Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/fokVVRta6Se4qMfm0QW8Wvhb8to.roa
File:                     fokVVRta6Se4qMfm0QW8Wvhb8to.roa (raw, json)
Hash identifier:          GVDAbNxQsgJw7rFS4VJXxWwqpIOjbAD4y/lPqd19DXM=
Subject key identifier:   7E:89:15:55:1B:5A:E9:27:B8:A8:C7:E6:D1:05:BC:5A:F8:5B:F2:DA
Certificate issuer:       /CN=6f5e0230be799e44829c8720ca38347045494e20
Certificate serial:       0199A9E8615C19566335EFA4DA90208D5B3B
Authority key identifier: 6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/fokVVRta6Se4qMfm0QW8Wvhb8to.roa
Signing time:             Fri 03 Oct 2025 11:50:02 +0000
ROA not before:           Fri 03 Oct 2025 11:50:02 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     39651
IP address blocks:        77.218.32.0/19 maxlen: 20
                          80.216.0.0/15 maxlen: 15
                          83.177.160.0/19 maxlen: 19
                          83.177.192.0/19 maxlen: 19
                          83.177.200.0/21 maxlen: 21
                          83.177.224.0/19 maxlen: 19
                          83.177.232.0/21 maxlen: 21
                          83.180.224.0/19 maxlen: 19
                          83.181.0.0/19 maxlen: 19
                          83.182.32.0/19 maxlen: 19
                          83.188.0.0/18 maxlen: 18
                          83.188.224.0/19 maxlen: 19
                          83.190.64.0/18 maxlen: 18
                          83.191.160.0/19 maxlen: 19
                          83.248.0.0/13 maxlen: 13
                          85.194.0.0/18 maxlen: 18
                          87.227.0.0/17 maxlen: 17
                          90.129.224.0/19 maxlen: 19
                          90.133.128.0/19 maxlen: 19
                          90.133.160.0/19 maxlen: 19
                          90.141.0.0/19 maxlen: 19
                          90.141.40.0/21 maxlen: 21
                          90.141.48.0/20 maxlen: 20
                          90.142.32.0/19 maxlen: 19
                          90.142.48.0/20 maxlen: 20
                          90.143.0.0/19 maxlen: 19
                          90.143.128.0/17 maxlen: 17
                          90.144.64.0/19 maxlen: 19
                          91.128.128.0/19 maxlen: 19
                          91.128.160.0/19 maxlen: 19
                          91.128.192.0/19 maxlen: 19
                          91.130.0.0/18 maxlen: 18
                          151.177.0.0/16 maxlen: 16
                          178.218.152.0/22 maxlen: 22
                          188.148.0.0/14 maxlen: 14
                          193.13.160.0/20 maxlen: 20
                          193.14.192.0/20 maxlen: 20
                          193.150.192.0/18 maxlen: 18
                          213.89.0.0/16 maxlen: 16
                          213.100.192.0/19 maxlen: 19
                          213.102.64.0/19 maxlen: 19
                          213.102.80.0/20 maxlen: 20
                          213.103.128.0/19 maxlen: 19
                          213.200.128.0/18 maxlen: 18
                          2a04:ae00::/26 maxlen: 26
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:a9:e8:61:5c:19:56:63:35:ef:a4:da:90:20:8d:5b:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f5e0230be799e44829c8720ca38347045494e20
        Validity
            Not Before: Oct  3 11:50:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7e8915551b5ae927b8a8c7e6d105bc5af85bf2da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:71:d2:0a:c8:ef:ce:6b:51:25:06:93:c8:c6:
                    40:60:89:c4:05:f2:a9:43:38:eb:60:ea:5f:e4:52:
                    7e:a3:f3:33:9d:49:af:33:34:46:68:87:db:cb:d2:
                    f2:6b:b5:90:d0:6c:af:ae:e0:a8:f9:c8:23:4e:13:
                    c9:64:e5:a3:ad:c3:6e:ad:3f:08:e5:e0:52:f9:d9:
                    d8:b7:51:71:64:1c:31:92:5e:7f:0c:59:b8:25:9a:
                    29:57:2b:21:de:d5:21:79:0f:bb:7e:4f:ab:e2:8e:
                    5d:da:c4:db:e2:f2:ef:8b:7b:cd:d2:2a:1e:4a:66:
                    e2:f3:6b:a1:ae:f7:33:ce:05:19:9b:29:1b:71:98:
                    4e:4f:01:00:75:89:c5:48:57:7a:46:f7:c3:f4:f4:
                    88:86:53:85:0d:e6:df:fb:cd:07:a2:e1:31:2b:a8:
                    14:44:71:21:22:2b:dd:23:45:1c:56:05:96:82:72:
                    d3:21:88:cc:fe:59:e9:12:ff:2f:0e:b7:21:c2:5c:
                    d4:45:e2:4a:75:b5:2d:1b:22:5c:4c:c5:aa:b5:10:
                    65:c7:64:48:a9:bc:fd:92:b3:46:b4:1f:ba:73:12:
                    8f:c1:6b:dc:a4:4c:0d:22:83:f8:87:2a:d8:db:c9:
                    15:ca:5a:64:ec:96:9c:b9:19:28:5e:6b:bb:59:e7:
                    2f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:89:15:55:1B:5A:E9:27:B8:A8:C7:E6:D1:05:BC:5A:F8:5B:F2:DA
            X509v3 Authority Key Identifier:
                keyid:6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/fokVVRta6Se4qMfm0QW8Wvhb8to.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.218.32.0/19
                  80.216.0.0/15
                  83.177.160.0-83.177.255.255
                  83.180.224.0-83.181.31.255
                  83.182.32.0/19
                  83.188.0.0/18
                  83.188.224.0/19
                  83.190.64.0/18
                  83.191.160.0/19
                  83.248.0.0/13
                  85.194.0.0/18
                  87.227.0.0/17
                  90.129.224.0/19
                  90.133.128.0/18
                  90.141.0.0/19
                  90.141.40.0-90.141.63.255
                  90.142.32.0/19
                  90.143.0.0/19
                  90.143.128.0/17
                  90.144.64.0/19
                  91.128.128.0-91.128.223.255
                  91.130.0.0/18
                  151.177.0.0/16
                  178.218.152.0/22
                  188.148.0.0/14
                  193.13.160.0/20
                  193.14.192.0/20
                  193.150.192.0/18
                  213.89.0.0/16
                  213.100.192.0/19
                  213.102.64.0/19
                  213.103.128.0/19
                  213.200.128.0/18
                IPv6:
                  2a04:ae00::/26

    Signature Algorithm: sha256WithRSAEncryption
         18:6a:dc:56:05:a6:71:ef:f6:99:90:0b:35:ac:32:59:6e:ec:
         0e:0b:b9:ca:d6:32:29:09:51:73:08:8c:d5:d4:73:4e:e7:69:
         f9:1a:cc:3a:08:0e:b5:12:b2:39:b0:c2:61:43:26:0c:b2:a0:
         2a:3f:8a:08:d9:d0:e4:c9:ac:da:dd:f1:6b:f1:cc:1d:ba:06:
         8c:9c:b7:52:86:2b:d4:af:30:50:0f:4d:2e:44:d8:ae:53:67:
         01:6b:11:cb:bb:38:59:04:c3:65:6f:7f:ac:b4:a7:b8:e3:4b:
         a3:63:12:9b:da:5b:46:8c:10:ea:8d:6d:34:aa:b3:de:8b:c3:
         18:0f:e5:91:70:18:ae:30:37:c1:d0:f5:cf:92:ad:91:29:32:
         31:44:6e:49:e6:29:59:90:5a:90:81:85:ae:ac:f5:59:d9:1d:
         f5:d5:87:6e:ba:3f:72:4b:f3:f3:b1:9c:d4:f7:ac:82:84:f6:
         e0:7d:7c:f2:e8:3f:89:4e:d8:fd:05:e6:f6:66:7b:9a:5d:5d:
         3f:be:14:33:bd:d6:18:5a:0d:06:33:80:37:2a:ec:d1:71:6e:
         52:4a:da:f9:04:a7:39:ba:a3:7b:76:f9:61:a4:38:50:2b:91:
         3e:35:47:49:4b:9e:92:fb:fc:b2:45:1f:d7:c4:ee:7c:27:44:
         fd:b9:60:bc
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZmp6GFcGVZjNe+k2pAgjVs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWUwMjMwYmU3OTllNDQ4MjljODcyMGNhMzgzNDcwNDU0
OTRlMjAwHhcNMjUxMDAzMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg5MTU1NTFiNWFlOTI3YjhhOGM3ZTZkMTA1YmM1YWY4NWJmMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknHSCsjvzmtRJQaTyMZAYInEBfKp
QzjrYOpf5FJ+o/MznUmvMzRGaIfby9Lya7WQ0GyvruCo+cgjThPJZOWjrcNurT8I
5eBS+dnYt1FxZBwxkl5/DFm4JZopVysh3tUheQ+7fk+r4o5d2sTb4vLvi3vN0ioe
Smbi82uhrvczzgUZmykbcZhOTwEAdYnFSFd6RvfD9PSIhlOFDebf+80HouExK6gU
RHEhIivdI0UcVgWWgnLTIYjM/lnpEv8vDrchwlzUReJKdbUtGyJcTMWqtRBlx2RI
qbz9krNGtB+6cxKPwWvcpEwNIoP4hyrY28kVylpk7JacuRkoXmu7WecvDQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFH6JFVUbWuknuKjH5tEFvFr4W/LaMB8GA1UdIwQY
MBaAFG9eAjC+eZ5EgpyHIMo4NHBFSU4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGIt
YmE3YzdkODE5MGNhLzEvZm9rVlZSdGE2U2U0cU1mbTBRVzhXdmhiOHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGItYmE3YzdkODE5MGNh
LzEvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQF
TdogAwMBUNgwCwMEBVOxoAMDAVOwMAwDBAVTtOADBAVTtQADBAVTtiADBAZTvAAD
BAVTvOADBAZTvkADBAVTv6ADAwNT+AMEBlXCAAMEB1fjAAMEBVqB4AMEBlqFgAME
BVqNADAMAwQDWo0oAwQGWo0AAwQFWo4gAwQFWo8AAwQHWo+AAwQFWpBAMAwDBAdb
gIADBAVbgMADBAZbggADAwCXsQMEArLamAMDAryUAwQEwQ2gAwQEwQ7AAwQGwZbA
AwMA1VkDBAXVZMADBAXVZkADBAXVZ4ADBAbVyIAwDQQCAAIwBwMFBioErgAwDQYJ
KoZIhvcNAQELBQADggEBABhq3FYFpnHv9pmQCzWsMllu7A4LucrWMikJUXMIjNXU
c07nafkazDoIDrUSsjmwwmFDJgyyoCo/igjZ0OTJrNrd8WvxzB26Boyct1KGK9Sv
MFAPTS5E2K5TZwFrEcu7OFkEw2Vvf6y0p7jjS6NjEpvaW0aMEOqNbTSqs96LwxgP
5ZFwGK4wN8HQ9c+SrZEpMjFEbknmKVmQWpCBha6s9VnZHfXVh266P3JL8/OxnNT3
rIKE9uB9fPLoP4lO2P0F5vZme5pdXT++FDO91hhaDQYzgDcq7NFxblJK2vkEpzm6
o3t2+WGkOFArkT41R0lLnpL7/LJFH9fE7nwnRP25YLw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:29 2025 by rpki-client