Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/p1uSbL-UUVgMZUo_Jd2UtMfEjhg.roa
File:                     p1uSbL-UUVgMZUo_Jd2UtMfEjhg.roa (raw, json)
Hash identifier:          7ew9SV6essXaEgFcCj2o+LahCeQ3dZ5MSY5zyuMRzxM=
Subject key identifier:   A7:5B:92:6C:BF:94:51:58:0C:65:4A:3F:25:DD:94:B4:C7:C4:8E:18
Certificate issuer:       /CN=d93c0d08a6c62e77382e80417e872098004ca4ec
Certificate serial:       019C52F12F9CB45DB7194F2030E5C0CB809C
Authority key identifier: D9:3C:0D:08:A6:C6:2E:77:38:2E:80:41:7E:87:20:98:00:4C:A4:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/p1uSbL-UUVgMZUo_Jd2UtMfEjhg.roa
Signing time:             Thu 12 Feb 2026 17:41:03 +0000
ROA not before:           Thu 12 Feb 2026 17:41:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     196925
IP address blocks:        192.145.110.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:52:f1:2f:9c:b4:5d:b7:19:4f:20:30:e5:c0:cb:80:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93c0d08a6c62e77382e80417e872098004ca4ec
        Validity
            Not Before: Feb 12 17:41:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a75b926cbf9451580c654a3f25dd94b4c7c48e18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:df:b7:60:1c:e9:4b:8a:f9:be:18:43:7e:31:
                    2d:64:97:3b:d9:d7:c7:69:df:45:ab:56:5b:21:d2:
                    f5:18:75:77:26:2b:ed:d2:b9:14:ee:b1:cf:c1:c1:
                    18:78:a5:ee:40:84:70:5f:6a:b3:0a:77:63:46:51:
                    33:37:bd:ff:6d:c6:70:7d:d3:69:df:40:3a:93:9b:
                    e9:95:4e:15:21:4e:b1:94:35:d8:64:90:60:e9:23:
                    fd:47:d9:2c:d5:03:8f:9d:56:cb:45:21:e3:76:da:
                    29:b2:f5:a7:b1:2b:12:36:2d:c0:0d:72:95:8f:12:
                    99:74:5b:80:00:60:ae:43:9d:c7:2f:91:c2:b9:45:
                    47:5e:a4:28:10:f2:fb:70:6c:23:f8:94:d8:00:31:
                    77:fc:35:6f:cb:58:57:73:6d:4a:5c:6c:cb:45:43:
                    7f:5f:95:0a:07:89:92:af:02:54:0c:15:f4:f2:b9:
                    dc:a4:6b:10:fd:93:d3:87:e1:e7:70:7e:1b:e1:0e:
                    d4:6c:6d:7a:78:7c:cf:28:b5:93:1b:5b:f3:06:fa:
                    fc:bf:fe:55:77:07:1c:bd:26:cd:37:b4:a5:96:d4:
                    2f:b6:f3:46:a0:47:b7:36:e6:9b:6e:69:6e:82:dd:
                    76:5e:20:ff:ab:e0:eb:ae:68:32:19:0e:52:b6:38:
                    74:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:5B:92:6C:BF:94:51:58:0C:65:4A:3F:25:DD:94:B4:C7:C4:8E:18
            X509v3 Authority Key Identifier:
                keyid:D9:3C:0D:08:A6:C6:2E:77:38:2E:80:41:7E:87:20:98:00:4C:A4:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/p1uSbL-UUVgMZUo_Jd2UtMfEjhg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:6c:05:e6:97:1b:7d:c7:a8:a6:19:2e:71:9b:7b:30:c0:88:
         f4:76:9c:19:8b:12:62:87:18:f0:59:56:44:a9:c6:dd:fa:8d:
         75:22:43:50:8f:59:fd:93:3f:3a:4b:39:2c:3b:86:4a:73:21:
         92:b6:5d:87:74:83:4e:15:94:b6:d4:06:ed:19:fd:a0:15:de:
         db:46:40:cc:24:b7:ad:86:4b:e6:ba:2d:ea:2e:5f:1b:49:3a:
         e6:72:e8:49:72:e1:eb:bc:a5:3c:90:a7:9f:b2:fd:c4:33:42:
         62:fd:e8:6e:c3:03:27:93:9f:02:47:82:ea:79:c3:20:f1:e4:
         f5:40:2a:cc:4b:4e:67:8b:cc:00:c9:56:58:6c:06:8c:54:e3:
         36:5c:97:61:61:4a:77:79:4a:8f:dc:f0:8b:70:56:d7:6c:4f:
         95:7a:48:d8:a6:f9:5e:58:7a:6e:55:5b:83:59:43:88:bc:97:
         41:e7:b5:6e:6f:eb:3f:d2:02:3b:36:7c:7a:17:f2:50:55:ca:
         f6:d0:74:08:97:31:4f:dd:b8:bf:3d:39:32:34:8d:72:15:ff:
         62:98:1a:ad:52:d4:08:f0:8a:e9:b8:e6:20:2b:ba:ad:7f:c6:
         1e:8d:ff:57:82:c9:9f:54:5f:79:16:a9:01:bf:91:2e:cc:3a:
         be:ab:00:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxS8S+ctF23GU8gMOXAy4CcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2MwZDA4YTZjNjJlNzczODJlODA0MTdlODcyMDk4MDA0
Y2E0ZWMwHhcNMjYwMjEyMTc0MTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzViOTI2Y2JmOTQ1MTU4MGM2NTRhM2YyNWRkOTRiNGM3YzQ4ZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst+3YBzpS4r5vhhDfjEtZJc72dfH
ad9Fq1ZbIdL1GHV3Jivt0rkU7rHPwcEYeKXuQIRwX2qzCndjRlEzN73/bcZwfdNp
30A6k5vplU4VIU6xlDXYZJBg6SP9R9ks1QOPnVbLRSHjdtopsvWnsSsSNi3ADXKV
jxKZdFuAAGCuQ53HL5HCuUVHXqQoEPL7cGwj+JTYADF3/DVvy1hXc21KXGzLRUN/
X5UKB4mSrwJUDBX08rncpGsQ/ZPTh+HncH4b4Q7UbG16eHzPKLWTG1vzBvr8v/5V
dwccvSbNN7SlltQvtvNGoEe3Nuabbmlugt12XiD/q+DrrmgyGQ5Stjh0vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdbkmy/lFFYDGVKPyXdlLTHxI4YMB8GA1UdIwQY
MBaAFNk8DQimxi53OC6AQX6HIJgATKTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNzk4YjEtNGIyZC00YzFlLWJhMzct
OWU5MjYyNWNkYTk3LzEvcDF1U2JMLVVVVmdNWlVvX0pkMlV0TWZFamhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNzk4YjEtNGIyZC00YzFlLWJhMzctOWU5MjYyNWNkYTk3
LzEvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJFuMA0G
CSqGSIb3DQEBCwUAA4IBAQAhbAXmlxt9x6imGS5xm3swwIj0dpwZixJihxjwWVZE
qcbd+o11IkNQj1n9kz86SzksO4ZKcyGStl2HdINOFZS21AbtGf2gFd7bRkDMJLet
hkvmui3qLl8bSTrmcuhJcuHrvKU8kKefsv3EM0Ji/ehuwwMnk58CR4LqecMg8eT1
QCrMS05ni8wAyVZYbAaMVOM2XJdhYUp3eUqP3PCLcFbXbE+VekjYpvleWHpuVVuD
WUOIvJdB57Vub+s/0gI7Nnx6F/JQVcr20HQIlzFP3bi/PTkyNI1yFf9imBqtUtQI
8IrpuOYgK7qtf8Yejf9XgsmfVF95FqkBv5EuzDq+qwDb
-----END CERTIFICATE-----