Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/0SRirIwsKE3ftAKD4a35MRr_dPA.roa
File:                     0SRirIwsKE3ftAKD4a35MRr_dPA.roa (raw, json)
Hash identifier:          veCz5+5lA2DIQJsKzs5T1knDyARu7fejsnmOMdvjZwY=
Subject key identifier:   D1:24:62:AC:8C:2C:28:4D:DF:B4:02:83:E1:AD:F9:31:1A:FF:74:F0
Certificate issuer:       /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial:       019C5CEBA5BE4B5EC94FF366D5FAD054526E
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/0SRirIwsKE3ftAKD4a35MRr_dPA.roa
Signing time:             Sat 14 Feb 2026 16:11:13 +0000
ROA not before:           Sat 14 Feb 2026 16:11:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     7018
IP address blocks:        92.61.103.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 12:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:5c:eb:a5:be:4b:5e:c9:4f:f3:66:d5:fa:d0:54:52:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
        Validity
            Not Before: Feb 14 16:11:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d12462ac8c2c284ddfb40283e1adf9311aff74f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:81:c8:47:7e:b9:74:09:da:b7:8d:9a:f6:6f:
                    1a:ec:7c:2d:bb:ff:18:bc:8c:7e:c2:04:48:0e:d7:
                    c0:8a:dc:11:34:51:d1:59:c8:fd:26:e9:3f:f5:63:
                    e4:73:0a:fd:88:02:ca:48:92:f4:6a:7f:c6:f6:7c:
                    54:d0:bc:18:ff:99:6c:cd:25:47:7d:7b:fb:8a:6c:
                    bd:a8:5e:63:24:74:22:27:08:ae:96:bf:82:12:48:
                    28:bd:ed:ee:d8:62:ed:c7:dc:a9:8f:75:97:87:0b:
                    ef:ec:63:e9:2c:65:fb:1a:93:cd:fb:5d:c3:de:a9:
                    2e:f9:dd:04:b9:b2:a6:99:fd:aa:b1:84:05:e9:6a:
                    72:d8:e4:04:15:5a:e1:56:2c:1e:7a:77:17:87:74:
                    00:12:8c:6b:bf:f9:4a:d3:c8:54:d1:d2:1f:08:1e:
                    6d:5c:ef:bf:78:12:ce:2a:e2:3f:6a:03:f6:ea:74:
                    ef:37:40:c8:b4:1f:ce:62:f6:bd:37:28:d9:cd:0c:
                    c0:ec:e8:f9:c0:cd:3d:f8:97:f8:6c:b8:f7:93:78:
                    00:57:7f:8c:21:ac:ca:e3:ac:31:28:18:1b:bb:b4:
                    99:63:77:3e:6d:5c:bb:1b:e5:50:27:2b:b0:a4:27:
                    ad:42:e4:2d:d8:21:c6:58:3b:f1:9b:16:ae:f5:fd:
                    f7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:24:62:AC:8C:2C:28:4D:DF:B4:02:83:E1:AD:F9:31:1A:FF:74:F0
            X509v3 Authority Key Identifier:
                keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/0SRirIwsKE3ftAKD4a35MRr_dPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.61.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:25:a2:35:3a:fd:95:10:54:1d:6b:9e:5b:cd:ac:0e:fc:32:
         ce:54:72:2d:a9:49:9b:0f:30:47:01:b2:d8:f1:40:81:ba:5d:
         57:14:ee:4b:82:e2:be:ed:e4:c4:74:db:cf:5d:c2:a6:ac:38:
         ca:33:ed:fa:0d:62:b2:ab:11:97:12:27:47:96:03:d3:f8:2d:
         35:06:19:d6:bf:2a:86:cd:15:e1:54:f8:37:32:72:7b:46:6b:
         f4:3a:09:52:da:1e:97:a9:09:95:f2:92:66:ad:59:8e:29:12:
         4b:3d:72:b6:ea:32:1a:ba:36:d8:10:22:cc:7f:ff:20:b0:88:
         5e:cf:39:a1:e7:ce:52:db:f4:0f:84:f5:76:df:08:aa:b3:a6:
         fb:3c:a2:97:dc:16:93:42:ed:c5:ea:7f:de:03:2e:ad:41:d9:
         2c:90:88:57:51:6c:36:8a:85:5b:9c:56:30:eb:4f:48:a8:75:
         ed:b0:b2:66:b0:5c:b0:2e:f8:9d:dd:76:3f:5d:06:7e:de:6e:
         a4:ea:19:d2:1a:58:90:15:cc:d5:aa:b6:87:b0:61:3b:88:27:
         44:99:7b:ca:97:06:1d:ab:ff:fd:e3:39:b6:33:60:eb:ae:73:
         6a:f3:06:3a:e0:16:03:f9:28:2b:43:07:14:1b:49:44:0a:be:
         5d:bd:1d:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxc66W+S17JT/Nm1frQVFJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwMjE0MTYxMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTI0NjJhYzhjMmMyODRkZGZiNDAyODNlMWFkZjkzMTFhZmY3NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4HIR365dAnat42a9m8a7Hwtu/8Y
vIx+wgRIDtfAitwRNFHRWcj9Juk/9WPkcwr9iALKSJL0an/G9nxU0LwY/5lszSVH
fXv7imy9qF5jJHQiJwiulr+CEkgove3u2GLtx9ypj3WXhwvv7GPpLGX7GpPN+13D
3qku+d0EubKmmf2qsYQF6Wpy2OQEFVrhViweencXh3QAEoxrv/lK08hU0dIfCB5t
XO+/eBLOKuI/agP26nTvN0DItB/OYva9NyjZzQzA7Oj5wM09+Jf4bLj3k3gAV3+M
IazK46wxKBgbu7SZY3c+bVy7G+VQJyuwpCetQuQt2CHGWDvxmxau9f33swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEkYqyMLChN37QCg+Gt+TEa/3TwMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvMFNSaXJJd3NLRTNmdEFLRDRhMzVNUnJfZFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD1nMA0G
CSqGSIb3DQEBCwUAA4IBAQAwJaI1Ov2VEFQda55bzawO/DLOVHItqUmbDzBHAbLY
8UCBul1XFO5LguK+7eTEdNvPXcKmrDjKM+36DWKyqxGXEidHlgPT+C01BhnWvyqG
zRXhVPg3MnJ7Rmv0OglS2h6XqQmV8pJmrVmOKRJLPXK26jIaujbYECLMf/8gsIhe
zzmh585S2/QPhPV23wiqs6b7PKKX3BaTQu3F6n/eAy6tQdkskIhXUWw2ioVbnFYw
609IqHXtsLJmsFywLvid3XY/XQZ+3m6k6hnSGliQFczVqraHsGE7iCdEmXvKlwYd
q//94zm2M2DrrnNq8wY64BYD+SgrQwcUG0lECr5dvR2v
-----END CERTIFICATE-----