Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/4JzgTC3OZ5HTTYA8TSczNgMRI0s.roa
File:                     4JzgTC3OZ5HTTYA8TSczNgMRI0s.roa (raw, json)
Hash identifier:          LWb+fXIwTwBhm7xD6ldZwihz5ry1lRkdiTdGQ1rkqro=
Subject key identifier:   E0:9C:E0:4C:2D:CE:67:91:D3:4D:80:3C:4D:27:33:36:03:11:23:4B
Certificate issuer:       /CN=178c8f20c939aaa9c80cce6a0d1567183ca1c599
Certificate serial:       018CC801A7F4A71F3C7A0330AA8377EE2BD7
Authority key identifier: 17:8C:8F:20:C9:39:AA:A9:C8:0C:CE:6A:0D:15:67:18:3C:A1:C5:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F4yPIMk5qqnIDM5qDRVnGDyhxZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/4JzgTC3OZ5HTTYA8TSczNgMRI0s.roa
Signing time:             Tue 02 Jan 2024 02:30:00 +0000
ROA not before:           Tue 02 Jan 2024 02:30:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1273
IP address blocks:        91.199.74.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/F4yPIMk5qqnIDM5qDRVnGDyhxZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/F4yPIMk5qqnIDM5qDRVnGDyhxZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F4yPIMk5qqnIDM5qDRVnGDyhxZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:a7:f4:a7:1f:3c:7a:03:30:aa:83:77:ee:2b:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=178c8f20c939aaa9c80cce6a0d1567183ca1c599
        Validity
            Not Before: Jan  2 02:30:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e09ce04c2dce6791d34d803c4d2733360311234b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5a:7a:3c:95:66:5c:ea:a6:96:bd:9e:72:16:
                    ff:b4:15:83:70:59:47:2b:04:2f:8d:d8:bb:c6:5d:
                    52:43:cb:18:27:29:d2:83:45:2e:a0:32:94:9a:ec:
                    0a:65:b2:cd:ac:c0:cb:1c:19:1f:34:42:80:cf:63:
                    cc:a8:0c:64:02:89:f8:a3:b7:62:37:27:f6:bc:7e:
                    37:9f:87:17:1a:3e:86:9f:28:bc:20:30:f1:6e:87:
                    c1:02:8a:af:f8:b7:84:f1:f5:1a:11:49:81:29:7b:
                    fc:db:d1:be:79:db:34:46:1a:3f:28:8c:65:08:c3:
                    dc:c5:d1:39:8c:51:25:d7:63:51:2d:a1:39:7b:ae:
                    53:66:15:d8:81:f0:bf:e6:7e:73:10:c9:d7:72:a0:
                    dd:8a:b7:e5:a2:82:c1:86:47:48:96:e4:75:be:78:
                    ba:45:e7:3f:fc:5c:ea:e4:4d:b8:41:8c:86:42:85:
                    94:6f:c4:83:15:78:b0:f9:e2:f6:de:89:84:ed:41:
                    08:cc:68:fa:18:ba:bd:e0:3e:1f:85:7d:12:c2:7e:
                    96:e1:e6:2e:c8:70:06:5f:19:d8:8c:c8:ac:5b:f3:
                    b0:70:04:14:2a:42:53:f0:87:6f:7f:c2:39:fa:ba:
                    0a:70:52:51:34:71:27:df:83:ab:d0:0f:97:92:8b:
                    65:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:9C:E0:4C:2D:CE:67:91:D3:4D:80:3C:4D:27:33:36:03:11:23:4B
            X509v3 Authority Key Identifier:
                keyid:17:8C:8F:20:C9:39:AA:A9:C8:0C:CE:6A:0D:15:67:18:3C:A1:C5:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F4yPIMk5qqnIDM5qDRVnGDyhxZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/4JzgTC3OZ5HTTYA8TSczNgMRI0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/F4yPIMk5qqnIDM5qDRVnGDyhxZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:19:08:e9:2c:89:ba:9a:bb:56:d5:00:a6:8f:b2:a1:83:c0:
         d6:bf:61:3c:9b:17:9c:21:c3:47:ce:c9:ab:33:48:66:25:a5:
         3b:11:dd:01:99:48:5a:f8:f0:e6:20:99:27:3e:87:0e:ed:fa:
         00:3c:25:b8:26:10:ed:e1:cf:88:b7:b9:dd:bb:32:0c:cd:e1:
         05:32:08:d0:17:3e:75:7a:07:94:5c:b2:05:e1:60:a6:d5:15:
         2b:31:00:3d:98:21:f5:0a:47:03:17:fd:56:cb:a6:7f:52:da:
         9c:5d:64:a9:45:fc:53:a6:39:85:28:8e:57:0c:76:66:98:fe:
         a0:0b:57:ba:8b:95:f0:cf:1b:2d:0e:e0:0d:81:8e:6b:00:2b:
         95:98:22:b0:5b:eb:e4:b8:d0:fa:74:0f:14:49:29:34:ca:45:
         35:ca:b6:23:6d:66:68:78:7b:14:96:c6:bf:e4:25:dc:c5:37:
         17:27:ba:f1:f0:c2:9e:63:12:58:9a:8d:36:00:6e:f3:ae:73:
         db:cd:45:da:64:eb:3d:2b:ee:0a:76:cf:cb:99:af:90:d1:6c:
         99:aa:9f:37:80:8a:f0:68:df:15:4e:03:87:2d:c9:8e:61:cb:
         5d:54:17:eb:5e:82:c6:b5:0c:43:ba:0d:05:da:44:45:4e:c3:
         b7:2f:8a:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAaf0px88egMwqoN37ivXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OGM4ZjIwYzkzOWFhYTljODBjY2U2YTBkMTU2NzE4M2Nh
MWM1OTkwHhcNMjQwMTAyMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDljZTA0YzJkY2U2NzkxZDM0ZDgwM2M0ZDI3MzMzNjAzMTEyMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVp6PJVmXOqmlr2echb/tBWDcFlH
KwQvjdi7xl1SQ8sYJynSg0UuoDKUmuwKZbLNrMDLHBkfNEKAz2PMqAxkAon4o7di
Nyf2vH43n4cXGj6Gnyi8IDDxbofBAoqv+LeE8fUaEUmBKXv829G+eds0Rho/KIxl
CMPcxdE5jFEl12NRLaE5e65TZhXYgfC/5n5zEMnXcqDdirflooLBhkdIluR1vni6
Rec//Fzq5E24QYyGQoWUb8SDFXiw+eL23omE7UEIzGj6GLq94D4fhX0Swn6W4eYu
yHAGXxnYjMisW/OwcAQUKkJT8Idvf8I5+roKcFJRNHEn34Or0A+XkotlXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCc4EwtzmeR002APE0nMzYDESNLMB8GA1UdIwQY
MBaAFBeMjyDJOaqpyAzOag0VZxg8ocWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjR5UElNazVxcW5JRE01cURSVm5HRHloeFprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy83ZWRkOWEtZmI3Mi00M2Q3LWIyNTIt
NGNkMTFlOGI3NDk3LzEvNEp6Z1RDM09aNUhUVFlBOFRTY3pOZ01SSTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy83ZWRkOWEtZmI3Mi00M2Q3LWIyNTItNGNkMTFlOGI3NDk3
LzEvRjR5UElNazVxcW5JRE01cURSVm5HRHloeFprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dKMA0G
CSqGSIb3DQEBCwUAA4IBAQA3GQjpLIm6mrtW1QCmj7Khg8DWv2E8mxecIcNHzsmr
M0hmJaU7Ed0BmUha+PDmIJknPocO7foAPCW4JhDt4c+It7nduzIMzeEFMgjQFz51
egeUXLIF4WCm1RUrMQA9mCH1CkcDF/1Wy6Z/UtqcXWSpRfxTpjmFKI5XDHZmmP6g
C1e6i5XwzxstDuANgY5rACuVmCKwW+vkuND6dA8USSk0ykU1yrYjbWZoeHsUlsa/
5CXcxTcXJ7rx8MKeYxJYmo02AG7zrnPbzUXaZOs9K+4Kds/Lma+Q0WyZqp83gIrw
aN8VTgOHLcmOYctdVBfrXoLGtQxDug0F2kRFTsO3L4o7
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:06:40 2024 by rpki-client on console-fra.rpki-client.org