Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lvS6vh9BhXk-DDoC3lHO0j30XVs.roa
File:                     lvS6vh9BhXk-DDoC3lHO0j30XVs.roa (raw, json)
Hash identifier:          NE22Cbu2Lr6NtvVCV3Mb0Mbcy2GjF6nALD39UXv5vqw=
Subject key identifier:   96:F4:BA:BE:1F:41:85:79:3E:0C:3A:02:DE:51:CE:D2:3D:F4:5D:5B
Certificate issuer:       /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial:       0198793E17782E3381FB11DA36D9CCC2461D
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lvS6vh9BhXk-DDoC3lHO0j30XVs.roa
Signing time:             Tue 05 Aug 2025 07:59:28 +0000
ROA not before:           Tue 05 Aug 2025 07:59:28 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     9009
IP address blocks:        79.121.188.0/23 maxlen: 24
                          79.121.194.0/23 maxlen: 24
                          79.121.208.0/23 maxlen: 24
                          79.121.222.0/23 maxlen: 24
                          79.121.226.0/23 maxlen: 24
                          79.121.238.0/23 maxlen: 24
                          93.152.0.0/23 maxlen: 24
                          93.152.10.0/23 maxlen: 24
                          93.152.12.0/22 maxlen: 24
                          93.152.18.0/24 maxlen: 24
                          93.152.21.0/24 maxlen: 24
                          93.152.48.0/22 maxlen: 24
                          93.152.64.0/22 maxlen: 24
                          93.152.92.0/24 maxlen: 24
                          93.152.116.0/22 maxlen: 24
                          94.185.130.0/23 maxlen: 24
                          94.185.132.0/23 maxlen: 24
                          94.185.136.0/23 maxlen: 24
                          94.185.142.0/23 maxlen: 24
                          94.185.148.0/23 maxlen: 24
                          94.185.152.0/22 maxlen: 24
                          94.185.152.0/23 maxlen: 24
                          94.185.154.0/23 maxlen: 24
                          94.185.168.0/22 maxlen: 24
                          94.185.168.0/23 maxlen: 24
                          94.185.170.0/23 maxlen: 24
                          94.185.172.0/23 maxlen: 24
                          94.185.180.0/23 maxlen: 24
                          94.185.186.0/23 maxlen: 24
                          94.185.192.0/22 maxlen: 24
                          94.185.192.0/23 maxlen: 24
                          94.185.194.0/23 maxlen: 24
                          94.185.196.0/23 maxlen: 24
                          94.185.200.0/22 maxlen: 24
                          94.185.200.0/23 maxlen: 24
                          94.185.202.0/23 maxlen: 24
                          94.185.204.0/23 maxlen: 24
                          94.185.214.0/23 maxlen: 24
                          94.185.216.0/23 maxlen: 24
                          94.185.220.0/22 maxlen: 24
                          94.185.220.0/23 maxlen: 24
                          94.185.222.0/23 maxlen: 24
                          94.185.230.0/23 maxlen: 24
                          94.185.232.0/23 maxlen: 24
                          95.177.3.0/24 maxlen: 24
                          95.177.5.0/24 maxlen: 24
                          95.177.8.0/23 maxlen: 24
                          95.177.13.0/24 maxlen: 24
                          95.177.54.0/23 maxlen: 24
                          95.177.72.0/23 maxlen: 24
                          109.174.128.0/22 maxlen: 24
                          109.174.128.0/23 maxlen: 24
                          109.174.130.0/23 maxlen: 24
                          109.174.134.0/23 maxlen: 24
                          109.174.136.0/23 maxlen: 24
                          109.174.140.0/22 maxlen: 24
                          109.174.140.0/23 maxlen: 24
                          109.174.142.0/23 maxlen: 24
                          109.174.152.0/23 maxlen: 24
                          109.174.160.0/22 maxlen: 24
                          109.174.160.0/23 maxlen: 24
                          109.174.162.0/23 maxlen: 24
                          109.174.168.0/23 maxlen: 24
                          109.174.172.0/23 maxlen: 24
                          109.174.250.0/23 maxlen: 24
                          109.174.252.0/23 maxlen: 24
                          109.174.254.0/23 maxlen: 24
                          109.204.0.0/22 maxlen: 24
                          109.204.16.0/22 maxlen: 24
                          109.204.21.0/24 maxlen: 24
                          109.204.24.0/22 maxlen: 24
                          109.204.29.0/24 maxlen: 24
                          109.204.41.0/24 maxlen: 24
                          109.204.45.0/24 maxlen: 24
                          109.204.51.0/24 maxlen: 24
                          109.204.54.0/24 maxlen: 24
                          109.204.58.0/24 maxlen: 24
                          109.204.96.0/22 maxlen: 24
                          109.204.112.0/24 maxlen: 24
                          109.204.121.0/24 maxlen: 24
                          109.204.124.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:79:3e:17:78:2e:33:81:fb:11:da:36:d9:cc:c2:46:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e20b034e2c497b1884488def106972704765029
        Validity
            Not Before: Aug  5 07:59:28 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=96f4babe1f4185793e0c3a02de51ced23df45d5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:7a:66:54:7b:d1:9e:f5:ba:e1:e9:e2:15:ce:
                    4c:0b:6b:45:de:6e:38:f9:11:ab:4b:91:05:5b:0c:
                    e3:03:6f:3b:26:68:ff:6c:5c:18:9b:ea:f4:33:f6:
                    ee:f1:67:b9:96:c8:a6:41:e4:da:1b:b7:81:70:12:
                    0d:0d:09:39:b2:bd:e4:57:c6:78:1b:cb:11:35:bb:
                    a0:22:72:ac:d5:85:02:ce:64:97:55:2c:1a:71:66:
                    1c:64:18:9f:20:bb:45:24:18:eb:ca:7a:af:36:d9:
                    99:5e:32:6b:03:a0:d3:2f:68:30:ea:65:c1:69:d0:
                    86:e1:8a:78:3d:51:36:6c:91:f1:62:aa:b7:59:e3:
                    8a:f2:a9:b8:29:da:a5:6d:fd:4c:1a:d6:db:86:6d:
                    33:63:1f:aa:dd:01:9e:47:7f:8a:53:cd:ef:07:97:
                    29:d3:19:e3:a4:96:78:df:92:29:2a:81:64:59:4c:
                    2c:9c:52:3f:f4:7c:76:8e:63:37:50:cf:d6:55:90:
                    ed:71:c0:86:0c:3e:7c:48:f2:bd:83:1b:e7:51:d2:
                    f4:9f:e2:3f:35:c1:cd:35:e7:b2:92:eb:a1:e8:23:
                    94:45:fd:0b:96:bf:cb:46:f8:01:45:14:c7:bd:94:
                    41:95:56:be:3c:e4:7b:29:b5:6b:a1:8e:76:a1:73:
                    6b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F4:BA:BE:1F:41:85:79:3E:0C:3A:02:DE:51:CE:D2:3D:F4:5D:5B
            X509v3 Authority Key Identifier:
                keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lvS6vh9BhXk-DDoC3lHO0j30XVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.121.188.0/23
                  79.121.194.0/23
                  79.121.208.0/23
                  79.121.222.0/23
                  79.121.226.0/23
                  79.121.238.0/23
                  93.152.0.0/23
                  93.152.10.0-93.152.15.255
                  93.152.18.0/24
                  93.152.21.0/24
                  93.152.48.0/22
                  93.152.64.0/22
                  93.152.92.0/24
                  93.152.116.0/22
                  94.185.130.0-94.185.133.255
                  94.185.136.0/23
                  94.185.142.0/23
                  94.185.148.0/23
                  94.185.152.0/22
                  94.185.168.0-94.185.173.255
                  94.185.180.0/23
                  94.185.186.0/23
                  94.185.192.0-94.185.197.255
                  94.185.200.0-94.185.205.255
                  94.185.214.0-94.185.217.255
                  94.185.220.0/22
                  94.185.230.0-94.185.233.255
                  95.177.3.0/24
                  95.177.5.0/24
                  95.177.8.0/23
                  95.177.13.0/24
                  95.177.54.0/23
                  95.177.72.0/23
                  109.174.128.0/22
                  109.174.134.0-109.174.137.255
                  109.174.140.0/22
                  109.174.152.0/23
                  109.174.160.0/22
                  109.174.168.0/23
                  109.174.172.0/23
                  109.174.250.0-109.174.255.255
                  109.204.0.0/22
                  109.204.16.0/22
                  109.204.21.0/24
                  109.204.24.0/22
                  109.204.29.0/24
                  109.204.41.0/24
                  109.204.45.0/24
                  109.204.51.0/24
                  109.204.54.0/24
                  109.204.58.0/24
                  109.204.96.0/22
                  109.204.112.0/24
                  109.204.121.0/24
                  109.204.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:ba:df:b9:e7:14:77:fb:9b:67:60:bb:6c:cf:e6:eb:c2:a1:
         42:e4:bd:be:94:7e:55:35:19:e2:9d:cf:38:53:a9:ef:83:76:
         7c:9a:8d:b6:35:49:82:7a:23:75:57:46:35:3d:57:a5:63:31:
         c6:95:18:e6:88:cd:63:b2:1b:c0:5e:56:b9:05:b5:04:8e:f9:
         df:06:72:56:d0:e7:88:89:13:05:15:a0:eb:f6:10:8a:b5:d7:
         21:fa:69:c6:8b:d9:0b:9c:0b:1c:3b:3d:6d:8b:5f:a4:db:fa:
         8f:72:90:05:1f:7a:82:90:ff:cb:ba:30:c9:fa:82:ee:ef:07:
         a1:08:c1:d2:24:a4:2d:76:76:85:7e:cc:22:c8:74:f5:7d:56:
         9c:c7:45:69:17:36:89:70:09:02:54:e7:64:93:1e:0c:e8:ac:
         41:d8:92:26:2b:ab:c8:28:5d:4c:e1:fd:ff:43:c4:b0:9e:e7:
         62:3c:e7:9f:8a:ec:f0:49:9b:dc:1b:c1:64:41:d8:76:2b:f5:
         75:52:64:75:13:91:f5:1a:18:1c:f5:6f:1d:ed:cb:07:9b:e9:
         38:fb:33:d5:00:46:ee:93:ee:cd:1f:eb:d8:b3:36:81:13:04:
         8f:22:fe:ce:51:b4:c8:33:2f:2f:72:2f:99:e2:03:21:d9:c3:
         dd:c3:79:2e
-----BEGIN CERTIFICATE-----
MIIGkjCCBXqgAwIBAgISAZh5Phd4LjOB+xHaNtnMwkYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwODA1MDc1OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY0YmFiZTFmNDE4NTc5M2UwYzNhMDJkZTUxY2VkMjNkZjQ1ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HpmVHvRnvW64eniFc5MC2tF3m44
+RGrS5EFWwzjA287Jmj/bFwYm+r0M/bu8We5lsimQeTaG7eBcBINDQk5sr3kV8Z4
G8sRNbugInKs1YUCzmSXVSwacWYcZBifILtFJBjrynqvNtmZXjJrA6DTL2gw6mXB
adCG4Yp4PVE2bJHxYqq3WeOK8qm4Kdqlbf1MGtbbhm0zYx+q3QGeR3+KU83vB5cp
0xnjpJZ435IpKoFkWUwsnFI/9Hx2jmM3UM/WVZDtccCGDD58SPK9gxvnUdL0n+I/
NcHNNeeykuuh6COURf0Llr/LRvgBRRTHvZRBlVa+POR7KbVroY52oXNraQIDAQAB
o4IDnjCCA5owHQYDVR0OBBYEFJb0ur4fQYV5Pgw6At5RztI99F1bMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbHZTNnZoOUJoWGstRERvQzNsSE8wajMwWFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBsgYIKwYBBQUHAQcBAf8EggGhMIIBnTCCAZkEAgABMIIB
kQMEAU95vAMEAU95wgMEAU950AMEAU953gMEAU954gMEAU957gMEAV2YADAMAwQB
XZgKAwQEXZgAAwQAXZgSAwQAXZgVAwQCXZgwAwQCXZhAAwQAXZhcAwQCXZh0MAwD
BAFeuYIDBAFeuYQDBAFeuYgDBAFeuY4DBAFeuZQDBAJeuZgwDAMEA165qAMEAV65
rAMEAV65tAMEAV65ujAMAwQGXrnAAwQBXrnEMAwDBANeucgDBAFeucwwDAMEAV65
1gMEAV652AMEAl653DAMAwQBXrnmAwQBXrnoAwQAX7EDAwQAX7EFAwQBX7EIAwQA
X7ENAwQBX7E2AwQBX7FIAwQCba6AMAwDBAFtroYDBAFtrogDBAJtrowDBAFtrpgD
BAJtrqADBAFtrqgDBAFtrqwwCwMEAW2u+gMDAG2uAwQCbcwAAwQCbcwQAwQAbcwV
AwQCbcwYAwQAbcwdAwQAbcwpAwQAbcwtAwQAbcwzAwQAbcw2AwQAbcw6AwQCbcxg
AwQAbcxwAwQAbcx5AwQBbcx8MA0GCSqGSIb3DQEBCwUAA4IBAQCUut+55xR3+5tn
YLtsz+brwqFC5L2+lH5VNRninc84U6nvg3Z8mo22NUmCeiN1V0Y1PVelYzHGlRjm
iM1jshvAXla5BbUEjvnfBnJW0OeIiRMFFaDr9hCKtdch+mnGi9kLnAscOz1ti1+k
2/qPcpAFH3qCkP/LujDJ+oLu7wehCMHSJKQtdnaFfswiyHT1fVacx0VpFzaJcAkC
VOdkkx4M6KxB2JImK6vIKF1M4f3/Q8SwnudiPOefiuzwSZvcG8FkQdh2K/V1UmR1
E5H1Ghgc9W8d7csHm+k4+zPVAEbuk+7NH+vYszaBEwSPIv7OUbTIMy8vci+Z4gMh
2cPdw3ku
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:05:27 2025 by rpki-client