Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/N-c5_PPTGr0gqxRfiirVSspbfGY.roa
File:                     N-c5_PPTGr0gqxRfiirVSspbfGY.roa (raw, json)
Hash identifier:          M5IIKDSRV6WeA4W9FG2QHmC4Kal5tmNKF1rVNFJCpog=
Subject key identifier:   37:E7:39:FC:F3:D3:1A:BD:20:AB:14:5F:8A:2A:D5:4A:CA:5B:7C:66
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       01999976C94710C996CD07A3B7D4414E5FBA
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/N-c5_PPTGr0gqxRfiirVSspbfGY.roa
Signing time:             Tue 30 Sep 2025 07:12:02 +0000
ROA not before:           Tue 30 Sep 2025 07:12:02 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     215568
IP address blocks:        2a06:fe47::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:99:76:c9:47:10:c9:96:cd:07:a3:b7:d4:41:4e:5f:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Sep 30 07:12:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=37e739fcf3d31abd20ab145f8a2ad54aca5b7c66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:10:4c:52:b7:56:1f:9a:d4:5d:84:f2:40:42:
                    8d:6e:4b:79:be:41:da:cb:c1:1e:cb:db:ad:04:e1:
                    55:c8:e9:f5:0f:90:80:d9:9a:6e:66:a5:04:fc:98:
                    fb:b3:b0:cc:97:c8:fe:fd:a5:a7:7b:05:9d:2b:e3:
                    75:f4:0f:cf:8e:27:a0:c4:bc:5e:64:d6:6d:37:f6:
                    5c:e9:84:be:7e:2c:51:0e:f1:3b:62:02:95:8c:c0:
                    c6:f8:75:1a:cd:40:dc:c1:30:b5:b1:81:dc:0f:5c:
                    d3:a3:b0:6a:57:3a:d3:bb:7f:d1:0f:eb:43:f1:db:
                    63:14:18:0d:21:2b:b7:41:7a:7f:16:4c:d7:70:c7:
                    6d:d4:e6:a2:17:62:29:04:ef:fb:38:22:9b:ec:46:
                    a5:2e:1d:4d:9b:48:ac:a6:e7:d2:1f:74:40:5d:91:
                    8b:2c:02:74:19:fa:a6:ed:f2:b1:d5:7e:03:df:9f:
                    5c:5b:2c:02:a2:df:e2:bc:4b:28:98:71:27:df:17:
                    56:08:f8:87:de:4e:7e:b3:38:fa:a0:09:54:f6:24:
                    06:83:93:35:75:8f:cb:dc:cf:11:8c:58:61:9c:94:
                    47:85:34:a9:4a:1a:e3:ed:cc:c9:f9:e4:57:1c:ca:
                    7a:b8:39:d4:ef:96:8c:58:59:ea:73:3d:28:a5:86:
                    44:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E7:39:FC:F3:D3:1A:BD:20:AB:14:5F:8A:2A:D5:4A:CA:5B:7C:66
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/N-c5_PPTGr0gqxRfiirVSspbfGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:fe47::/32

    Signature Algorithm: sha256WithRSAEncryption
         14:99:6a:e2:18:ac:1f:86:a2:f7:d5:cc:53:c3:49:77:8e:a4:
         f3:43:40:c3:55:30:2f:7d:33:ff:2c:5f:dc:35:de:91:48:42:
         a1:98:17:82:fc:b1:9d:47:d0:37:ce:5d:99:21:46:0c:63:06:
         23:e7:6d:5f:a3:37:bd:59:24:ff:3d:4c:63:4f:ee:3b:42:75:
         00:24:c7:8d:68:3a:b8:95:f7:e4:9d:47:58:4f:81:c2:ea:15:
         29:3c:48:bb:7f:35:c7:a6:37:48:94:0a:93:58:fc:70:69:68:
         45:ab:03:54:62:ca:8e:1b:94:a3:17:e5:ab:74:c2:e1:d4:a4:
         60:6f:25:36:75:59:54:f0:c8:79:48:77:80:73:b1:82:17:5c:
         f4:22:c5:d0:ba:94:77:35:16:7c:aa:35:47:ae:24:88:5b:65:
         dd:da:aa:e4:81:61:92:b6:16:e7:32:12:90:9a:a0:56:58:ba:
         f1:60:9c:9b:77:5a:67:02:6b:0d:ea:02:59:51:c4:59:39:7b:
         55:26:1a:ba:87:0a:c0:62:d2:5d:b9:43:b2:e6:97:6d:77:30:
         f2:86:9d:8d:73:63:fa:72:dd:85:60:02:7c:00:71:97:c1:55:
         9e:54:32:50:81:b1:31:52:a6:8f:ea:c1:1b:c1:65:47:3b:27:
         91:0d:de:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZmZdslHEMmWzQejt9RBTl+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwOTMwMDcxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2U3MzlmY2YzZDMxYWJkMjBhYjE0NWY4YTJhZDU0YWNhNWI3YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBBMUrdWH5rUXYTyQEKNbkt5vkHa
y8Eey9utBOFVyOn1D5CA2ZpuZqUE/Jj7s7DMl8j+/aWnewWdK+N19A/PjiegxLxe
ZNZtN/Zc6YS+fixRDvE7YgKVjMDG+HUazUDcwTC1sYHcD1zTo7BqVzrTu3/RD+tD
8dtjFBgNISu3QXp/FkzXcMdt1OaiF2IpBO/7OCKb7EalLh1Nm0ispufSH3RAXZGL
LAJ0Gfqm7fKx1X4D359cWywCot/ivEsomHEn3xdWCPiH3k5+szj6oAlU9iQGg5M1
dY/L3M8RjFhhnJRHhTSpShrj7czJ+eRXHMp6uDnU75aMWFnqcz0opYZENQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDfnOfzz0xq9IKsUX4oq1UrKW3xmMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvTi1jNV9QUFRHcjBncXhSZmlpclZTc3BiZkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgb+RzAN
BgkqhkiG9w0BAQsFAAOCAQEAFJlq4hisH4ai99XMU8NJd46k80NAw1UwL30z/yxf
3DXekUhCoZgXgvyxnUfQN85dmSFGDGMGI+dtX6M3vVkk/z1MY0/uO0J1ACTHjWg6
uJX35J1HWE+BwuoVKTxIu381x6Y3SJQKk1j8cGloRasDVGLKjhuUoxflq3TC4dSk
YG8lNnVZVPDIeUh3gHOxghdc9CLF0LqUdzUWfKo1R64kiFtl3dqq5IFhkrYW5zIS
kJqgVli68WCcm3daZwJrDeoCWVHEWTl7VSYauocKwGLSXblDsuaXbXcw8oadjXNj
+nLdhWACfABxl8FVnlQyUIGxMVKmj+rBG8FlRzsnkQ3ePQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:23 2025 by rpki-client