Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/w6DeLFJdEk1mZKidt4FQMQDxlTI.roa
File:                     w6DeLFJdEk1mZKidt4FQMQDxlTI.roa (raw, json)
Hash identifier:          k009oTB069ImDw02164BGVARnKaYelZo+nyAt+vgSgU=
Subject key identifier:   C3:A0:DE:2C:52:5D:12:4D:66:64:A8:9D:B7:81:50:31:00:F1:95:32
Certificate issuer:       /CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Certificate serial:       018CC348A3203B6ACE7662536618D83D043A
Authority key identifier: 68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/w6DeLFJdEk1mZKidt4FQMQDxlTI.roa
Signing time:             Mon 01 Jan 2024 04:29:26 +0000
ROA not before:           Mon 01 Jan 2024 04:29:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48038
IP address blocks:        185.170.88.0/24 maxlen: 24
                          185.170.90.0/24 maxlen: 24
                          193.8.190.0/23 maxlen: 23
                          193.8.190.0/24 maxlen: 24
                          193.8.191.0/24 maxlen: 24
                          194.11.166.0/24 maxlen: 24
                          194.11.164.0/24 maxlen: 24
                          193.134.94.0/24 maxlen: 24
                          193.73.208.0/24 maxlen: 24
                          2a09:5f80:3::/48 maxlen: 48
                          2a09:5f80:2::/48 maxlen: 48
                          2a09:5f80::/48 maxlen: 48
                          2001:67c:4f0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 13:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:a3:20:3b:6a:ce:76:62:53:66:18:d8:3d:04:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
        Validity
            Not Before: Jan  1 04:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c3a0de2c525d124d6664a89db781503100f19532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c2:96:30:27:10:dd:7c:13:9d:7e:ae:47:d7:
                    45:c1:fc:31:ae:0f:7f:6c:b5:05:36:1b:05:8e:4e:
                    6b:ac:45:c0:d3:e0:7b:83:ac:a8:ef:8a:ec:f7:9e:
                    c6:d7:12:e4:52:10:ac:93:28:a5:5f:35:a4:65:7e:
                    09:3a:75:01:15:0e:38:33:af:9d:90:8a:41:63:7d:
                    d6:23:44:cc:e6:35:41:e8:62:19:b0:e0:6c:9e:e8:
                    49:c6:ce:24:26:c4:f7:e4:4b:fc:20:ff:34:b3:6e:
                    c6:e6:34:07:06:df:9f:0f:b8:34:11:98:bf:13:60:
                    6d:24:ba:e1:0d:28:20:90:af:d5:22:1a:05:8a:8c:
                    84:88:b4:fb:66:64:6a:96:50:68:54:c1:7c:3b:4a:
                    91:b4:97:ff:db:c0:a1:fc:8b:da:5c:a1:22:15:3b:
                    68:40:4d:17:fc:c8:ad:e9:61:5d:8c:cc:6c:c0:ca:
                    bf:02:04:d4:d3:21:5b:d9:53:a7:5e:11:f9:3b:b9:
                    a3:23:22:5e:70:90:d9:37:75:2a:9d:e8:e9:cb:5c:
                    07:53:57:e4:1e:73:69:17:4c:4a:98:68:1b:21:7d:
                    70:20:04:c4:60:ef:07:34:68:ab:e9:86:74:1c:65:
                    6e:16:e1:de:5a:32:b6:c8:c8:39:64:99:1d:5d:fa:
                    ce:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:A0:DE:2C:52:5D:12:4D:66:64:A8:9D:B7:81:50:31:00:F1:95:32
            X509v3 Authority Key Identifier:
                keyid:68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/w6DeLFJdEk1mZKidt4FQMQDxlTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.170.88.0/24
                  185.170.90.0/24
                  193.8.190.0/23
                  193.73.208.0/24
                  193.134.94.0/24
                  194.11.164.0/24
                  194.11.166.0/24
                IPv6:
                  2001:67c:4f0::/48
                  2a09:5f80::/48
                  2a09:5f80:2::/47

    Signature Algorithm: sha256WithRSAEncryption
         59:da:65:27:0f:ee:0f:dd:4d:d6:de:10:11:6c:be:4d:dd:c5:
         71:d9:6c:6e:df:59:46:6f:36:bc:fc:5d:3f:75:e6:8b:94:27:
         cd:b2:1b:65:a1:41:61:c4:8f:72:b0:19:73:73:1f:2e:be:a1:
         4d:7d:e0:df:04:9f:2e:3b:c0:5d:73:47:63:15:a1:75:95:93:
         43:5e:79:e3:0d:3e:d1:86:57:f6:19:63:43:66:72:aa:95:f9:
         30:ed:e3:5c:0d:0a:01:ae:01:8a:e1:99:81:95:93:5b:f9:b8:
         5a:b1:9c:85:06:c1:59:06:60:45:01:53:e1:5c:ec:52:db:1d:
         44:ad:cc:80:75:a7:81:1d:cc:84:8c:84:e7:2a:fe:f5:5c:aa:
         ec:99:31:6e:27:9f:f4:a8:ee:68:56:89:28:5b:fc:de:63:e9:
         06:af:6f:55:da:88:65:25:1d:fd:71:2c:f5:5e:00:f6:64:d4:
         32:ab:f2:3e:5c:ff:fa:f5:0b:d2:cd:73:e5:c5:42:dc:b4:bb:
         c1:f8:e1:23:a3:37:3e:19:ae:37:39:d2:34:63:fc:0f:4b:09:
         93:fd:ed:ed:93:65:83:ad:b2:13:fe:2b:97:36:64:2f:f1:fd:
         09:76:54:d9:b3:aa:f8:af:2f:2c:b4:f5:95:2a:9d:2b:d8:9c:
         0e:69:82:c6
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzDSKMgO2rOdmJTZhjYPQQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NzcyNmQzOGZjZjJhN2ZiYmI3YmZjMjhkNjNmZTM1Nzll
ZDIxMWQwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2EwZGUyYzUyNWQxMjRkNjY2NGE4OWRiNzgxNTAzMTAwZjE5NTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8KWMCcQ3XwTnX6uR9dFwfwxrg9/
bLUFNhsFjk5rrEXA0+B7g6yo74rs957G1xLkUhCskyilXzWkZX4JOnUBFQ44M6+d
kIpBY33WI0TM5jVB6GIZsOBsnuhJxs4kJsT35Ev8IP80s27G5jQHBt+fD7g0EZi/
E2BtJLrhDSggkK/VIhoFioyEiLT7ZmRqllBoVMF8O0qRtJf/28Ch/IvaXKEiFTto
QE0X/Mit6WFdjMxswMq/AgTU0yFb2VOnXhH5O7mjIyJecJDZN3Uqnejpy1wHU1fk
HnNpF0xKmGgbIX1wIATEYO8HNGir6YZ0HGVuFuHeWjK2yMg5ZJkdXfrO0wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMOg3ixSXRJNZmSonbeBUDEA8ZUyMB8GA1UdIwQY
MBaAFGh3JtOPzyp/u7e/wo1j/jV57SEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAt
NGIyZGExOTdhN2U2LzEvdzZEZUxGSmRFazFtWktpZHQ0RlFNUUR4bFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAtNGIyZGExOTdhN2U2
LzEvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQAuapYAwQA
uapaAwQBwQi+AwQAwUnQAwQAwYZeAwQAwgukAwQAwgumMCEEAgACMBsDBwAgAQZ8
BPADBwAqCV+AAAADBwEqCV+AAAIwDQYJKoZIhvcNAQELBQADggEBAFnaZScP7g/d
TdbeEBFsvk3dxXHZbG7fWUZvNrz8XT915ouUJ82yG2WhQWHEj3KwGXNzHy6+oU19
4N8Eny47wF1zR2MVoXWVk0NeeeMNPtGGV/YZY0NmcqqV+TDt41wNCgGuAYrhmYGV
k1v5uFqxnIUGwVkGYEUBU+Fc7FLbHUStzIB1p4EdzISMhOcq/vVcquyZMW4nn/So
7mhWiShb/N5j6Qavb1XaiGUlHf1xLPVeAPZk1DKr8j5c//r1C9LNc+XFQty0u8H4
4SOjNz4Zrjc50jRj/A9LCZP97e2TZYOtshP+K5c2ZC/x/Ql2VNmzqvivLyy09ZUq
nSvYnA5pgsY=
-----END CERTIFICATE-----
Generated at Mon Jun 17 18:34:01 2024 by rpki-client on console-fra.rpki-client.org