Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/tcrZxlSyhxTj8kiRDMPfiA4u4Z0.roa
File:                     tcrZxlSyhxTj8kiRDMPfiA4u4Z0.roa (raw, json)
Hash identifier:          X3hmm+WjiPxOc2QFBzEzmGR0EXyXyN6SSxewOy8ufSE=
Subject key identifier:   B5:CA:D9:C6:54:B2:87:14:E3:F2:48:91:0C:C3:DF:88:0E:2E:E1:9D
Certificate issuer:       /CN=79a304ba34b61a15e3797ffd4d1ae8c218c1c7bf
Certificate serial:       019C75A4AFC8E9AED320FBED220076191F39
Authority key identifier: 79:A3:04:BA:34:B6:1A:15:E3:79:7F:FD:4D:1A:E8:C2:18:C1:C7:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eaMEujS2GhXjeX_9TRrowhjBx78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/tcrZxlSyhxTj8kiRDMPfiA4u4Z0.roa
Signing time:             Thu 19 Feb 2026 11:24:13 +0000
ROA not before:           Thu 19 Feb 2026 11:24:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     47951
IP address blocks:        2a12:c040::/29 maxlen: 29
                          2a12:c040::/30 maxlen: 30
                          2a12:c044::/30 maxlen: 30
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/eaMEujS2GhXjeX_9TRrowhjBx78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/eaMEujS2GhXjeX_9TRrowhjBx78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eaMEujS2GhXjeX_9TRrowhjBx78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 08:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:75:a4:af:c8:e9:ae:d3:20:fb:ed:22:00:76:19:1f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79a304ba34b61a15e3797ffd4d1ae8c218c1c7bf
        Validity
            Not Before: Feb 19 11:24:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b5cad9c654b28714e3f248910cc3df880e2ee19d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c8:7d:22:84:4f:fa:5e:d3:90:fb:37:7a:3c:
                    39:f3:db:89:df:ef:64:95:e3:0f:01:fd:91:26:79:
                    4b:28:f4:75:3f:fa:54:37:3b:d2:06:0f:15:24:d8:
                    1e:b8:a6:48:8c:da:f8:23:5c:e7:f4:3e:1b:72:c8:
                    6e:71:57:2e:cc:59:aa:56:b6:1a:d6:7b:dd:94:94:
                    09:d1:7c:d8:8e:cd:be:19:58:c9:e6:d7:44:e1:66:
                    ff:54:7c:b5:03:01:9f:61:2a:43:8d:38:8a:54:2f:
                    eb:fc:33:35:f2:b8:c9:3f:51:94:eb:04:14:9f:b4:
                    15:56:0d:f8:54:e5:d5:a7:e8:5a:14:ab:20:b8:c6:
                    ab:98:25:e5:84:f3:d1:63:b7:84:a7:70:77:2a:a1:
                    f0:f7:ff:ab:87:7c:fe:dc:b1:3d:82:36:79:bb:cf:
                    d0:7e:cb:bf:7a:c6:ec:da:06:6e:16:8e:11:fa:97:
                    53:6c:a7:1f:20:5e:31:76:d5:39:94:c7:0f:1e:3e:
                    4e:c8:de:c3:a0:bb:a2:89:1c:bf:9a:19:ad:38:d5:
                    7a:f3:1d:67:d4:f4:09:92:3a:59:e5:f3:b7:24:87:
                    2f:82:0e:32:d5:af:b1:f8:47:91:08:7b:80:53:e9:
                    ea:09:53:ce:e1:af:2c:44:99:1f:bb:4a:9b:33:f0:
                    18:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:CA:D9:C6:54:B2:87:14:E3:F2:48:91:0C:C3:DF:88:0E:2E:E1:9D
            X509v3 Authority Key Identifier:
                keyid:79:A3:04:BA:34:B6:1A:15:E3:79:7F:FD:4D:1A:E8:C2:18:C1:C7:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaMEujS2GhXjeX_9TRrowhjBx78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/tcrZxlSyhxTj8kiRDMPfiA4u4Z0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/eaMEujS2GhXjeX_9TRrowhjBx78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:c040::/29

    Signature Algorithm: sha256WithRSAEncryption
         2d:a7:75:e4:da:98:d9:4c:9b:08:77:2c:ec:2a:5d:18:bd:11:
         1b:b6:54:23:5a:fe:31:17:f0:ac:aa:f6:d0:12:da:19:76:ed:
         7d:cb:5f:72:db:01:71:b5:96:f1:76:f8:a0:19:c8:0e:38:e5:
         47:c3:04:36:fb:fd:35:3a:39:bf:a2:e7:00:45:45:b7:ad:49:
         aa:54:cb:d3:e7:a4:ca:ef:cd:f4:8e:b4:71:63:0b:f2:c3:67:
         fe:63:fd:fd:4b:29:50:92:88:c2:68:b2:9e:c9:d2:e2:50:c9:
         1b:21:e2:e9:f1:67:f9:8b:9c:ba:8b:0b:8f:dc:2d:e5:ca:22:
         95:b7:76:b4:74:10:95:e0:64:f5:d0:63:e3:a0:75:01:be:3f:
         06:2f:c8:4f:cc:de:56:0d:e6:ca:51:c4:64:32:2c:eb:1c:d0:
         4c:65:5e:11:21:ad:b3:51:4c:d9:e3:e6:10:99:5d:de:9f:d7:
         33:bc:f2:07:0c:31:39:2a:99:cb:72:56:16:ed:be:28:a3:ed:
         60:41:2d:7b:a8:41:25:e8:08:bc:57:e7:4c:4a:95:f0:ed:3e:
         14:e7:a4:54:88:fd:0a:cf:36:fe:1e:16:3e:72:af:e7:38:cf:
         56:64:5d:c4:05:20:c2:77:6c:c9:1a:17:72:7e:5e:b4:04:4c:
         1e:90:93:0c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZx1pK/I6a7TIPvtIgB2GR85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTMwNGJhMzRiNjFhMTVlMzc5N2ZmZDRkMWFlOGMyMThj
MWM3YmYwHhcNMjYwMjE5MTEyNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNhZDljNjU0YjI4NzE0ZTNmMjQ4OTEwY2MzZGY4ODBlMmVlMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Mh9IoRP+l7TkPs3ejw589uJ3+9k
leMPAf2RJnlLKPR1P/pUNzvSBg8VJNgeuKZIjNr4I1zn9D4bcshucVcuzFmqVrYa
1nvdlJQJ0XzYjs2+GVjJ5tdE4Wb/VHy1AwGfYSpDjTiKVC/r/DM18rjJP1GU6wQU
n7QVVg34VOXVp+haFKsguMarmCXlhPPRY7eEp3B3KqHw9/+rh3z+3LE9gjZ5u8/Q
fsu/esbs2gZuFo4R+pdTbKcfIF4xdtU5lMcPHj5OyN7DoLuiiRy/mhmtONV68x1n
1PQJkjpZ5fO3JIcvgg4y1a+x+EeRCHuAU+nqCVPO4a8sRJkfu0qbM/AYDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLXK2cZUsocU4/JIkQzD34gOLuGdMB8GA1UdIwQY
MBaAFHmjBLo0thoV43l//U0a6MIYwce/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFNRXVqUzJHaFhqZVhfOVRScm93aGpCeDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lNjAxMDctMTlmMy00MTk0LWJjMmYt
OTlhMGQyOWJhNTYzLzEvdGNyWnhsU3loeFRqOGtpUkRNUGZpQTR1NFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9lNjAxMDctMTlmMy00MTk0LWJjMmYtOTlhMGQyOWJhNTYz
LzEvZWFNRXVqUzJHaFhqZVhfOVRScm93aGpCeDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLAQDAN
BgkqhkiG9w0BAQsFAAOCAQEALad15NqY2UybCHcs7CpdGL0RG7ZUI1r+MRfwrKr2
0BLaGXbtfctfctsBcbWW8Xb4oBnIDjjlR8MENvv9NTo5v6LnAEVFt61JqlTL0+ek
yu/N9I60cWML8sNn/mP9/UspUJKIwmiynsnS4lDJGyHi6fFn+YucuosLj9wt5coi
lbd2tHQQleBk9dBj46B1Ab4/Bi/IT8zeVg3mylHEZDIs6xzQTGVeESGts1FM2ePm
EJld3p/XM7zyBwwxOSqZy3JWFu2+KKPtYEEte6hBJegIvFfnTEqV8O0+FOekVIj9
Cs82/h4WPnKv5zjPVmRdxAUgwndsyRoXcn5etARMHpCTDA==
-----END CERTIFICATE-----