:e4:91:09:
         f3:f9:bb:8c:36:d2:45:88:ff:80:68:b6:03:65:c1:c9:b7:b4:
         25:3a:a4:c3:76:da:d1:67:63:43:fe:d7:4e:7e:e1:c8:72:fb:
         94:cb:95:f4:87:5f:76:16:6f:8b:77:d0:03:3e:88:87:75:80:
         53:73:4a:ce:47:03:db:a4:f0:57:45:43:9e:a2:34:27:99:f3:
         2a:19:ca:11:f0:64:47:3d:dc:76:c9:6c:3d:2a:54:82:8a:ed:
         a9:fc:b6:de:b3:e5:a3:a5:9b:81:e8:98:9f:23:bc:09:fa:db:
         ad:b1:e5:73:94:c9:35:ae:8d:65:b6:10:e8:07:4e:a8:19:3e:
         fb:f0:c4:37:af:e4:f8:77:2b:e3:4e:e7:39:56:f2:36:87:71:
         25:8e:04:d1:bd:4f:5f:f3:11:e6:68:7b:3b:59:cd:f1:75:d0:
         1a:17:08:dd:38:0f:d0:dc:66:48:22:b2:31:50:7f:d7:12:a5:
         d5:47:f9:fe:f0:93:bc:17:ef:c5:dc:7e:28:4d:e4:f4:69:e8:
         05:2d:a9:22:b8:4e:40:cb:91:7f:e0:58:be:82:75:ef:df:c0:
         f0:5a:9b:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUV4j/eX+pht/cJJo0/pXAkVc5YFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMTUxNjMyMDVaFw0yNzAyMTQxNjM3MDVaMDMxMTAvBgNV
BAMTKEI4ODE3Njg4QjYxQzhGOTJDQTMxQTQwODQ0MTM0OUM3OTYzQUQzMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZGUqWMtqpwGpepLu4mogBJXzq
DpBAEh1Zjtfna2diqqvIz+/vT4kk7eeT/ssK5dfZiB+u8RzG4Sx5ra8eYCG9Iihb
BQQ8ZNGhAYWPXOmgGnzpnHVKIJE94tT0iLbkWiZIVDONj+XYPFJlOQNGaFMlgCOY
7mVjNgF0MMhKCM37+3u8P7ZzWrSf0ci3WU3lONv9T0L27eLMQ3vo+4xI5+S/ibjf
dbqpMqPF9ODY+wv2lwkCkkRcVUJipxbro7eowHjbyUrPHFYf3xJrmqtc6UtX0MKD
RExZRXrmHKzN2Th3SD6lOdYyJmeojjEUoKLClf+bbdPFp/Xi2lFrjcH5zSgPAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUuIF2iLYcj5LKMaQIRBNJx5Y60zYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk5NTI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALss3
AwQAW3xXAwQBX4cAMA0GCSqGSIb3DQEBCwUAA4IBAQBflQleo3SfRcRG++LdpATj
xZqebhns9wgXLwZiaaXQjB/kkQnz+buMNtJFiP+AaLYDZcHJt7QlOqTDdtrRZ2ND
/tdOfuHIcvuUy5X0h192Fm+Ld9ADPoiHdYBTc0rORwPbpPBXRUOeojQnmfMqGcoR
8GRHPdx2yWw9KlSCiu2p/Lbes+WjpZuB6JifI7wJ+tutseVzlMk1ro1lthDoB06o
GT778MQ3r+T4dyvjTuc5VvI2h3EljgTRvU9f8xHmaHs7Wc3xddAaFwjdOA/Q3GZI
IrIxUH/XEqXVR/n+8JO8F+/F3H4oTeT0aegFLakiuE5Ay5F/4Fi+gnXv38DwWpul
-----END CERTIFICATE-----