Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/pjvc82FsZIjwmviqLxKHDBh4RDU.roa
File:                     pjvc82FsZIjwmviqLxKHDBh4RDU.roa (raw, json)
Hash identifier:          jb2hS+key/pZECdWCyAx0Uzxe6bHR0ulKUwYkRkc3+Q=
Subject key identifier:   A6:3B:DC:F3:61:6C:64:88:F0:9A:F8:AA:2F:12:87:0C:18:78:44:35
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       019C722639B983D802289B3B8AB16BFDD773
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/pjvc82FsZIjwmviqLxKHDBh4RDU.roa
Signing time:             Wed 18 Feb 2026 19:07:13 +0000
ROA not before:           Wed 18 Feb 2026 19:07:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215290
IP address blocks:        2a0d:b846::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 09:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:72:26:39:b9:83:d8:02:28:9b:3b:8a:b1:6b:fd:d7:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Feb 18 19:07:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a63bdcf3616c6488f09af8aa2f12870c18784435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:9f:4a:32:0a:05:58:1b:55:3c:13:35:fd:d2:
                    fb:df:68:12:f0:c0:e5:74:de:40:e1:16:0d:d1:ad:
                    ff:2a:bb:98:b0:42:eb:7c:14:03:33:08:00:aa:69:
                    f1:28:16:6d:cf:35:42:73:0a:04:03:db:8a:8a:25:
                    f4:7f:7b:d7:c9:9d:cf:ba:15:fa:22:b7:00:6e:83:
                    78:d3:b7:56:15:71:21:3c:5b:1e:9b:f3:99:d4:5d:
                    20:71:1f:d5:4f:19:25:54:f3:89:97:c5:cd:95:a0:
                    4e:ca:89:67:ab:e3:4c:b8:1e:e0:72:d3:52:cf:bc:
                    ba:7b:80:b2:31:18:2e:1f:41:ce:f2:97:49:f1:83:
                    7b:1b:f5:2a:dd:9a:37:80:5a:72:ac:3b:0c:7b:29:
                    88:53:aa:29:69:14:d2:66:aa:2a:95:3a:70:a5:f3:
                    55:ef:10:cb:b9:87:1e:c9:b2:93:f0:36:7b:7e:52:
                    d7:60:7f:db:66:95:b8:29:dd:aa:3c:83:14:c3:c4:
                    12:45:d6:c7:db:15:0d:79:0c:40:47:04:a2:26:24:
                    3d:ab:21:83:64:62:35:ec:9b:f9:d4:83:94:ba:04:
                    7b:51:9c:62:89:f4:22:22:fe:af:ad:6b:02:23:1c:
                    37:89:15:2d:19:e4:de:e5:53:32:77:30:43:82:9d:
                    74:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:3B:DC:F3:61:6C:64:88:F0:9A:F8:AA:2F:12:87:0C:18:78:44:35
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/pjvc82FsZIjwmviqLxKHDBh4RDU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:b846::/32

    Signature Algorithm: sha256WithRSAEncryption
         18:7c:3b:55:48:f1:a5:ec:0e:4a:00:66:eb:b7:c2:d1:32:09:
         63:fe:99:82:47:e2:e3:28:85:ba:87:0f:4c:49:df:26:c0:c6:
         e4:c6:be:0e:1b:b6:18:57:9b:0c:2a:5d:94:7d:58:6d:80:4c:
         25:4a:07:3b:e0:6d:85:66:e6:84:88:ec:b3:9e:22:3d:e3:60:
         97:4f:80:59:45:78:a0:db:54:1f:b3:73:e8:80:42:be:e7:19:
         84:fd:2a:f1:35:bb:f2:d6:b7:6b:e3:3c:cc:7f:3c:6c:e4:f5:
         41:1f:f0:5b:cc:fc:64:6d:aa:51:7a:eb:89:35:c3:26:95:ea:
         0f:0b:5b:46:c2:9d:96:69:01:a8:2a:d3:4f:31:ed:1f:23:2d:
         41:e8:6f:91:28:ee:19:1e:c6:9b:10:3c:1c:3c:97:63:13:e3:
         78:2f:37:b2:bd:88:26:c0:84:f8:a9:a6:03:80:00:76:f0:35:
         9e:70:b6:28:b6:0f:dd:3d:c1:63:46:cb:c9:f2:d4:5a:e9:9d:
         52:11:7a:6c:c4:a0:b0:24:b1:7c:e3:f4:46:cc:ce:f8:c8:d8:
         c9:3a:06:76:f7:dc:d5:0d:b1:75:c8:11:a5:74:fa:34:bd:7d:
         a2:c9:94:49:4e:e5:0f:b4:d9:3b:8c:52:d9:76:87:c5:7f:30:
         10:de:6d:2a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZxyJjm5g9gCKJs7irFr/ddzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMjE4MTkwNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjNiZGNmMzYxNmM2NDg4ZjA5YWY4YWEyZjEyODcwYzE4Nzg0NDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJ9KMgoFWBtVPBM1/dL732gS8MDl
dN5A4RYN0a3/KruYsELrfBQDMwgAqmnxKBZtzzVCcwoEA9uKiiX0f3vXyZ3PuhX6
IrcAboN407dWFXEhPFsem/OZ1F0gcR/VTxklVPOJl8XNlaBOyolnq+NMuB7gctNS
z7y6e4CyMRguH0HO8pdJ8YN7G/Uq3Zo3gFpyrDsMeymIU6opaRTSZqoqlTpwpfNV
7xDLuYceybKT8DZ7flLXYH/bZpW4Kd2qPIMUw8QSRdbH2xUNeQxARwSiJiQ9qyGD
ZGI17Jv51IOUugR7UZxiifQiIv6vrWsCIxw3iRUtGeTe5VMydzBDgp10uQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKY73PNhbGSI8Jr4qi8ShwwYeEQ1MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvcGp2YzgyRnNaSWp3bXZpcUx4S0hEQmg0UkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg24RjAN
BgkqhkiG9w0BAQsFAAOCAQEAGHw7VUjxpewOSgBm67fC0TIJY/6Zgkfi4yiFuocP
TEnfJsDG5Ma+Dhu2GFebDCpdlH1YbYBMJUoHO+BthWbmhIjss54iPeNgl0+AWUV4
oNtUH7Nz6IBCvucZhP0q8TW78ta3a+M8zH88bOT1QR/wW8z8ZG2qUXrriTXDJpXq
DwtbRsKdlmkBqCrTTzHtHyMtQehvkSjuGR7GmxA8HDyXYxPjeC83sr2IJsCE+Kmm
A4AAdvA1nnC2KLYP3T3BY0bLyfLUWumdUhF6bMSgsCSxfOP0RszO+MjYyToGdvfc
1Q2xdcgRpXT6NL19osmUSU7lD7TZO4xS2XaHxX8wEN5tKg==
-----END CERTIFICATE-----