Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS26739.roa
File:                     AS26739.roa (raw, json)
Hash identifier:          76Xez7puIyKw6maKBPHyJKSunsuCzGatIIpVkQ55EYU=
Subject key identifier:   44:49:E7:29:09:AA:CD:81:DF:A4:81:14:E3:3E:62:39:24:93:B6:F4
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       3576B42B9DCD8F22E259083EB584DA50B0185F8E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS26739.roa
Signing time:             Fri 12 Jun 2026 13:26:40 +0000
ROA not before:           Fri 12 Jun 2026 13:21:40 +0000
ROA not after:            Fri 11 Jun 2027 13:26:40 +0000
asID:                     26739
IP address blocks:        82.47.150.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 15:07:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:76:b4:2b:9d:cd:8f:22:e2:59:08:3e:b5:84:da:50:b0:18:5f:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 12 13:21:40 2026 GMT
            Not After : Jun 11 13:26:40 2027 GMT
        Subject: CN=4449E72909AACD81DFA48114E33E62392493B6F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ed:10:53:75:4f:4e:01:f8:8a:fc:78:d0:a0:
                    82:4d:86:10:6e:f7:77:3d:93:37:8d:94:1d:6b:61:
                    cb:f8:cb:2f:ea:24:30:8c:8e:a2:e8:06:12:cd:29:
                    c2:93:c0:7d:cd:84:4b:2c:20:b9:cb:fd:e9:f7:62:
                    87:17:1d:13:09:5f:d4:0d:2b:ca:d4:22:57:db:58:
                    81:8b:1a:10:6e:fa:58:74:4c:0e:dc:66:c2:f7:d3:
                    a2:e4:75:91:47:60:25:d5:e2:d0:31:17:05:b7:b4:
                    20:ac:d8:5f:b4:33:ce:a2:f9:2c:00:10:91:f1:21:
                    8a:4b:3b:98:54:1d:93:07:77:96:40:21:7d:c6:51:
                    41:0b:5e:2a:c8:52:40:86:f0:fb:bf:60:4b:36:a4:
                    4f:e7:19:1e:7e:3e:76:fd:c0:54:1c:91:fb:e6:4a:
                    93:33:95:5f:c5:f9:7e:a2:24:51:2e:be:94:34:f8:
                    26:d9:06:f5:bc:2b:38:da:9c:7e:5e:45:ca:a4:09:
                    77:be:1c:51:87:c4:d1:4c:b7:e4:e6:ca:a8:74:fb:
                    4c:14:c1:a8:86:80:38:36:0a:dc:f8:19:b5:6a:b4:
                    70:b2:41:d4:8f:e0:c2:da:b1:3d:e4:dd:72:11:1a:
                    03:75:cd:e5:6c:cb:4d:45:fa:ae:08:5f:e9:3a:23:
                    63:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:49:E7:29:09:AA:CD:81:DF:A4:81:14:E3:3E:62:39:24:93:B6:F4
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS26739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.47.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:89:45:98:da:90:81:71:39:b2:09:e7:e4:45:b5:95:93:9a:
         87:d8:91:54:35:99:2d:79:f4:f3:fd:c2:12:0e:ac:54:43:7c:
         0a:54:e1:8f:75:7d:9f:e7:bc:4c:0e:ee:f3:16:51:7e:44:ae:
         f2:a3:5c:6b:a2:d7:55:7b:f5:2f:39:54:5a:06:61:0b:81:1a:
         ac:a3:a0:1a:98:8e:5d:cd:80:a0:62:12:a1:bf:9f:dc:a3:b3:
         57:a0:5d:5d:43:51:59:e3:24:fb:bf:18:9b:36:02:ed:c0:88:
         e5:ec:16:e5:e0:c4:16:97:ab:a1:c6:75:48:d8:b4:05:d3:e3:
         3d:af:81:ec:a0:7e:23:0e:1f:cc:0a:43:5e:df:86:0e:53:c2:
         95:95:7b:6e:90:d4:5d:dc:4a:d3:54:8f:ef:21:3f:29:7a:64:
         cc:23:05:e4:87:fe:aa:1f:18:9d:91:67:8d:4a:56:b8:29:74:
         43:ab:a7:1f:0c:03:62:93:b4:aa:aa:91:e9:d0:d9:1e:1e:08:
         56:c9:7e:40:74:60:74:d0:20:da:43:8d:95:15:15:c6:8f:14:
         09:b2:6d:f6:e5:51:fa:c7:19:92:81:bf:9c:88:00:e8:62:01:
         c1:d8:da:70:38:d1:a0:ef:b6:d8:74:08:e9:a6:c6:f4:14:ac:
         09:74:66:77
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUNXa0K53NjyLiWQg+tYTaULAYX44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MTIxMzIxNDBaFw0yNzA2MTExMzI2NDBaMDMxMTAvBgNV
BAMTKDQ0NDlFNzI5MDlBQUNEODFERkE0ODExNEUzM0U2MjM5MjQ5M0I2RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx7RBTdU9OAfiK/HjQoIJNhhBu
93c9kzeNlB1rYcv4yy/qJDCMjqLoBhLNKcKTwH3NhEssILnL/en3YocXHRMJX9QN
K8rUIlfbWIGLGhBu+lh0TA7cZsL306LkdZFHYCXV4tAxFwW3tCCs2F+0M86i+SwA
EJHxIYpLO5hUHZMHd5ZAIX3GUUELXirIUkCG8Pu/YEs2pE/nGR5+Pnb9wFQckfvm
SpMzlV/F+X6iJFEuvpQ0+CbZBvW8KzjanH5eRcqkCXe+HFGHxNFMt+Tmyqh0+0wU
waiGgDg2Ctz4GbVqtHCyQdSP4MLasT3k3XIRGgN1zeVsy01F+q4IX+k6I2MHAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUREnnKQmqzYHfpIEU4z5iOSSTtvQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjY3Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSL5Yw
DQYJKoZIhvcNAQELBQADggEBAHaJRZjakIFxObIJ5+RFtZWTmofYkVQ1mS159PP9
whIOrFRDfApU4Y91fZ/nvEwO7vMWUX5ErvKjXGui11V79S85VFoGYQuBGqyjoBqY
jl3NgKBiEqG/n9yjs1egXV1DUVnjJPu/GJs2Au3AiOXsFuXgxBaXq6HGdUjYtAXT
4z2vgeygfiMOH8wKQ17fhg5TwpWVe26Q1F3cStNUj+8hPyl6ZMwjBeSH/qofGJ2R
Z41KVrgpdEOrpx8MA2KTtKqqkenQ2R4eCFbJfkB0YHTQINpDjZUVFcaPFAmybfbl
UfrHGZKBv5yIAOhiAcHY2nA40aDvtth0COmmxvQUrAl0Znc=
-----END CERTIFICATE-----