Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/61jEoPY3BUG6j9cu_lF8RKNi7JI.roa
File:                     61jEoPY3BUG6j9cu_lF8RKNi7JI.roa (raw, json)
Hash identifier:          4WzEHJ+ROSfn7ovwc2eGPGUGeBlvLhI0622lMwFDYa0=
Subject key identifier:   EB:58:C4:A0:F6:37:05:41:BA:8F:D7:2E:FE:51:7C:44:A3:62:EC:92
Certificate issuer:       /CN=9051ebf8c28f817b7f148bfc95cc2b5b4cb30089
Certificate serial:       019C75A942880E4D6A913AAFEA0273FD19C9
Authority key identifier: 90:51:EB:F8:C2:8F:81:7B:7F:14:8B:FC:95:CC:2B:5B:4C:B3:00:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kFHr-MKPgXt_FIv8lcwrW0yzAIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/61jEoPY3BUG6j9cu_lF8RKNi7JI.roa
Signing time:             Thu 19 Feb 2026 11:29:12 +0000
ROA not before:           Thu 19 Feb 2026 11:29:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     47951
IP address blocks:        2a13:5880::/29 maxlen: 29
                          2a13:5880::/30 maxlen: 30
                          2a13:5884::/30 maxlen: 30
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/kFHr-MKPgXt_FIv8lcwrW0yzAIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/kFHr-MKPgXt_FIv8lcwrW0yzAIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kFHr-MKPgXt_FIv8lcwrW0yzAIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:75:a9:42:88:0e:4d:6a:91:3a:af:ea:02:73:fd:19:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9051ebf8c28f817b7f148bfc95cc2b5b4cb30089
        Validity
            Not Before: Feb 19 11:29:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=eb58c4a0f6370541ba8fd72efe517c44a362ec92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e4:15:95:0c:39:33:b7:7f:b5:4d:b0:ab:4f:
                    1d:e8:1b:ad:5b:dd:c7:e4:22:d1:41:45:7a:9e:23:
                    e4:d1:a7:13:2e:54:ce:9c:cd:a1:7f:82:af:8c:36:
                    09:55:e4:af:88:11:63:26:fe:25:a3:63:55:fd:f8:
                    32:c6:30:db:f2:22:a5:b2:1f:1e:00:ec:f2:c5:df:
                    3c:1c:ec:1e:13:b7:70:a4:1c:ba:36:84:88:78:56:
                    14:1b:dc:96:d5:9f:ba:5c:77:4f:14:fb:1d:cf:d4:
                    3d:23:91:bf:7d:30:13:34:df:b7:3b:c8:df:c1:d5:
                    9e:3f:bd:d8:a9:45:6f:56:e0:97:b9:67:3e:b4:80:
                    af:dc:fb:56:b1:40:45:90:f4:76:cd:c3:65:66:32:
                    32:18:df:49:9f:b3:ea:d6:37:c6:fa:d0:03:50:43:
                    a5:0b:54:9f:6c:cf:f2:69:b1:d3:68:d0:30:b7:ae:
                    72:76:a6:9d:c8:93:03:1b:47:a1:8e:c4:9a:01:2c:
                    16:8a:58:78:f4:47:de:64:1e:a0:b3:5d:fc:0f:6c:
                    a8:ce:f9:a5:3a:fd:7f:25:a2:62:6c:2c:f5:c8:75:
                    41:f4:0d:a4:fe:5a:f0:1c:dd:4d:b6:9b:9e:43:ca:
                    11:f2:71:b1:05:2e:77:54:a8:ba:e6:c7:5a:79:5e:
                    6e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:58:C4:A0:F6:37:05:41:BA:8F:D7:2E:FE:51:7C:44:A3:62:EC:92
            X509v3 Authority Key Identifier:
                keyid:90:51:EB:F8:C2:8F:81:7B:7F:14:8B:FC:95:CC:2B:5B:4C:B3:00:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFHr-MKPgXt_FIv8lcwrW0yzAIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/61jEoPY3BUG6j9cu_lF8RKNi7JI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/kFHr-MKPgXt_FIv8lcwrW0yzAIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:5880::/29

    Signature Algorithm: sha256WithRSAEncryption
         27:76:bf:5e:33:73:22:e6:01:ba:e8:a1:72:0d:f7:e3:33:cd:
         af:e5:f3:7f:bb:38:0c:92:f9:f1:41:08:bc:a2:f8:06:73:e4:
         ec:ba:e5:e3:61:36:e9:c7:86:8f:c2:53:1c:b2:0e:3b:8b:36:
         b5:27:d5:bc:0e:34:c8:6a:74:ef:8f:9b:58:36:b2:2d:4f:f8:
         7d:ed:d0:20:47:b5:d0:51:48:04:12:47:16:58:e5:87:6a:57:
         d0:d5:f7:bd:9b:eb:40:f3:fa:14:7c:f0:17:62:5a:3e:a1:73:
         43:67:9d:f0:3e:00:54:c9:aa:56:b4:4c:88:86:6b:3b:7a:87:
         a3:f9:17:23:b6:50:75:42:ee:52:d4:b5:f5:06:5b:61:24:7d:
         24:f7:90:e9:17:f5:af:1e:92:35:31:1d:a5:6a:e1:c2:f3:a5:
         99:f5:db:c1:ed:c3:5e:4f:05:49:26:26:0a:02:c0:c5:2f:7b:
         fb:3d:78:73:3e:ee:7c:b5:d0:3f:59:b3:c8:27:c0:f3:8f:75:
         45:60:a0:7c:28:bb:c8:8f:f5:6e:07:e0:49:3e:9f:03:96:ac:
         fa:cc:c5:20:f6:f9:59:c0:62:78:82:2d:03:f1:c5:f8:9e:1b:
         e7:73:ae:69:0c:5b:f8:c6:92:cb:2c:d9:89:a6:f7:70:40:5f:
         05:34:41:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZx1qUKIDk1qkTqv6gJz/RnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNTFlYmY4YzI4ZjgxN2I3ZjE0OGJmYzk1Y2MyYjViNGNi
MzAwODkwHhcNMjYwMjE5MTEyOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU4YzRhMGY2MzcwNTQxYmE4ZmQ3MmVmZTUxN2M0NGEzNjJlYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOQVlQw5M7d/tU2wq08d6ButW93H
5CLRQUV6niPk0acTLlTOnM2hf4KvjDYJVeSviBFjJv4lo2NV/fgyxjDb8iKlsh8e
AOzyxd88HOweE7dwpBy6NoSIeFYUG9yW1Z+6XHdPFPsdz9Q9I5G/fTATNN+3O8jf
wdWeP73YqUVvVuCXuWc+tICv3PtWsUBFkPR2zcNlZjIyGN9Jn7Pq1jfG+tADUEOl
C1SfbM/yabHTaNAwt65ydqadyJMDG0ehjsSaASwWilh49EfeZB6gs138D2yozvml
Ov1/JaJibCz1yHVB9A2k/lrwHN1NtpueQ8oR8nGxBS53VKi65sdaeV5uhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOtYxKD2NwVBuo/XLv5RfESjYuySMB8GA1UdIwQY
MBaAFJBR6/jCj4F7fxSL/JXMK1tMswCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZIci1NS1BnWHRfRkl2OGxjd3JXMHl6QUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83OWI1OTctNmIwYy00ZDAzLWJmNDAt
MzEyNDdmM2E0NTM5LzEvNjFqRW9QWTNCVUc2ajljdV9sRjhSS05pN0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83OWI1OTctNmIwYy00ZDAzLWJmNDAtMzEyNDdmM2E0NTM5
LzEva0ZIci1NS1BnWHRfRkl2OGxjd3JXMHl6QUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNYgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ3a/XjNzIuYBuuihcg334zPNr+Xzf7s4DJL58UEI
vKL4BnPk7Lrl42E26ceGj8JTHLIOO4s2tSfVvA40yGp074+bWDayLU/4fe3QIEe1
0FFIBBJHFljlh2pX0NX3vZvrQPP6FHzwF2JaPqFzQ2ed8D4AVMmqVrRMiIZrO3qH
o/kXI7ZQdULuUtS19QZbYSR9JPeQ6Rf1rx6SNTEdpWrhwvOlmfXbwe3DXk8FSSYm
CgLAxS97+z14cz7ufLXQP1mzyCfA8491RWCgfCi7yI/1bgfgST6fA5as+szFIPb5
WcBieIItA/HF+J4b53OuaQxb+MaSyyzZiab3cEBfBTRBSA==
-----END CERTIFICATE-----