Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/5Sf6XJKILpastaVSBrIXMkItxac.roa
File:                     5Sf6XJKILpastaVSBrIXMkItxac.roa (raw, json)
Hash identifier:          +/3W8yazA/pNILE0ZoMUtV8tMTpo6rmxcVUr75Z/NqE=
Subject key identifier:   E5:27:FA:5C:92:88:2E:96:AC:B5:A5:52:06:B2:17:32:42:2D:C5:A7
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       019C47F12B5332F79E81C272FB346AA23171
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/5Sf6XJKILpastaVSBrIXMkItxac.roa
Signing time:             Tue 10 Feb 2026 14:25:13 +0000
ROA not before:           Tue 10 Feb 2026 14:25:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3356
IP address blocks:        178.254.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:47:f1:2b:53:32:f7:9e:81:c2:72:fb:34:6a:a2:31:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Feb 10 14:25:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e527fa5c92882e96acb5a55206b21732422dc5a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:64:19:01:a4:d1:e3:f5:ca:1e:44:19:58:3b:
                    99:0f:3f:a5:ab:fe:3d:bf:aa:66:e9:09:b2:e0:85:
                    eb:f1:04:52:36:2c:0b:5c:78:25:c9:c1:a6:5d:cf:
                    6c:aa:ac:7d:07:57:8e:2b:cd:b0:df:57:74:64:dc:
                    f2:cb:ce:7d:b8:68:12:c1:cc:1f:f3:9d:37:84:92:
                    ff:65:fe:9a:bc:08:f6:23:b4:2d:ec:85:aa:1b:3f:
                    7c:db:8c:52:36:bf:13:62:dd:85:6f:74:bf:9e:0d:
                    69:98:60:10:ab:9e:97:87:a7:e1:e7:60:dc:6d:9c:
                    e8:cc:39:a8:42:a8:0e:6b:cd:fb:bf:12:7a:44:4c:
                    05:15:52:35:78:8c:11:29:ce:c0:3b:43:53:4f:74:
                    3c:d6:b0:e4:01:02:af:4e:f9:03:8a:26:a2:b8:8b:
                    b4:76:9c:c8:a9:bc:8d:d8:5f:e2:4c:01:a6:ef:db:
                    87:09:46:1f:c7:c1:2a:00:db:e1:e3:95:b0:e2:a1:
                    9e:22:67:ba:c2:b4:2d:48:61:b8:3b:ed:00:9a:2b:
                    e2:54:2b:3e:10:fb:71:56:b9:1f:8b:a8:d9:81:1f:
                    76:a8:5e:97:49:30:09:82:0a:76:70:e0:38:45:9d:
                    80:ad:dc:e2:7c:96:18:b7:59:7b:38:e8:92:ef:ca:
                    da:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:27:FA:5C:92:88:2E:96:AC:B5:A5:52:06:B2:17:32:42:2D:C5:A7
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/5Sf6XJKILpastaVSBrIXMkItxac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.254.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:e6:36:a5:00:fd:d2:26:75:b2:fd:aa:f2:74:5d:09:30:a7:
         f0:2f:ba:b1:ab:96:d5:1b:f1:d0:b9:94:0f:3e:f7:14:71:12:
         a7:9b:dd:bc:32:fc:e4:46:dd:2c:22:94:f0:d9:6f:69:df:99:
         2a:ef:37:a1:20:b5:0d:69:2f:ae:bf:5a:f6:d3:49:51:61:07:
         db:fd:2b:1e:7b:07:8e:bb:bd:7d:cc:49:94:8d:d7:90:26:28:
         f5:34:a4:a3:94:e5:11:7b:c7:d3:fd:0a:2c:2c:db:fd:be:96:
         52:69:2f:26:78:52:d1:eb:44:56:7b:d8:54:98:13:00:b9:c9:
         1d:40:7e:3d:6e:24:bd:28:b6:3d:35:78:b1:42:fa:e2:d5:23:
         1b:ed:de:97:f1:03:1e:14:47:3a:7a:69:be:50:a2:7b:34:6c:
         c3:47:27:ea:41:b5:cc:53:cb:4c:d8:33:5a:f7:2f:72:0b:74:
         ba:7f:5d:95:b9:e3:8c:db:03:c4:4e:cf:bf:41:09:0b:e5:75:
         ab:b0:ed:b0:2e:dd:a0:f6:e7:b1:04:5f:9f:cd:96:76:37:30:
         72:b9:f0:cf:42:3c:45:ca:ed:54:2e:5a:18:0a:fe:31:16:6e:
         24:14:f1:a6:b9:f2:39:d3:3c:df:d7:a6:c6:b3:2e:0e:12:ed:
         90:4d:15:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxH8StTMveegcJy+zRqojFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjYwMjEwMTQyNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI3ZmE1YzkyODgyZTk2YWNiNWE1NTIwNmIyMTczMjQyMmRjNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomQZAaTR4/XKHkQZWDuZDz+lq/49
v6pm6Qmy4IXr8QRSNiwLXHglycGmXc9sqqx9B1eOK82w31d0ZNzyy859uGgSwcwf
8503hJL/Zf6avAj2I7Qt7IWqGz9824xSNr8TYt2Fb3S/ng1pmGAQq56Xh6fh52Dc
bZzozDmoQqgOa837vxJ6REwFFVI1eIwRKc7AO0NTT3Q81rDkAQKvTvkDiiaiuIu0
dpzIqbyN2F/iTAGm79uHCUYfx8EqANvh45Ww4qGeIme6wrQtSGG4O+0AmiviVCs+
EPtxVrkfi6jZgR92qF6XSTAJggp2cOA4RZ2ArdzifJYYt1l7OOiS78ra1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOUn+lySiC6WrLWlUgayFzJCLcWnMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvNVNmNlhKS0lMcGFzdGFWU0JySVhNa0l0eGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv6xMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ5jalAP3SJnWy/arydF0JMKfwL7qxq5bVG/HQuZQP
PvcUcRKnm928MvzkRt0sIpTw2W9p35kq7zehILUNaS+uv1r200lRYQfb/SseeweO
u719zEmUjdeQJij1NKSjlOURe8fT/QosLNv9vpZSaS8meFLR60RWe9hUmBMAuckd
QH49biS9KLY9NXixQvri1SMb7d6X8QMeFEc6emm+UKJ7NGzDRyfqQbXMU8tM2DNa
9y9yC3S6f12VueOM2wPETs+/QQkL5XWrsO2wLt2g9uexBF+fzZZ2NzByufDPQjxF
yu1ULloYCv4xFm4kFPGmufI50zzf16bGsy4OEu2QTRXk
-----END CERTIFICATE-----