Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa
File:                     EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa (raw, json)
Hash identifier:          rMigo0zSOtmbHHMuZxfoXOVUzYWo84YshECpqSkC6O4=
Subject key identifier:   12:80:49:71:0D:77:9F:06:50:F1:AC:7E:22:53:D2:C6:41:42:78:C3
Certificate issuer:       /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial:       0199EE78CFD1FE17B21A789D4AC2AF6F12CB
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa
Signing time:             Thu 16 Oct 2025 19:21:58 +0000
ROA not before:           Thu 16 Oct 2025 19:21:58 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     208041
IP address blocks:        85.155.248.0/22 maxlen: 22
                          185.222.4.0/22 maxlen: 22
                          185.222.4.0/24 maxlen: 24
                          185.222.5.0/24 maxlen: 24
                          185.222.6.0/24 maxlen: 24
                          185.222.7.0/24 maxlen: 24
                          193.160.10.0/23 maxlen: 23
                          193.160.14.0/23 maxlen: 23
                          2a0c:8440::/48 maxlen: 48
                          2a0f:d180::/29 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ee:78:cf:d1:fe:17:b2:1a:78:9d:4a:c2:af:6f:12:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
        Validity
            Not Before: Oct 16 19:21:58 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=128049710d779f0650f1ac7e2253d2c6414278c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:94:b9:1c:e5:d2:dc:f8:74:4d:74:8b:fe:88:
                    22:f4:87:31:89:fc:b2:e6:9f:a6:27:d6:87:0a:b5:
                    5a:e0:cd:b5:ac:c3:ae:2d:10:50:f3:b6:da:19:f9:
                    9e:eb:5d:b1:64:eb:83:74:17:ce:aa:d9:25:59:35:
                    47:e0:96:34:87:06:fc:b8:14:0a:53:4e:ac:94:49:
                    ba:1a:cc:bf:f7:19:e6:9a:11:fe:b4:f8:8e:36:41:
                    ad:d0:4e:6a:81:d5:42:b7:51:cd:b8:d6:d9:33:fb:
                    f8:5e:ee:f4:77:8f:4b:2f:82:06:37:69:20:4a:71:
                    ca:d1:2c:6a:4d:8b:0d:1a:48:96:84:24:21:3b:7a:
                    38:da:3b:f6:54:d2:5f:1b:3a:e5:cf:79:8c:70:bc:
                    8f:67:56:dc:83:71:08:13:11:3b:42:45:b6:09:78:
                    da:50:23:3c:4e:1f:35:3e:26:37:5e:39:40:a9:f4:
                    7e:d3:43:10:a8:ef:87:f0:4f:7c:1d:2c:70:0d:d1:
                    18:6f:ae:1a:ed:a0:e0:86:cf:17:31:2a:42:c1:3e:
                    aa:13:d8:27:1f:81:19:44:b7:bb:8f:a4:43:9e:00:
                    ba:fd:39:15:95:08:0e:10:c0:ae:49:4d:88:3b:d1:
                    a9:f5:85:1f:79:d7:86:75:d6:c6:5d:5a:fa:d0:88:
                    bb:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:80:49:71:0D:77:9F:06:50:F1:AC:7E:22:53:D2:C6:41:42:78:C3
            X509v3 Authority Key Identifier:
                keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.155.248.0/22
                  185.222.4.0/22
                  193.160.10.0/23
                  193.160.14.0/23
                IPv6:
                  2a0c:8440::/48
                  2a0f:d180::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:2b:cf:23:cc:0b:3a:af:51:00:34:bf:3d:b6:c9:c4:bd:69:
         50:19:75:83:1c:20:f7:c8:26:76:91:ce:bf:5b:98:89:be:99:
         b3:63:ea:94:f3:cb:9d:c4:72:14:d8:f5:89:41:2e:6e:3b:8d:
         9a:ad:02:37:ff:ac:cb:84:ab:5e:e4:fb:ae:de:1b:56:c8:d4:
         e0:69:7a:5e:5f:5a:d7:26:b0:9a:91:3d:ae:0c:73:1a:53:67:
         2f:83:fe:82:15:60:a6:37:26:e7:51:6f:75:74:16:4a:8e:84:
         20:9c:89:80:d8:09:26:63:ec:55:db:b9:e1:a0:aa:03:12:76:
         ce:db:77:29:bb:96:89:e1:0e:15:e0:4c:78:af:4e:bd:16:af:
         e5:93:d6:9d:72:b7:17:3b:7a:d6:16:d1:64:44:d1:87:70:d1:
         ec:28:ae:06:cd:14:eb:85:2b:9e:7d:08:1b:91:2b:16:8a:87:
         22:f0:38:ef:bd:18:60:94:60:28:3a:ff:55:f8:cf:2d:83:1b:
         ad:6a:2a:f7:c8:94:9f:53:5c:eb:3a:c1:14:2e:f6:e1:f5:04:
         c2:da:3a:64:06:9f:a7:29:49:19:9f:fa:2b:4b:b1:6c:6a:72:
         6d:d1:b1:98:70:96:82:74:e0:2d:1e:50:c6:b1:35:50:ac:b5:
         c2:e9:24:cd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZnueM/R/heyGnidSsKvbxLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjUxMDE2MTkyMTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjgwNDk3MTBkNzc5ZjA2NTBmMWFjN2UyMjUzZDJjNjQxNDI3OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pS5HOXS3Ph0TXSL/ogi9Icxifyy
5p+mJ9aHCrVa4M21rMOuLRBQ87baGfme612xZOuDdBfOqtklWTVH4JY0hwb8uBQK
U06slEm6Gsy/9xnmmhH+tPiONkGt0E5qgdVCt1HNuNbZM/v4Xu70d49LL4IGN2kg
SnHK0SxqTYsNGkiWhCQhO3o42jv2VNJfGzrlz3mMcLyPZ1bcg3EIExE7QkW2CXja
UCM8Th81PiY3XjlAqfR+00MQqO+H8E98HSxwDdEYb64a7aDghs8XMSpCwT6qE9gn
H4EZRLe7j6RDngC6/TkVlQgOEMCuSU2IO9Gp9YUfedeGddbGXVr60Ii7SQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBKASXENd58GUPGsfiJT0sZBQnjDMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEvRW9CSmNRMTNud1pROGF4LUlsUFN4a0ZDZU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCVZv4AwQC
ud4EAwQBwaAKAwQBwaAOMBYEAgACMBADBwAqDIRAAAADBQMqD9GAMA0GCSqGSIb3
DQEBCwUAA4IBAQBTK88jzAs6r1EANL89tsnEvWlQGXWDHCD3yCZ2kc6/W5iJvpmz
Y+qU88udxHIU2PWJQS5uO42arQI3/6zLhKte5Puu3htWyNTgaXpeX1rXJrCakT2u
DHMaU2cvg/6CFWCmNybnUW91dBZKjoQgnImA2AkmY+xV27nhoKoDEnbO23cpu5aJ
4Q4V4Ex4r069Fq/lk9adcrcXO3rWFtFkRNGHcNHsKK4GzRTrhSuefQgbkSsWioci
8DjvvRhglGAoOv9V+M8tgxutair3yJSfU1zrOsEULvbh9QTC2jpkBp+nKUkZn/or
S7FsanJt0bGYcJaCdOAtHlDGsTVQrLXC6STN
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:58 2025 by rpki-client