Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/1-C-0JGDbp3Otc_z0iBBVBpQZuq4.roa
File:                     1-C-0JGDbp3Otc_z0iBBVBpQZuq4.roa (raw, json)
Hash identifier:          YGNYUtklrL1awHGcBtsuKJFxwbJZ7yDvoZ7r6abN1Jo=
Subject key identifier:   F8:2F:B4:24:60:DB:A7:73:AD:73:FC:F4:88:10:55:06:94:19:BA:AE
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       01995BAC80066373228E51081FDCBCE86DAD
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/1-C-0JGDbp3Otc_z0iBBVBpQZuq4.roa
Signing time:             Thu 18 Sep 2025 07:14:15 +0000
ROA not before:           Thu 18 Sep 2025 07:14:15 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214238
IP address blocks:        89.185.78.0/24 maxlen: 24
                          92.240.201.0/24 maxlen: 24
                          92.240.205.0/24 maxlen: 24
                          92.240.214.0/24 maxlen: 24
                          92.240.216.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:5b:ac:80:06:63:73:22:8e:51:08:1f:dc:bc:e8:6d:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: Sep 18 07:14:15 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=f82fb42460dba773ad73fcf4881055069419baae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9a:f1:f5:e7:d8:fe:80:3b:d3:21:bc:8c:65:
                    95:d2:1e:e2:95:e1:76:29:87:96:8a:07:33:b3:b4:
                    5a:77:4b:a1:29:1c:3c:08:22:c6:88:b0:69:c1:44:
                    90:5f:b7:b3:4e:59:bb:ea:96:a6:6b:c4:d1:3f:fc:
                    39:09:6f:e8:98:8e:f8:24:c9:33:9a:a3:a9:9d:90:
                    50:46:29:a4:a1:e2:c0:a1:ac:05:1d:38:3c:36:9b:
                    6c:bf:69:90:ae:7c:aa:53:9a:29:c0:4f:e6:ac:d1:
                    7c:2a:81:0b:94:f5:d3:71:aa:7a:44:a4:bf:d2:b7:
                    68:4a:14:6a:97:32:d5:49:0d:bb:c4:6b:85:e9:f5:
                    c9:28:30:47:2c:2f:5b:52:7e:61:37:d0:64:79:07:
                    6a:00:45:a7:c2:74:ce:47:2c:18:58:42:01:3c:7a:
                    1d:39:3c:39:52:b8:cb:64:5d:a9:89:0b:da:76:2f:
                    92:36:c9:76:28:ef:21:3a:82:84:d6:f3:9d:94:26:
                    de:1c:b3:73:90:ca:2d:a9:bb:c9:81:07:1d:43:77:
                    87:3c:72:3e:ef:89:f4:72:47:fc:48:7c:73:93:21:
                    50:a9:bd:16:06:06:7e:4d:d6:27:31:1a:7b:1e:fd:
                    14:2d:a7:30:29:e4:b5:3f:c5:92:32:88:b9:ad:da:
                    e3:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:2F:B4:24:60:DB:A7:73:AD:73:FC:F4:88:10:55:06:94:19:BA:AE
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/1-C-0JGDbp3Otc_z0iBBVBpQZuq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.185.78.0/24
                  92.240.201.0/24
                  92.240.205.0/24
                  92.240.214.0/24
                  92.240.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:12:16:4f:79:cf:b0:ea:47:97:0a:be:89:77:fb:34:df:fb:
         3e:bc:5e:38:8e:d6:55:43:61:5c:1d:a5:82:97:8c:7a:42:7f:
         5c:fb:2d:07:6e:8f:4f:c9:70:1c:9b:c7:fc:f2:f5:99:22:e8:
         eb:7c:ed:84:fe:f6:12:88:95:15:68:d6:49:ef:f5:04:ec:ed:
         01:a6:6c:2b:49:06:5b:87:84:8f:6c:cc:54:05:e5:35:94:dd:
         d4:0b:4c:83:75:ed:90:3f:40:5e:24:1c:47:7c:77:b4:2b:68:
         dd:3c:72:62:02:e5:91:2a:28:9b:23:27:25:f9:16:b8:59:f4:
         ef:aa:e8:3c:63:91:d5:27:f2:ba:19:18:5f:48:49:a1:d2:41:
         76:49:a7:f7:09:39:4a:fd:57:b4:3b:61:c8:61:39:68:c8:0d:
         d6:e5:bf:95:1f:58:f1:ec:b2:c2:2a:70:e3:1c:cd:eb:2d:26:
         e3:d0:02:9a:68:72:18:2f:b0:ba:1f:48:fd:6f:c0:f9:49:c0:
         7e:5c:cc:65:c6:a3:15:f4:0e:cc:cd:d5:84:ea:48:82:68:82:
         26:5c:41:9c:cd:58:64:4a:90:28:ea:ad:33:d8:36:37:92:da:
         bb:50:fc:47:ff:99:1e:7b:3f:7f:8a:1f:41:bb:d1:55:63:e9:
         b4:dc:49:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlbrIAGY3MijlEIH9y86G2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwOTE4MDcxNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODJmYjQyNDYwZGJhNzczYWQ3M2ZjZjQ4ODEwNTUwNjk0MTliYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5rx9efY/oA70yG8jGWV0h7ileF2
KYeWigczs7Rad0uhKRw8CCLGiLBpwUSQX7ezTlm76pama8TRP/w5CW/omI74JMkz
mqOpnZBQRimkoeLAoawFHTg8Nptsv2mQrnyqU5opwE/mrNF8KoELlPXTcap6RKS/
0rdoShRqlzLVSQ27xGuF6fXJKDBHLC9bUn5hN9BkeQdqAEWnwnTORywYWEIBPHod
OTw5UrjLZF2piQvadi+SNsl2KO8hOoKE1vOdlCbeHLNzkMotqbvJgQcdQ3eHPHI+
74n0ckf8SHxzkyFQqb0WBgZ+TdYnMRp7Hv0ULacwKeS1P8WSMoi5rdrjHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgvtCRg26dzrXP89IgQVQaUGbquMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvMS1DLTBKR0RicDNPdGNfejBpQkJWQnBRWnVxNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVm
NC8xLzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFm5TgME
AFzwyQMEAFzwzQMEAFzw1gMEAFzw2DANBgkqhkiG9w0BAQsFAAOCAQEATBIWT3nP
sOpHlwq+iXf7NN/7PrxeOI7WVUNhXB2lgpeMekJ/XPstB26PT8lwHJvH/PL1mSLo
63zthP72EoiVFWjWSe/1BOztAaZsK0kGW4eEj2zMVAXlNZTd1AtMg3XtkD9AXiQc
R3x3tCto3TxyYgLlkSoomyMnJfkWuFn076roPGOR1SfyuhkYX0hJodJBdkmn9wk5
Sv1XtDthyGE5aMgN1uW/lR9Y8eyywipw4xzN6y0m49ACmmhyGC+wuh9I/W/A+UnA
flzMZcajFfQOzM3VhOpIgmiCJlxBnM1YZEqQKOqtM9g2N5Lau1D8R/+ZHns/f4of
QbvRVWPptNxJXg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:53 2025 by rpki-client