Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/37372e38312e37392e302f32342d3234203d3e2036303739.roa
File:                     37372e38312e37392e302f32342d3234203d3e2036303739.roa (raw, json)
Hash identifier:          u0uKpeiU5ZpBWUsg2bqVMuJ+xilyXQyIO7XWxfYa1xw=
Subject key identifier:   F2:D9:A9:7E:C5:31:44:34:CA:1D:AD:9A:A6:4E:47:0A:51:79:3E:73
Certificate issuer:       /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial:       768414797ED10DEE27E782E65A17B46473236A4F
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/37372e38312e37392e302f32342d3234203d3e2036303739.roa
Signing time:             Fri 13 Feb 2026 02:59:17 +0000
ROA not before:           Fri 13 Feb 2026 02:54:17 +0000
ROA not after:            Fri 12 Feb 2027 02:59:17 +0000
asID:                     6079
IP address blocks:        77.81.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:84:14:79:7e:d1:0d:ee:27:e7:82:e6:5a:17:b4:64:73:23:6a:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
        Validity
            Not Before: Feb 13 02:54:17 2026 GMT
            Not After : Feb 12 02:59:17 2027 GMT
        Subject: CN=F2D9A97EC5314434CA1DAD9AA64E470A51793E73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:75:c4:f7:1a:4e:9e:64:c8:89:10:42:8b:2e:
                    33:77:14:cd:15:82:12:35:66:e4:f3:fb:cc:bf:2a:
                    e8:1f:ed:aa:dc:31:2c:57:b5:01:63:6d:b9:a4:f6:
                    68:65:9a:f5:ac:a4:e8:62:fa:f4:df:04:0c:d8:91:
                    c7:64:6f:6f:2f:d7:f3:bc:3b:ac:6a:82:2c:56:23:
                    59:28:7b:03:86:bd:eb:2a:c8:06:bf:be:4a:6f:85:
                    24:b3:74:5c:ee:37:e6:e5:6e:05:f4:e2:3a:fe:48:
                    58:0e:50:a8:3e:49:44:e4:4f:96:89:8e:8c:64:df:
                    44:4a:ce:37:d9:c6:26:5e:fa:29:ba:37:32:a8:61:
                    89:ba:e2:be:38:46:69:50:fd:63:4c:9f:19:f5:84:
                    eb:53:d8:d0:19:65:b6:45:78:22:92:27:4b:bc:a7:
                    b2:d1:9f:ab:56:0d:b6:d9:3e:c9:aa:3a:f8:e0:af:
                    08:e7:fe:7c:54:09:97:bf:c6:e1:05:fb:28:4a:4f:
                    b7:c2:67:04:b0:d4:57:e8:76:f2:58:58:5c:f5:8e:
                    b9:70:37:30:fc:27:68:70:5a:16:b9:c8:6b:73:69:
                    7f:2b:2c:db:ad:ef:f9:f3:00:0b:ad:50:0f:f5:b4:
                    52:ae:09:84:31:5c:69:7a:56:19:60:8c:8c:bb:87:
                    3a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:D9:A9:7E:C5:31:44:34:CA:1D:AD:9A:A6:4E:47:0A:51:79:3E:73
            X509v3 Authority Key Identifier:
                keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/37372e38312e37392e302f32342d3234203d3e2036303739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:19:f3:be:5f:ea:1e:fd:47:11:51:85:87:1d:e7:4b:25:cb:
         f5:db:fc:39:04:7b:54:63:f4:52:04:cd:20:27:2a:75:e6:61:
         c6:e6:d2:26:63:6c:5c:91:97:30:58:bf:78:1b:8c:c1:ab:20:
         99:e5:49:8d:94:2f:97:f9:c3:40:d2:9f:4d:37:c7:2f:09:cd:
         0f:24:a9:24:12:95:21:6e:b5:2d:ea:f0:8f:a4:b1:57:6e:e4:
         a4:3a:58:2e:0d:86:51:02:9a:92:ff:7a:8d:dc:61:a8:14:6e:
         40:d8:fd:1e:b5:93:fb:50:37:91:7d:82:fc:3c:c8:32:2b:26:
         a5:90:63:23:f5:e3:58:b9:2b:2e:e7:5a:26:5a:a4:21:18:22:
         4a:bb:4c:66:15:9b:8e:f7:7f:91:92:93:89:a5:28:60:05:fe:
         6a:17:60:2c:61:b8:e4:2d:2d:85:f7:74:09:ab:9b:32:24:ef:
         29:83:0f:f1:2e:c8:a0:26:71:9a:df:5e:1f:04:d9:92:f8:e7:
         1e:d1:4d:2a:8e:0f:91:83:ef:85:52:27:df:10:59:f0:23:65:
         a8:f1:6e:f6:98:b1:f1:aa:a4:5d:20:72:43:4d:15:96:fa:e7:
         4a:7a:3e:4b:3c:fa:6e:ae:37:24:cf:5a:fa:88:20:d4:a3:36:
         3c:cb:fc:49
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUdoQUeX7RDe4n54LmWhe0ZHMjak8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNjAyMTMwMjU0MTdaFw0yNzAyMTIwMjU5MTdaMDMxMTAvBgNV
BAMTKEYyRDlBOTdFQzUzMTQ0MzRDQTFEQUQ5QUE2NEU0NzBBNTE3OTNFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPdcT3Gk6eZMiJEEKLLjN3FM0V
ghI1ZuTz+8y/Kugf7arcMSxXtQFjbbmk9mhlmvWspOhi+vTfBAzYkcdkb28v1/O8
O6xqgixWI1koewOGvesqyAa/vkpvhSSzdFzuN+blbgX04jr+SFgOUKg+SUTkT5aJ
joxk30RKzjfZxiZe+im6NzKoYYm64r44RmlQ/WNMnxn1hOtT2NAZZbZFeCKSJ0u8
p7LRn6tWDbbZPsmqOvjgrwjn/nxUCZe/xuEF+yhKT7fCZwSw1FfodvJYWFz1jrlw
NzD8J2hwWha5yGtzaX8rLNut7/nzAAutUA/1tFKuCYQxXGl6VhlgjIy7hzqHAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU8tmpfsUxRDTKHa2apk5HClF5PnMwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzczNzJlMzgzMTJlMzczOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNzM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFPMA0G
CSqGSIb3DQEBCwUAA4IBAQBsGfO+X+oe/UcRUYWHHedLJcv12/w5BHtUY/RSBM0g
Jyp15mHG5tImY2xckZcwWL94G4zBqyCZ5UmNlC+X+cNA0p9NN8cvCc0PJKkkEpUh
brUt6vCPpLFXbuSkOlguDYZRApqS/3qN3GGoFG5A2P0etZP7UDeRfYL8PMgyKyal
kGMj9eNYuSsu51omWqQhGCJKu0xmFZuO93+RkpOJpShgBf5qF2AsYbjkLS2F93QJ
q5syJO8pgw/xLsigJnGa314fBNmS+Oce0U0qjg+Rg++FUiffEFnwI2Wo8W72mLHx
qqRdIHJDTRWW+udKej5LPPpurjckz1r6iCDUozY8y/xJ
-----END CERTIFICATE-----