Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4FdTftAHpRDXOxm5H8A5OEunsoQ.roa
File:                     4FdTftAHpRDXOxm5H8A5OEunsoQ.roa (raw, json)
Hash identifier:          82vp2ZyBmd6UtFb3Brpn3AcVUcQIkT9YBBmE60MwLVI=
Subject key identifier:   E0:57:53:7E:D0:07:A5:10:D7:3B:19:B9:1F:C0:39:38:4B:A7:B2:84
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       01998A70A7E7A39EDB308296B2C12A14AD83
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4FdTftAHpRDXOxm5H8A5OEunsoQ.roa
Signing time:             Sat 27 Sep 2025 09:11:02 +0000
ROA not before:           Sat 27 Sep 2025 09:11:02 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     58061
IP address blocks:        45.88.14.0/24 maxlen: 24
                          62.192.152.0/24 maxlen: 24
                          77.81.182.0/24 maxlen: 24
                          79.110.227.0/24 maxlen: 24
                          89.34.106.0/24 maxlen: 24
                          89.37.192.0/24 maxlen: 24
                          89.40.36.0/24 maxlen: 24
                          89.40.215.0/24 maxlen: 24
                          89.45.35.0/24 maxlen: 24
                          89.47.36.0/24 maxlen: 24
                          93.115.107.0/24 maxlen: 24
                          93.118.36.0/24 maxlen: 24
                          94.198.171.0/24 maxlen: 24
                          128.0.41.0/24 maxlen: 24
                          176.223.188.0/24 maxlen: 24
                          185.198.233.0/24 maxlen: 24
                          188.241.221.0/24 maxlen: 24
                          193.178.134.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:8a:70:a7:e7:a3:9e:db:30:82:96:b2:c1:2a:14:ad:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Sep 27 09:11:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e057537ed007a510d73b19b91fc039384ba7b284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ba:b7:90:8b:88:02:6d:a4:7c:31:e8:6a:e2:
                    ab:1c:d1:28:5b:c6:53:c4:32:0b:6b:ce:e6:16:b9:
                    7f:91:8d:86:c9:81:be:be:ae:9f:7b:a1:7c:aa:d9:
                    38:fd:d9:1e:9a:a5:00:0b:3b:65:ee:a4:bf:88:92:
                    12:7f:81:39:cb:b0:89:eb:15:99:73:1b:d6:2d:5f:
                    b4:c2:9a:c7:73:e4:5d:52:fc:db:63:05:86:d3:fa:
                    c9:6b:4a:f8:cc:d0:9b:7a:54:f4:a2:b8:e2:3b:5f:
                    a9:9c:89:15:1e:d6:04:eb:41:9f:bf:9a:15:87:ba:
                    73:fa:d0:cb:6a:ca:53:c8:de:15:ba:88:f0:54:f3:
                    4b:7a:3c:a8:9f:42:46:94:00:c4:6d:29:56:eb:71:
                    8a:d3:a9:7e:26:fb:6f:0d:53:6b:2d:a6:9b:cf:ff:
                    f4:2c:68:fb:04:2b:a9:70:3b:03:8c:17:86:d8:9d:
                    d0:f6:a9:e4:1e:94:2d:45:b0:93:51:3b:70:d0:62:
                    67:68:e6:2a:26:e1:63:90:09:96:3a:5b:e2:69:d1:
                    53:78:92:7e:6a:91:87:5f:33:8f:d0:48:8d:27:c6:
                    f6:7b:be:b3:67:c4:d7:16:9f:35:f1:c9:a0:1e:1e:
                    ef:ee:a8:0b:78:35:ac:66:b9:34:20:64:72:7a:cc:
                    57:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:57:53:7E:D0:07:A5:10:D7:3B:19:B9:1F:C0:39:38:4B:A7:B2:84
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4FdTftAHpRDXOxm5H8A5OEunsoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.14.0/24
                  62.192.152.0/24
                  77.81.182.0/24
                  79.110.227.0/24
                  89.34.106.0/24
                  89.37.192.0/24
                  89.40.36.0/24
                  89.40.215.0/24
                  89.45.35.0/24
                  89.47.36.0/24
                  93.115.107.0/24
                  93.118.36.0/24
                  94.198.171.0/24
                  128.0.41.0/24
                  176.223.188.0/24
                  185.198.233.0/24
                  188.241.221.0/24
                  193.178.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:18:74:ef:85:29:7c:86:78:0e:f0:bc:c0:3f:cb:ff:07:ca:
         57:fc:4f:d9:09:f6:ed:6d:b6:8f:f3:c2:16:39:ec:08:22:2d:
         e9:99:2f:b7:74:28:24:94:37:47:cf:19:4a:96:1b:ef:57:5f:
         50:13:23:9a:af:f9:56:32:13:a6:9b:30:05:c3:65:56:0d:97:
         a7:fe:13:0d:0e:c4:96:e1:bd:16:b7:90:b3:b5:e0:c1:e4:cd:
         d5:1b:36:f5:e4:b2:b9:2c:77:44:c2:59:a0:6f:06:38:5f:1a:
         c7:93:e8:b5:c7:d2:52:b4:0e:37:18:68:75:a3:cd:68:ba:e7:
         6f:5a:87:d6:36:6c:37:6b:bb:e6:af:99:41:c0:f2:05:15:3f:
         cb:ba:89:36:60:85:13:fd:31:0a:51:aa:ad:f9:b6:a1:58:0f:
         03:78:fb:b8:04:ac:a3:45:60:cb:ac:b7:b5:fa:b1:5f:1b:0c:
         56:74:81:3e:bc:4a:2d:d7:eb:91:d5:92:b9:13:f3:a0:c3:43:
         59:63:5a:47:57:21:dd:26:2e:57:4d:bc:68:77:31:c9:3a:b0:
         54:13:89:a3:3b:dc:7c:51:08:18:d6:cf:8a:da:31:2d:06:91:
         4d:e5:97:73:39:6f:fe:db:b8:38:61:a6:5a:27:ba:43:8e:de:
         db:8d:f4:9a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZmKcKfno57bMIKWssEqFK2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwOTI3MDkxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDU3NTM3ZWQwMDdhNTEwZDczYjE5YjkxZmMwMzkzODRiYTdiMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrq3kIuIAm2kfDHoauKrHNEoW8ZT
xDILa87mFrl/kY2GyYG+vq6fe6F8qtk4/dkemqUACztl7qS/iJISf4E5y7CJ6xWZ
cxvWLV+0wprHc+RdUvzbYwWG0/rJa0r4zNCbelT0orjiO1+pnIkVHtYE60Gfv5oV
h7pz+tDLaspTyN4VuojwVPNLejyon0JGlADEbSlW63GK06l+JvtvDVNrLaabz//0
LGj7BCupcDsDjBeG2J3Q9qnkHpQtRbCTUTtw0GJnaOYqJuFjkAmWOlviadFTeJJ+
apGHXzOP0EiNJ8b2e76zZ8TXFp818cmgHh7v7qgLeDWsZrk0IGRyesxXiQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFOBXU37QB6UQ1zsZuR/AOThLp7KEMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNEZkVGZ0QUhwUkRYT3htNUg4QTVPRXVuc29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC1YDgME
AD7AmAMEAE1RtgMEAE9u4wMEAFkiagMEAFklwAMEAFkoJAMEAFko1wMEAFktIwME
AFkvJAMEAF1zawMEAF12JAMEAF7GqwMEAIAAKQMEALDfvAMEALnG6QMEALzx3QME
AMGyhjANBgkqhkiG9w0BAQsFAAOCAQEADhh074UpfIZ4DvC8wD/L/wfKV/xP2Qn2
7W22j/PCFjnsCCIt6Zkvt3QoJJQ3R88ZSpYb71dfUBMjmq/5VjITppswBcNlVg2X
p/4TDQ7EluG9FreQs7XgweTN1Rs29eSyuSx3RMJZoG8GOF8ax5PotcfSUrQONxho
daPNaLrnb1qH1jZsN2u75q+ZQcDyBRU/y7qJNmCFE/0xClGqrfm2oVgPA3j7uASs
o0Vgy6y3tfqxXxsMVnSBPrxKLdfrkdWSuRPzoMNDWWNaR1ch3SYuV028aHcxyTqw
VBOJozvcfFEIGNbPitoxLQaRTeWXczlv/tu4OGGmWie6Q47e2430mg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:41 2025 by rpki-client