Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/uEnRng83DMivtU9u64kgfGid_Hs.roa
File:                     uEnRng83DMivtU9u64kgfGid_Hs.roa (raw, json)
Hash identifier:          vmYhF39wCahPYTq1VZ0x6GUk7X7pQ26ryeKoN/cfjf4=
Subject key identifier:   B8:49:D1:9E:0F:37:0C:C8:AF:B5:4F:6E:EB:89:20:7C:68:9D:FC:7B
Certificate issuer:       /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial:       019E9BB7BB948B991EBE275DD20F7E4CD061
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/uEnRng83DMivtU9u64kgfGid_Hs.roa
Signing time:             Sat 06 Jun 2026 06:56:09 +0000
ROA not before:           Sat 06 Jun 2026 06:56:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     44592
IP address blocks:        176.65.141.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:9b:b7:bb:94:8b:99:1e:be:27:5d:d2:0f:7e:4c:d0:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
        Validity
            Not Before: Jun  6 06:56:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b849d19e0f370cc8afb54f6eeb89207c689dfc7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8d:bb:17:c5:84:cc:74:3c:d6:94:5d:8a:fb:
                    bc:8a:78:a0:35:73:74:f1:b3:c5:71:7c:ab:5f:18:
                    f2:02:53:4c:36:53:1d:0b:22:1b:0a:bb:df:8b:12:
                    01:7e:54:91:49:f2:ab:c3:8f:9b:c7:46:1b:c9:2f:
                    cb:82:c7:ec:b0:8f:e7:c8:b0:9a:89:31:9b:fb:98:
                    ba:94:eb:76:2c:eb:02:4f:cd:34:2b:45:a5:83:04:
                    7f:a7:55:e7:af:13:89:ab:a9:8a:35:ff:89:d3:b0:
                    c4:30:d2:9f:17:9a:3d:ad:d5:99:e5:ca:34:17:0f:
                    17:27:71:22:b3:ce:a2:e6:a9:34:ba:8b:cb:c8:94:
                    9f:0c:77:17:53:7b:c4:a8:2d:8a:4c:bc:9e:1d:72:
                    a2:3e:9b:3d:4a:bd:92:a0:7b:08:21:71:a2:dd:8a:
                    94:90:59:50:c0:74:25:3b:7d:3d:33:1e:7e:ac:0f:
                    b6:e2:b1:56:c5:98:34:12:9d:e0:58:05:5c:91:29:
                    57:c7:34:ac:b3:df:22:b0:9b:d9:38:e1:a2:d4:d5:
                    fe:e7:52:2f:34:b7:a2:87:16:61:36:87:fb:ac:e6:
                    c5:0a:bc:a4:39:cc:84:93:f8:04:54:57:2d:e4:8e:
                    45:08:2e:17:e8:7a:b0:81:70:fd:68:30:bb:92:ae:
                    d9:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:49:D1:9E:0F:37:0C:C8:AF:B5:4F:6E:EB:89:20:7C:68:9D:FC:7B
            X509v3 Authority Key Identifier:
                keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/uEnRng83DMivtU9u64kgfGid_Hs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.65.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:d2:81:dd:67:48:8c:22:f9:b6:2e:f2:2f:d0:61:d5:1d:82:
         d5:8d:19:e4:79:89:bb:6e:fc:0d:aa:7a:fa:73:20:0d:a6:7c:
         25:ed:ef:15:22:db:86:5c:fb:a4:35:0d:6a:2e:e5:98:b0:2f:
         67:ae:85:2c:06:1b:f6:37:bd:02:b4:ef:ff:dd:a4:86:6b:9e:
         83:fc:44:0a:b1:0e:11:a1:31:12:43:22:41:ed:a9:fc:34:2c:
         d0:69:68:32:f3:47:93:c7:f7:67:b7:b2:5a:d1:0e:b9:26:b3:
         9c:bc:07:57:fb:4b:66:88:b2:b4:fa:c4:9d:1e:de:d1:fe:9d:
         ac:fa:bb:f5:72:b2:45:60:5f:4d:37:ce:26:80:8f:ac:e4:82:
         ed:01:58:35:cf:5a:e3:e4:22:6d:39:85:b9:64:88:04:74:ad:
         a0:b5:92:40:e0:0e:d6:f6:59:6d:9c:90:00:2a:2d:e3:5b:d8:
         23:7e:70:1f:be:71:c9:db:39:26:76:f9:ba:90:db:d4:42:7b:
         50:47:59:0c:77:b4:81:31:8a:a2:22:db:ca:64:41:02:ed:10:
         6f:5a:9a:b2:1d:b3:d9:8e:6c:08:0f:d1:5b:2a:68:56:63:22:
         e6:bb:9e:e5:9e:0a:da:29:c4:8e:5f:81:a2:b6:d9:ed:45:bd:
         51:43:23:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6bt7uUi5kevidd0g9+TNBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjYwNjA2MDY1NjA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQ5ZDE5ZTBmMzcwY2M4YWZiNTRmNmVlYjg5MjA3YzY4OWRmYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI27F8WEzHQ81pRdivu8inigNXN0
8bPFcXyrXxjyAlNMNlMdCyIbCrvfixIBflSRSfKrw4+bx0YbyS/LgsfssI/nyLCa
iTGb+5i6lOt2LOsCT800K0WlgwR/p1XnrxOJq6mKNf+J07DEMNKfF5o9rdWZ5co0
Fw8XJ3Eis86i5qk0uovLyJSfDHcXU3vEqC2KTLyeHXKiPps9Sr2SoHsIIXGi3YqU
kFlQwHQlO309Mx5+rA+24rFWxZg0Ep3gWAVckSlXxzSss98isJvZOOGi1NX+51Iv
NLeihxZhNof7rObFCrykOcyEk/gEVFct5I5FCC4X6HqwgXD9aDC7kq7ZHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhJ0Z4PNwzIr7VPbuuJIHxonfx7MB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvdUVuUm5nODNETWl2dFU5dTY0a2dmR2lkX0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsEGNMA0G
CSqGSIb3DQEBCwUAA4IBAQB80oHdZ0iMIvm2LvIv0GHVHYLVjRnkeYm7bvwNqnr6
cyANpnwl7e8VItuGXPukNQ1qLuWYsC9nroUsBhv2N70CtO//3aSGa56D/EQKsQ4R
oTESQyJB7an8NCzQaWgy80eTx/dnt7Ja0Q65JrOcvAdX+0tmiLK0+sSdHt7R/p2s
+rv1crJFYF9NN84mgI+s5ILtAVg1z1rj5CJtOYW5ZIgEdK2gtZJA4A7W9lltnJAA
Ki3jW9gjfnAfvnHJ2zkmdvm6kNvUQntQR1kMd7SBMYqiItvKZEEC7RBvWpqyHbPZ
jmwID9FbKmhWYyLmu57lngraKcSOX4GittntRb1RQyMm
-----END CERTIFICATE-----