Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Pvldt4Xm66AODz9ub5YATR61bpg.roa
File:                     Pvldt4Xm66AODz9ub5YATR61bpg.roa (raw, json)
Hash identifier:          mhUDlLYy/KUsiqdqJUa31hfGo6XBqGiFyvzRAXoUW/g=
Subject key identifier:   3E:F9:5D:B7:85:E6:EB:A0:0E:0F:3F:6E:6F:96:00:4D:1E:B5:6E:98
Certificate issuer:       /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial:       019C55D6009D9396430A056314BD2AF4907A
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Pvldt4Xm66AODz9ub5YATR61bpg.roa
Signing time:             Fri 13 Feb 2026 07:10:14 +0000
ROA not before:           Fri 13 Feb 2026 07:10:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     41272
IP address blocks:        46.165.64.0/18 maxlen: 18
                          80.185.0.0/16 maxlen: 16
                          188.7.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:55:d6:00:9d:93:96:43:0a:05:63:14:bd:2a:f4:90:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
        Validity
            Not Before: Feb 13 07:10:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3ef95db785e6eba00e0f3f6e6f96004d1eb56e98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:34:87:16:2c:c7:cf:e3:63:1a:96:18:bd:8a:
                    6b:1c:ce:93:3b:4f:96:6b:03:35:e1:b0:19:3c:9c:
                    1d:e2:64:d5:a8:1f:62:e1:dd:35:e2:59:9b:d2:06:
                    82:da:25:53:44:a7:94:c1:73:1d:19:ed:b6:e1:ea:
                    c2:af:08:36:93:d4:67:94:14:02:5b:ee:76:6a:5a:
                    c9:1a:bb:fa:e4:18:c3:47:3f:85:9d:1d:01:8d:5d:
                    0f:a7:72:87:18:1d:9c:c6:55:74:14:74:bf:37:ff:
                    d3:df:5e:b6:e1:b4:14:86:56:fe:6a:dc:55:a2:89:
                    dc:0b:e9:89:95:3c:bc:b2:d5:0a:fc:e0:57:fa:84:
                    aa:81:1c:c9:10:61:41:6c:20:42:51:34:9b:b3:02:
                    e8:33:fb:0b:13:c3:57:b7:21:10:34:f1:eb:5e:27:
                    4a:68:55:9a:3f:0d:e6:4a:98:3c:8e:41:df:7b:21:
                    7f:42:fb:99:98:b0:be:cd:6d:79:e8:cd:3c:f9:8d:
                    87:e6:c5:ce:a8:e9:75:93:e6:6b:a3:87:ba:44:82:
                    e8:b0:d1:79:7a:6c:4a:25:a7:c1:62:34:d5:3c:93:
                    8e:f8:60:91:cc:22:dc:d2:06:35:05:01:bd:f5:1d:
                    b7:41:2e:96:0d:a1:f3:e9:f7:ff:24:c9:5b:e1:59:
                    d3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F9:5D:B7:85:E6:EB:A0:0E:0F:3F:6E:6F:96:00:4D:1E:B5:6E:98
            X509v3 Authority Key Identifier:
                keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Pvldt4Xm66AODz9ub5YATR61bpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.165.64.0/18
                  80.185.0.0/16
                  188.7.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         98:3a:5e:db:f1:0f:f6:78:8a:02:5e:c4:07:da:03:ad:11:44:
         a7:76:2b:1b:7a:52:ff:4d:84:b9:b7:b7:3b:34:7d:8c:26:2c:
         7f:2a:c5:6e:94:4e:62:c9:e7:2d:00:ce:bf:38:14:dd:28:8a:
         77:68:c1:85:1a:2b:84:4b:ce:63:0a:7a:32:a8:a0:02:4d:66:
         2f:f4:57:58:30:4d:34:b1:f0:d2:85:d7:28:3e:fa:99:f5:41:
         99:3f:88:93:26:2f:6d:8e:f2:3b:fb:5d:d4:6a:c5:2b:30:6e:
         0e:58:a4:c2:13:73:a1:62:f7:33:d2:4e:bf:55:8d:d2:78:fb:
         a8:8f:01:89:35:a7:9b:69:ae:ca:f6:e7:8c:e7:7b:ad:7e:af:
         c2:3e:5d:e2:c1:cd:36:e1:b2:6d:2e:84:e3:3d:5f:cf:04:52:
         cb:bf:c8:62:5d:0d:11:09:e8:d2:49:25:c9:34:6f:ca:6c:f5:
         a8:d5:4f:a5:ce:6e:00:11:af:7a:ea:0f:70:23:19:d5:1e:f6:
         b3:11:3b:b2:24:d3:94:19:5a:c1:ce:9d:8a:71:8d:86:72:37:
         5e:af:7e:39:b0:90:46:dc:d4:19:bb:2f:60:9e:57:b5:92:cb:
         a3:61:96:91:d7:34:a7:0e:db:fe:fc:ce:01:f4:8d:10:de:74:
         88:bb:2c:de
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZxV1gCdk5ZDCgVjFL0q9JB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjYwMjEzMDcxMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY5NWRiNzg1ZTZlYmEwMGUwZjNmNmU2Zjk2MDA0ZDFlYjU2ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTSHFizHz+NjGpYYvYprHM6TO0+W
awM14bAZPJwd4mTVqB9i4d014lmb0gaC2iVTRKeUwXMdGe224erCrwg2k9RnlBQC
W+52alrJGrv65BjDRz+FnR0BjV0Pp3KHGB2cxlV0FHS/N//T31624bQUhlb+atxV
ooncC+mJlTy8stUK/OBX+oSqgRzJEGFBbCBCUTSbswLoM/sLE8NXtyEQNPHrXidK
aFWaPw3mSpg8jkHfeyF/QvuZmLC+zW156M08+Y2H5sXOqOl1k+Zro4e6RILosNF5
emxKJafBYjTVPJOO+GCRzCLc0gY1BQG99R23QS6WDaHz6ff/JMlb4VnTlQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFD75XbeF5uugDg8/bm+WAE0etW6YMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUHZsZHQ0WG02NkFPRHo5dWI1WUFUUjYxYnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAATAQAwQGLqVAAwMA
ULkDAwC8BzANBgkqhkiG9w0BAQsFAAOCAQEAmDpe2/EP9niKAl7EB9oDrRFEp3Yr
G3pS/02Eube3OzR9jCYsfyrFbpROYsnnLQDOvzgU3SiKd2jBhRorhEvOYwp6Mqig
Ak1mL/RXWDBNNLHw0oXXKD76mfVBmT+IkyYvbY7yO/td1GrFKzBuDlikwhNzoWL3
M9JOv1WN0nj7qI8BiTWnm2muyvbnjOd7rX6vwj5d4sHNNuGybS6E4z1fzwRSy7/I
Yl0NEQno0kklyTRvymz1qNVPpc5uABGveuoPcCMZ1R72sxE7siTTlBlawc6dinGN
hnI3Xq9+ObCQRtzUGbsvYJ5XtZLLo2GWkdc0pw7b/vzOAfSNEN50iLss3g==
-----END CERTIFICATE-----