Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS26769.roa
File:                     AS26769.roa (raw, json)
Hash identifier:          pXMFF6IeOttIL2p6zB3Lix4Fe1mtIYT+uK1dS4vvQN8=
Subject key identifier:   D0:71:72:01:F0:EA:D8:2B:BE:C7:08:82:D6:78:8E:A7:4B:5F:67:40
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       4504052D943A650CE157EE9B97B9D73CE01E496E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS26769.roa
Signing time:             Sat 28 Feb 2026 09:09:02 +0000
ROA not before:           Sat 28 Feb 2026 09:04:02 +0000
ROA not after:            Sat 27 Feb 2027 09:09:02 +0000
asID:                     26769
IP address blocks:        140.150.225.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:04:05:2d:94:3a:65:0c:e1:57:ee:9b:97:b9:d7:3c:e0:1e:49:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb 28 09:04:02 2026 GMT
            Not After : Feb 27 09:09:02 2027 GMT
        Subject: CN=D0717201F0EAD82BBEC70882D6788EA74B5F6740
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ad:e3:65:f4:01:a0:3a:a4:5d:7b:99:63:e7:
                    d0:e6:83:52:77:34:4e:ce:62:df:60:cd:1c:ad:f6:
                    d0:a1:8e:19:cc:31:26:62:13:fd:eb:4e:45:5d:2e:
                    80:75:5a:91:ba:9a:35:ea:f4:4e:ed:13:9f:0f:6a:
                    c6:d4:e3:5c:91:56:a5:3c:36:01:e1:f0:44:95:02:
                    dd:63:fe:fd:7f:b5:ce:c4:81:0b:00:a1:e7:2a:6c:
                    27:e7:8c:36:47:75:2b:9f:b2:ed:08:99:7f:2e:e8:
                    cc:42:4a:18:04:e3:af:65:35:32:95:68:1f:88:79:
                    5d:48:a4:f7:3e:87:be:48:84:28:c2:e6:8e:cc:41:
                    ee:71:8b:c1:15:58:de:d5:4d:00:6e:94:03:27:65:
                    96:23:28:2e:d7:78:d9:2f:1d:54:1b:e6:f3:f7:f1:
                    0f:3a:43:b8:15:0b:9f:cb:dd:44:7d:02:67:63:39:
                    8c:55:f2:d2:ec:bf:c6:fa:34:4a:e2:a8:80:41:33:
                    1f:4f:5f:43:77:79:86:6b:23:8c:40:7f:98:39:93:
                    d2:51:1b:69:7e:68:10:b4:0e:2e:ba:4a:0f:ad:9d:
                    f6:53:40:03:de:99:1d:ef:eb:d8:1e:01:1b:5e:96:
                    f7:d7:bc:85:dc:98:f5:20:97:b9:a8:34:78:81:53:
                    d3:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:71:72:01:F0:EA:D8:2B:BE:C7:08:82:D6:78:8E:A7:4B:5F:67:40
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS26769.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:2a:92:34:8a:0d:00:b6:82:e6:cb:0c:2a:dd:b1:df:9b:e7:
         a0:ca:93:0b:03:af:13:67:32:b2:99:d3:8c:fd:81:73:6c:6a:
         78:cd:05:bb:4e:8c:e4:d9:d3:72:b4:0d:57:00:eb:c4:9e:40:
         95:d3:fa:22:0a:25:46:9f:99:2c:94:c4:48:64:e7:dd:8a:76:
         e8:38:91:0e:35:bb:b3:23:e3:09:9f:e4:40:08:98:1f:73:4c:
         b6:b6:e0:d5:1a:3f:37:28:4e:52:ed:6e:29:5e:b7:43:a3:7b:
         63:05:02:a5:9b:cd:98:43:94:ab:6b:db:4f:94:c6:f7:59:cd:
         d5:49:f8:09:1e:90:ca:16:33:46:44:a5:54:3d:c8:c7:12:4b:
         2d:30:0d:0b:6f:a4:35:ac:78:19:43:3e:23:5a:49:51:82:b7:
         39:81:c6:2d:15:93:96:b2:a2:f4:3b:15:d2:c1:d6:92:f7:87:
         22:be:7e:ac:cc:a4:17:58:c9:cc:50:72:23:45:ed:4c:cd:fe:
         c3:12:66:60:6a:b6:47:d1:05:96:c0:c7:4a:d5:8d:01:8e:e1:
         e7:59:4a:d2:33:f8:df:e2:51:8d:32:9f:3d:28:6e:71:88:8d:
         2d:d8:df:c9:92:55:e5:b5:33:df:94:eb:8d:42:45:ac:01:ed:
         91:ac:1e:8f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIURQQFLZQ6ZQzhV+6bl7nXPOAeSW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMjgwOTA0MDJaFw0yNzAyMjcwOTA5MDJaMDMxMTAvBgNV
BAMTKEQwNzE3MjAxRjBFQUQ4MkJCRUM3MDg4MkQ2Nzg4RUE3NEI1RjY3NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtreNl9AGgOqRde5lj59Dmg1J3
NE7OYt9gzRyt9tChjhnMMSZiE/3rTkVdLoB1WpG6mjXq9E7tE58PasbU41yRVqU8
NgHh8ESVAt1j/v1/tc7EgQsAoecqbCfnjDZHdSufsu0ImX8u6MxCShgE469lNTKV
aB+IeV1IpPc+h75IhCjC5o7MQe5xi8EVWN7VTQBulAMnZZYjKC7XeNkvHVQb5vP3
8Q86Q7gVC5/L3UR9AmdjOYxV8tLsv8b6NEriqIBBMx9PX0N3eYZrI4xAf5g5k9JR
G2l+aBC0Di66Sg+tnfZTQAPemR3v69geARtelvfXvIXcmPUgl7moNHiBU9ORAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU0HFyAfDq2Cu+xwiC1niOp0tfZ0AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjY3Njkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACMluEw
DQYJKoZIhvcNAQELBQADggEBAKMqkjSKDQC2gubLDCrdsd+b56DKkwsDrxNnMrKZ
04z9gXNsanjNBbtOjOTZ03K0DVcA68SeQJXT+iIKJUafmSyUxEhk592Kdug4kQ41
u7Mj4wmf5EAImB9zTLa24NUaPzcoTlLtbilet0Oje2MFAqWbzZhDlKtr20+UxvdZ
zdVJ+AkekMoWM0ZEpVQ9yMcSSy0wDQtvpDWseBlDPiNaSVGCtzmBxi0Vk5ayovQ7
FdLB1pL3hyK+fqzMpBdYycxQciNF7UzN/sMSZmBqtkfRBZbAx0rVjQGO4edZStIz
+N/iUY0ynz0obnGIjS3Y38mSVeW1M9+U641CRawB7ZGsHo8=
-----END CERTIFICATE-----