Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34302e302f32342d3234203d3e2035303635.roa
File:                     3138352e3235302e34302e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier:          eNCzJzvkQZD3jcD9ovrxYY4NST6Lp1yCS+1FWuKURvI=
Subject key identifier:   E0:19:35:AF:57:11:36:BC:B1:2C:F9:85:ED:5A:3F:C7:F1:A0:E6:2E
Certificate issuer:       /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial:       7CE079AC6B68AB0268FAE479944C32F4F4F098C4
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34302e302f32342d3234203d3e2035303635.roa
Signing time:             Tue 10 Feb 2026 07:55:38 +0000
ROA not before:           Tue 10 Feb 2026 07:50:38 +0000
ROA not after:            Tue 09 Feb 2027 07:55:38 +0000
asID:                     5065
IP address blocks:        185.250.40.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 09:38:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:e0:79:ac:6b:68:ab:02:68:fa:e4:79:94:4c:32:f4:f4:f0:98:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
        Validity
            Not Before: Feb 10 07:50:38 2026 GMT
            Not After : Feb  9 07:55:38 2027 GMT
        Subject: CN=E01935AF571136BCB12CF985ED5A3FC7F1A0E62E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:9f:90:97:02:c2:e5:07:d2:ef:23:28:80:21:
                    ef:70:46:ad:20:4a:29:dc:2c:27:93:f4:39:3f:92:
                    5d:a5:b2:85:83:a5:14:16:a5:b3:aa:25:a5:6d:79:
                    13:16:c0:78:75:cd:77:b8:ed:89:e3:67:5d:99:a2:
                    69:29:3c:92:37:74:8b:93:28:2c:2c:22:4e:37:3a:
                    45:95:78:5c:33:03:2d:37:ea:c8:1c:6d:3d:cb:52:
                    a8:19:d4:6d:84:ac:8c:0d:9f:77:3f:0e:77:43:56:
                    1a:58:77:fd:dc:b3:f5:ec:86:db:57:a7:fa:2e:ba:
                    4b:4c:4e:8a:1a:a4:6a:5f:fd:cf:b6:16:d3:85:ee:
                    a8:78:8b:27:8c:88:09:0d:cd:a6:bf:c3:ed:c8:1d:
                    55:84:00:41:ee:97:b9:a9:d7:da:a8:30:16:14:b1:
                    e9:2f:47:c8:0a:ac:7e:07:19:f7:78:27:cc:c4:03:
                    65:a9:32:71:4b:3e:54:1f:7f:bf:16:bd:0a:31:93:
                    04:08:d7:29:de:6e:5b:45:ab:fa:16:81:70:cc:cd:
                    22:86:81:67:86:65:e9:8c:eb:de:bd:fa:a8:12:c2:
                    90:d1:8c:67:9f:1a:5a:12:d7:e9:0d:02:a4:2f:b5:
                    63:f5:4d:48:cd:69:df:f7:2f:36:d0:91:0b:4b:6c:
                    38:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:19:35:AF:57:11:36:BC:B1:2C:F9:85:ED:5A:3F:C7:F1:A0:E6:2E
            X509v3 Authority Key Identifier:
                keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34302e302f32342d3234203d3e2035303635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.250.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:b6:f7:39:2d:b6:14:83:d5:e7:8b:40:9c:bd:d2:1d:cd:74:
         eb:ac:5d:c2:d1:c1:d3:d4:94:83:d1:5b:01:94:b4:fb:02:ae:
         82:da:de:5d:c0:38:13:2e:5d:e0:fd:55:e6:34:20:56:d8:57:
         ed:9c:17:7e:2e:b7:91:fd:cc:4a:b2:08:c2:e7:bc:ba:32:c3:
         a1:c3:7c:b4:77:2b:1d:fa:6a:22:f4:a3:90:27:0f:6b:3d:11:
         e9:43:b0:13:86:ea:9b:72:d8:47:f1:ce:78:58:01:82:14:fa:
         7f:34:7d:d7:b5:2f:d1:b0:53:33:7d:05:5e:ff:3b:30:7b:ad:
         76:e4:44:0d:55:37:fb:93:3a:2b:fb:89:51:17:a1:e4:e8:72:
         39:b1:b1:d0:b1:5f:d0:55:06:70:d0:02:50:56:11:ac:c0:39:
         37:14:9f:b9:6d:1d:21:59:2b:d3:c3:08:ff:de:bb:6f:27:c8:
         23:e3:f4:41:89:f1:d3:a6:26:7b:0d:d5:41:89:65:83:37:2d:
         fe:f5:1b:0a:48:84:fc:35:3f:71:6e:31:00:39:4d:f5:65:0f:
         91:0c:2b:9c:44:af:10:df:2a:d8:35:ba:9c:de:89:88:ae:24:
         42:86:bc:f5:99:a1:fd:72:a1:5c:64:fc:31:32:4c:33:dc:12:
         81:76:71:d8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfOB5rGtoqwJo+uR5lEwy9PTwmMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNjAyMTAwNzUwMzhaFw0yNzAyMDkwNzU1MzhaMDMxMTAvBgNV
BAMTKEUwMTkzNUFGNTcxMTM2QkNCMTJDRjk4NUVENUEzRkM3RjFBMEU2MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNn5CXAsLlB9LvIyiAIe9wRq0g
SincLCeT9Dk/kl2lsoWDpRQWpbOqJaVteRMWwHh1zXe47YnjZ12ZomkpPJI3dIuT
KCwsIk43OkWVeFwzAy036sgcbT3LUqgZ1G2ErIwNn3c/DndDVhpYd/3cs/XshttX
p/ouuktMTooapGpf/c+2FtOF7qh4iyeMiAkNzaa/w+3IHVWEAEHul7mp19qoMBYU
sekvR8gKrH4HGfd4J8zEA2WpMnFLPlQff78WvQoxkwQI1ynebltFq/oWgXDMzSKG
gWeGZemM6969+qgSwpDRjGefGloS1+kNAqQvtWP1TUjNad/3LzbQkQtLbDgVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU4Bk1r1cRNryxLPmF7Vo/x/Gg5i4wHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzEzODM1MmUzMjM1MzAyZTM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMwMzYzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn6
KDANBgkqhkiG9w0BAQsFAAOCAQEAT7b3OS22FIPV54tAnL3SHc1066xdwtHB09SU
g9FbAZS0+wKugtreXcA4Ey5d4P1V5jQgVthX7ZwXfi63kf3MSrIIwue8ujLDocN8
tHcrHfpqIvSjkCcPaz0R6UOwE4bqm3LYR/HOeFgBghT6fzR917Uv0bBTM30FXv87
MHutduREDVU3+5M6K/uJUReh5OhyObGx0LFf0FUGcNACUFYRrMA5NxSfuW0dIVkr
08MI/967byfII+P0QYnx06Ymew3VQYllgzct/vUbCkiE/DU/cW4xADlN9WUPkQwr
nESvEN8q2DW6nN6JiK4kQoa89Zmh/XKhXGT8MTJMM9wSgXZx2A==
-----END CERTIFICATE-----