Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199129.roa
File:                     AS199129.roa (raw, json)
Hash identifier:          6Yoh6nKIQmN4oLzQhVz8FtKuKwv6wOlOdbnI095adoM=
Subject key identifier:   6A:81:3E:3E:C9:E1:76:AF:95:56:07:63:39:A9:A4:29:8C:FB:6E:64
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       0841EF9BE6A6F4D3E36E2A81F2A2DB1151565693
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199129.roa
Signing time:             Wed 15 Apr 2026 19:16:41 +0000
ROA not before:           Wed 15 Apr 2026 19:11:41 +0000
ROA not after:            Wed 14 Apr 2027 19:16:41 +0000
asID:                     199129
IP address blocks:        82.39.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:41:ef:9b:e6:a6:f4:d3:e3:6e:2a:81:f2:a2:db:11:51:56:56:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Apr 15 19:11:41 2026 GMT
            Not After : Apr 14 19:16:41 2027 GMT
        Subject: CN=6A813E3EC9E176AF9556076339A9A4298CFB6E64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4e:12:c5:31:c4:2e:3b:cc:9d:63:23:15:03:
                    47:ce:51:e9:69:03:e4:6c:29:21:bf:01:43:14:f0:
                    dd:6a:25:77:bc:2b:88:3f:83:84:20:88:a6:24:4a:
                    d0:2d:a1:6c:c2:b6:14:7c:c7:e4:8c:dc:b3:fc:fc:
                    f5:66:89:59:39:f6:d1:2f:ec:ba:1d:11:50:ba:8c:
                    07:ac:62:3c:85:79:48:0c:d2:39:62:e4:9c:ca:7d:
                    f7:e4:98:37:4b:51:4c:1c:a0:27:65:0f:40:13:3a:
                    61:38:52:75:85:fe:c3:47:d4:97:53:2c:52:96:b2:
                    a5:25:8b:7d:a8:97:29:6e:7d:d6:e1:2c:91:84:f2:
                    4c:6e:7d:2a:80:52:00:ab:bb:16:a6:aa:57:fd:94:
                    26:17:e9:14:00:53:23:e2:c3:9f:ec:93:ac:72:d8:
                    c3:06:37:74:39:b8:a2:f8:db:7e:84:0a:84:03:44:
                    b2:52:01:53:d9:1b:19:64:cd:53:ab:53:19:a4:e7:
                    ac:31:6c:20:c0:ac:bd:b3:b1:02:18:03:70:d9:ef:
                    55:1c:0e:79:93:46:02:b2:ed:46:e6:1c:05:68:34:
                    25:09:fa:aa:75:53:6f:a1:99:9e:96:65:24:c6:30:
                    b7:5a:3e:52:46:e8:97:9c:f2:ed:43:f7:4e:48:0a:
                    9b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:81:3E:3E:C9:E1:76:AF:95:56:07:63:39:A9:A4:29:8C:FB:6E:64
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199129.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.39.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:a4:82:7d:95:85:de:c5:03:90:19:2b:54:60:c1:77:1b:86:
         1e:3f:41:72:c7:03:6a:a5:f5:a4:99:64:8e:80:3c:d3:d4:c7:
         ff:5f:be:74:9b:82:52:22:d2:8f:0b:23:44:51:bc:68:fb:08:
         28:84:a7:11:45:2f:7c:e5:44:67:bb:8f:b6:1d:16:57:36:1c:
         c4:6b:81:06:5a:e9:2c:4c:7a:10:f0:48:2c:ef:4f:12:c4:ec:
         88:5d:a7:43:d4:10:d0:28:bc:16:9a:4c:f4:b9:bc:74:f8:4d:
         f6:b2:dc:0e:78:84:9b:9d:20:9c:bd:af:53:6c:de:26:a5:d1:
         96:e6:bd:e6:50:cf:08:40:a6:2f:71:b5:c7:b2:d7:d8:68:19:
         10:cc:f0:1c:0f:37:e3:16:65:6c:82:d3:9d:7d:d5:b1:29:c2:
         5a:eb:ff:db:86:ad:2a:d3:66:91:c1:82:16:23:aa:7b:36:c8:
         da:f6:f0:28:d5:09:c2:db:47:45:8c:fc:61:67:93:12:ba:dd:
         05:2f:01:66:90:e0:3d:1f:9d:a3:ab:ba:d9:66:dd:79:f7:80:
         c3:2e:3f:38:fc:9d:d1:df:49:26:3a:68:b7:c3:78:32:ca:dc:
         c1:e8:3b:25:f1:aa:db:0c:a9:b7:cd:1e:3d:be:29:8f:88:58:
         60:44:8c:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUCEHvm+am9NPjbiqB8qLbEVFWVpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTUxOTExNDFaFw0yNzA0MTQxOTE2NDFaMDMxMTAvBgNV
BAMTKDZBODEzRTNFQzlFMTc2QUY5NTU2MDc2MzM5QTlBNDI5OENGQjZFNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIThLFMcQuO8ydYyMVA0fOUelp
A+RsKSG/AUMU8N1qJXe8K4g/g4QgiKYkStAtoWzCthR8x+SM3LP8/PVmiVk59tEv
7LodEVC6jAesYjyFeUgM0jli5JzKfffkmDdLUUwcoCdlD0ATOmE4UnWF/sNH1JdT
LFKWsqUli32olylufdbhLJGE8kxufSqAUgCruxamqlf9lCYX6RQAUyPiw5/sk6xy
2MMGN3Q5uKL4236ECoQDRLJSAVPZGxlkzVOrUxmk56wxbCDArL2zsQIYA3DZ71Uc
DnmTRgKy7UbmHAVoNCUJ+qp1U2+hmZ6WZSTGMLdaPlJG6Jec8u1D905ICpszAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUaoE+Psnhdq+VVgdjOamkKYz7bmQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk5MTI5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUifN
MA0GCSqGSIb3DQEBCwUAA4IBAQCbpIJ9lYXexQOQGStUYMF3G4YeP0FyxwNqpfWk
mWSOgDzT1Mf/X750m4JSItKPCyNEUbxo+wgohKcRRS985URnu4+2HRZXNhzEa4EG
WuksTHoQ8Egs708SxOyIXadD1BDQKLwWmkz0ubx0+E32stwOeISbnSCcva9TbN4m
pdGW5r3mUM8IQKYvcbXHstfYaBkQzPAcDzfjFmVsgtOdfdWxKcJa6//bhq0q02aR
wYIWI6p7Nsja9vAo1QnC20dFjPxhZ5MSut0FLwFmkOA9H52jq7rZZt1594DDLj84
/J3R30kmOmi3w3gyytzB6Dsl8arbDKm3zR49vimPiFhgRIx5
-----END CERTIFICATE-----