Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/7-32Md7Q_fthPHDnPKRu6x3v5Vw.roa
File:                     7-32Md7Q_fthPHDnPKRu6x3v5Vw.roa (raw, json)
Hash identifier:          jKLcvLv2eQ3ck8qI0kEKdK//Dg+ioPx0eWUIN6VBJvE=
Subject key identifier:   EF:ED:F6:31:DE:D0:FD:FB:61:3C:70:E7:3C:A4:6E:EB:1D:EF:E5:5C
Certificate issuer:       /CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
Certificate serial:       019C71641F569A3C9495BA3ABC5C3879F555
Authority key identifier: 3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/7-32Md7Q_fthPHDnPKRu6x3v5Vw.roa
Signing time:             Wed 18 Feb 2026 15:35:12 +0000
ROA not before:           Wed 18 Feb 2026 15:35:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     5089
IP address blocks:        185.132.84.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:71:64:1f:56:9a:3c:94:95:ba:3a:bc:5c:38:79:f5:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
        Validity
            Not Before: Feb 18 15:35:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=efedf631ded0fdfb613c70e73ca46eeb1defe55c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7e:e8:d8:57:2c:2c:05:c8:87:e5:b6:57:4a:
                    14:2b:0d:7d:f2:02:11:41:41:55:6d:a0:5d:40:42:
                    28:37:25:f9:70:47:bc:a5:0c:3f:4b:9d:42:2e:88:
                    80:06:88:64:9d:7d:2a:c4:64:87:1d:77:3f:09:6f:
                    f0:50:da:9a:ef:6c:7e:78:57:de:4e:25:57:3b:cc:
                    1b:72:bf:07:49:2c:34:95:a4:21:e4:86:7c:3b:83:
                    40:71:5f:27:6d:51:52:dc:0b:8f:2c:0d:0c:b1:09:
                    76:1d:39:46:85:80:81:8c:7e:40:c4:ec:41:93:89:
                    31:1d:6d:c9:f5:75:d6:d7:f0:01:4c:1b:b2:ef:ec:
                    3e:c6:db:78:10:89:93:9a:20:cc:19:75:23:07:ef:
                    9b:fb:64:85:d2:67:ef:ab:f3:7c:e5:ba:7d:6d:ef:
                    84:4c:1e:c2:10:7f:b9:c9:97:5a:3f:9d:e4:ec:3c:
                    62:77:fb:cc:88:eb:e7:5b:0f:bb:7a:97:78:2d:14:
                    ae:08:57:a2:8b:9a:cc:5e:6a:01:4a:d8:f9:73:28:
                    7e:0b:6a:d1:95:d9:8a:f3:61:65:cc:f7:4a:b9:97:
                    87:ec:90:d6:80:a9:93:63:d6:6a:f5:ae:fc:35:b2:
                    b9:11:76:ea:90:ab:6a:38:4f:38:c1:df:5f:d2:25:
                    45:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:ED:F6:31:DE:D0:FD:FB:61:3C:70:E7:3C:A4:6E:EB:1D:EF:E5:5C
            X509v3 Authority Key Identifier:
                keyid:3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/7-32Md7Q_fthPHDnPKRu6x3v5Vw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.132.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:35:fe:8d:ea:94:32:26:1f:4a:55:67:48:c6:e2:8e:e8:2c:
         d6:6e:a6:51:75:17:2d:31:5f:f7:17:1e:7a:c8:dd:0a:dc:1e:
         62:97:3b:a7:02:29:4e:cc:51:0e:6c:48:54:87:c9:e1:7f:e7:
         66:19:ce:54:77:81:2b:e6:8d:46:ce:86:4b:5b:51:3a:8a:a6:
         7b:a1:65:36:eb:c0:7e:79:ec:12:4c:10:0f:78:4a:f5:71:99:
         3e:1b:f9:e9:ae:64:13:f5:70:a1:ae:f6:bc:f6:ad:76:2a:a3:
         3d:27:a8:0e:66:aa:0d:cb:6b:32:58:22:97:ae:18:9a:e5:db:
         d0:36:8f:21:e3:9c:52:e2:08:3e:8f:77:2c:37:06:f9:34:64:
         c4:b4:39:82:23:ed:39:5d:7e:a1:24:4d:8e:84:dd:d3:7a:73:
         f3:61:77:96:95:f2:a2:9e:88:78:c2:0c:2f:84:0a:03:cf:33:
         b7:4e:90:3a:9e:9e:69:1b:6b:a9:5b:1d:5d:62:ab:3c:49:6b:
         c8:3a:96:db:b0:72:7d:41:77:81:d8:ed:da:30:7d:13:55:a9:
         94:9f:e9:cd:78:12:16:c3:b0:45:08:04:af:7a:c4:cd:09:ce:
         7a:e5:ca:f9:2e:fa:2e:09:b7:f0:c7:10:44:8a:25:ba:56:ac:
         c7:7c:6c:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxxZB9WmjyUlbo6vFw4efVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDZjOWRmM2ZhOGY5M2Q5ZWYwZWQwNGIxY2EwNDM1ZGI4
YmM2NTAwHhcNMjYwMjE4MTUzNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmVkZjYzMWRlZDBmZGZiNjEzYzcwZTczY2E0NmVlYjFkZWZlNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs37o2FcsLAXIh+W2V0oUKw198gIR
QUFVbaBdQEIoNyX5cEe8pQw/S51CLoiABohknX0qxGSHHXc/CW/wUNqa72x+eFfe
TiVXO8wbcr8HSSw0laQh5IZ8O4NAcV8nbVFS3AuPLA0MsQl2HTlGhYCBjH5AxOxB
k4kxHW3J9XXW1/ABTBuy7+w+xtt4EImTmiDMGXUjB++b+2SF0mfvq/N85bp9be+E
TB7CEH+5yZdaP53k7Dxid/vMiOvnWw+7epd4LRSuCFeii5rMXmoBStj5cyh+C2rR
ldmK82FlzPdKuZeH7JDWgKmTY9Zq9a78NbK5EXbqkKtqOE84wd9f0iVF1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/t9jHe0P37YTxw5zykbusd7+VcMB8GA1UdIwQY
MBaAFD8Gyd8/qPk9nvDtBLHKBDXbi8ZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2Ut
MzM4YWEwY2Y5OGUyLzEvNy0zMk1kN1FfZnRoUEhEblBLUnU2eDN2NVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2UtMzM4YWEwY2Y5OGUy
LzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYRUMA0G
CSqGSIb3DQEBCwUAA4IBAQABNf6N6pQyJh9KVWdIxuKO6CzWbqZRdRctMV/3Fx56
yN0K3B5ilzunAilOzFEObEhUh8nhf+dmGc5Ud4Er5o1GzoZLW1E6iqZ7oWU268B+
eewSTBAPeEr1cZk+G/nprmQT9XChrva89q12KqM9J6gOZqoNy2syWCKXrhia5dvQ
No8h45xS4gg+j3csNwb5NGTEtDmCI+05XX6hJE2OhN3TenPzYXeWlfKinoh4wgwv
hAoDzzO3TpA6np5pG2upWx1dYqs8SWvIOpbbsHJ9QXeB2O3aMH0TVamUn+nNeBIW
w7BFCASvesTNCc565cr5LvouCbfwxxBEiiW6VqzHfGyU
-----END CERTIFICATE-----