Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/vsccf6N6ed3oSOr16Si52_Pi1OU.roa
File:                     vsccf6N6ed3oSOr16Si52_Pi1OU.roa (raw, json)
Hash identifier:          dDYPX5T+6IsG+WDryYCWg19yZkGlyJuRt9MFgGoSWIo=
Subject key identifier:   BE:C7:1C:7F:A3:7A:79:DD:E8:48:EA:F5:E9:28:B9:DB:F3:E2:D4:E5
Certificate issuer:       /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial:       019C7ED9770EFB543308539245AB95249C7A
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/vsccf6N6ed3oSOr16Si52_Pi1OU.roa
Signing time:             Sat 21 Feb 2026 06:18:26 +0000
ROA not before:           Sat 21 Feb 2026 06:18:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     28451
IP address blocks:        185.240.166.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:7e:d9:77:0e:fb:54:33:08:53:92:45:ab:95:24:9c:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
        Validity
            Not Before: Feb 21 06:18:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bec71c7fa37a79dde848eaf5e928b9dbf3e2d4e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ea:54:bd:2d:a7:11:0a:5c:ba:db:eb:d5:e5:
                    05:d1:e7:08:53:16:5c:26:ff:a3:9e:9e:58:ca:d8:
                    3d:b4:e1:6c:5b:2e:da:66:0f:23:0e:11:e5:f7:da:
                    6d:2c:b1:01:b8:64:7f:09:36:3a:6b:73:61:fb:49:
                    5d:20:a5:35:4f:bf:b5:26:ae:76:31:95:31:d2:b5:
                    8d:77:5c:95:7c:32:77:5c:bf:4e:6a:b4:01:5a:d7:
                    a6:a1:77:c9:3e:ea:9b:1d:09:c7:53:8c:be:ee:a2:
                    70:89:7b:eb:34:f5:cb:1c:39:03:b8:58:9c:64:45:
                    df:b8:3d:46:89:3d:b8:7b:b1:74:b5:68:02:91:63:
                    64:5d:ce:a3:d1:26:a5:99:7f:b8:f3:77:76:89:8a:
                    25:30:fa:73:61:34:2b:9d:9c:62:00:0f:9d:ac:2b:
                    25:3f:01:14:52:2c:bd:ef:d0:8d:3f:96:a8:37:2a:
                    35:d1:a5:be:6c:bc:aa:bb:90:9b:4e:98:b6:3e:f5:
                    15:18:59:e6:f0:14:00:aa:57:50:c6:29:82:49:ba:
                    89:cd:c4:4c:19:b7:fb:d0:78:59:e0:e3:c5:44:58:
                    47:84:b7:99:d0:3f:a2:2c:7b:90:5c:46:88:13:00:
                    f9:40:f0:86:1a:5f:42:1c:14:22:10:a7:62:d0:5d:
                    82:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:C7:1C:7F:A3:7A:79:DD:E8:48:EA:F5:E9:28:B9:DB:F3:E2:D4:E5
            X509v3 Authority Key Identifier:
                keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/vsccf6N6ed3oSOr16Si52_Pi1OU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.240.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:e2:56:10:37:1e:f7:5c:50:79:92:dc:63:da:eb:9f:e5:85:
         4c:c0:71:e7:b7:48:cf:54:25:08:ce:a4:d5:58:41:8d:25:bf:
         4e:d0:b8:b3:95:b8:2b:79:8f:4b:7e:bc:89:f6:d4:3d:30:41:
         19:15:bc:e5:fb:bb:c8:f3:49:c2:75:20:a6:54:dd:a8:39:b9:
         97:7e:45:92:27:7c:1b:ee:a1:5d:ae:f4:c5:45:d9:9d:cf:43:
         45:3c:91:1c:31:b3:35:62:43:11:40:e7:51:a1:fc:57:e0:a2:
         e1:85:5a:56:62:82:38:b9:73:b2:0e:18:e5:26:5c:0c:67:da:
         b0:ff:69:69:7d:f2:07:02:57:d4:11:bc:41:ff:56:fb:94:4e:
         fe:43:6d:03:b4:66:7a:18:5d:b0:17:4f:26:65:b1:b4:ac:98:
         3d:96:fd:82:b6:fb:31:97:44:6d:0f:5b:e0:f0:9d:a0:f6:1f:
         e6:dd:91:d1:7e:7c:0a:bc:56:31:e8:3c:f7:3e:0a:cc:ec:15:
         c8:6e:5e:eb:37:4e:05:2a:3d:38:ff:23:c6:53:b2:57:f3:8a:
         dd:0b:2f:53:d7:2e:73:11:c9:f8:cf:8c:16:44:4a:1c:8f:e2:
         cc:e7:93:85:c9:22:a0:09:06:f5:c4:ef:89:36:6c:e3:04:d0:
         58:4f:2c:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZx+2XcO+1QzCFOSRauVJJx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjYwMjIxMDYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWM3MWM3ZmEzN2E3OWRkZTg0OGVhZjVlOTI4YjlkYmYzZTJkNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOpUvS2nEQpcutvr1eUF0ecIUxZc
Jv+jnp5Yytg9tOFsWy7aZg8jDhHl99ptLLEBuGR/CTY6a3Nh+0ldIKU1T7+1Jq52
MZUx0rWNd1yVfDJ3XL9OarQBWtemoXfJPuqbHQnHU4y+7qJwiXvrNPXLHDkDuFic
ZEXfuD1GiT24e7F0tWgCkWNkXc6j0SalmX+483d2iYolMPpzYTQrnZxiAA+drCsl
PwEUUiy979CNP5aoNyo10aW+bLyqu5CbTpi2PvUVGFnm8BQAqldQximCSbqJzcRM
Gbf70HhZ4OPFRFhHhLeZ0D+iLHuQXEaIEwD5QPCGGl9CHBQiEKdi0F2CJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL7HHH+jennd6Ejq9ekoudvz4tTlMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvdnNjY2Y2TjZlZDNvU09yMTZTaTUyX1BpMU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufCmMA0G
CSqGSIb3DQEBCwUAA4IBAQB44lYQNx73XFB5ktxj2uuf5YVMwHHnt0jPVCUIzqTV
WEGNJb9O0LizlbgreY9LfryJ9tQ9MEEZFbzl+7vI80nCdSCmVN2oObmXfkWSJ3wb
7qFdrvTFRdmdz0NFPJEcMbM1YkMRQOdRofxX4KLhhVpWYoI4uXOyDhjlJlwMZ9qw
/2lpffIHAlfUEbxB/1b7lE7+Q20DtGZ6GF2wF08mZbG0rJg9lv2Ctvsxl0RtD1vg
8J2g9h/m3ZHRfnwKvFYx6Dz3PgrM7BXIbl7rN04FKj04/yPGU7JX84rdCy9T1y5z
Ecn4z4wWREocj+LM55OFySKgCQb1xO+JNmzjBNBYTywZ
-----END CERTIFICATE-----