Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/1Mm1RNLwbyjiCOWBVCkeByMS0Cc.roa
File:                     1Mm1RNLwbyjiCOWBVCkeByMS0Cc.roa (raw, json)
Hash identifier:          yFTpJgxP9fdLdH4dJjbcGz1adyWokJ9D1jqx/15M5Ys=
Subject key identifier:   D4:C9:B5:44:D2:F0:6F:28:E2:08:E5:81:54:29:1E:07:23:12:D0:27
Certificate issuer:       /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial:       018DAD79DF1D4CAED0B724E90B261048B44D
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/1Mm1RNLwbyjiCOWBVCkeByMS0Cc.roa
Signing time:             Thu 15 Feb 2024 15:54:21 +0000
ROA not before:           Thu 15 Feb 2024 15:54:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204490
IP address blocks:        2a0e:7f45::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 14:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ad:79:df:1d:4c:ae:d0:b7:24:e9:0b:26:10:48:b4:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
        Validity
            Not Before: Feb 15 15:54:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d4c9b544d2f06f28e208e58154291e072312d027
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a8:79:5f:c0:1b:1c:cd:c1:61:16:54:c1:f8:
                    d0:ec:86:42:5c:17:80:ef:42:ae:46:d2:e6:62:4a:
                    28:0b:3a:d2:d0:2c:f0:d5:10:5f:fc:4a:17:50:72:
                    ae:71:c4:10:bb:7b:e3:89:11:b6:cf:bc:02:4f:44:
                    b2:fa:cc:20:47:3e:be:32:b0:39:42:65:3a:21:d4:
                    52:33:21:46:2d:d6:1e:f1:1a:69:2b:6b:6a:6e:02:
                    a5:fe:db:ee:1f:63:53:f5:7f:1b:b6:99:71:19:a1:
                    8e:6d:e3:2c:73:85:3f:49:ad:5e:6b:6d:52:41:5a:
                    08:94:1f:b4:1e:01:9e:53:16:e1:e4:d1:42:a5:60:
                    5f:10:89:e5:53:fa:44:87:f3:3b:68:0d:a6:36:62:
                    80:23:6d:b6:00:d1:02:5c:a5:fd:67:04:e1:39:6a:
                    03:d2:dd:cf:39:3f:45:ee:5c:43:5b:07:a3:35:c0:
                    66:72:7b:23:35:c0:4d:5a:d3:ea:aa:4e:8c:57:43:
                    c9:b0:06:55:20:c1:a3:3d:59:1f:94:82:83:29:7f:
                    01:56:f7:ed:67:54:a2:c6:bb:14:b1:21:6a:75:d2:
                    ec:60:89:de:07:17:0e:6f:42:0b:64:9c:c1:55:9c:
                    2f:c7:69:bf:9f:25:32:bd:f9:26:67:9c:04:99:47:
                    57:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C9:B5:44:D2:F0:6F:28:E2:08:E5:81:54:29:1E:07:23:12:D0:27
            X509v3 Authority Key Identifier:
                keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/1Mm1RNLwbyjiCOWBVCkeByMS0Cc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:7f45::/32

    Signature Algorithm: sha256WithRSAEncryption
         a4:0b:93:1c:52:32:84:70:fb:93:55:0e:b3:b1:04:5c:25:ec:
         17:2c:ce:5e:37:49:c3:9e:65:3c:00:33:07:66:fb:db:59:11:
         64:1c:69:7b:06:c6:93:4c:8d:5e:4b:a6:e2:a3:ce:a0:81:51:
         22:e9:1e:94:29:f2:95:ee:6c:7a:02:93:13:2a:cd:78:be:74:
         89:88:e3:cf:f7:72:6e:bf:ce:c4:53:ff:14:6b:31:33:36:53:
         0e:39:33:1d:12:a6:9e:0c:a5:c0:12:b9:42:67:38:ca:e3:09:
         61:7e:67:47:56:e9:b3:f6:e7:f3:68:05:99:b7:7f:65:f7:37:
         34:00:8c:3b:c0:67:97:b2:44:8a:1d:b7:47:3e:62:62:63:f5:
         f8:85:af:79:64:84:11:ff:39:02:21:7a:f9:05:d2:01:fc:9d:
         ee:db:4d:7b:e3:aa:1c:c0:2a:43:5f:e1:5a:1e:12:b3:f2:e6:
         65:b5:5e:53:57:ec:90:8b:8b:0d:04:d3:46:8b:eb:58:3c:0c:
         99:69:68:7d:9c:37:74:a4:6d:42:a5:f0:5d:bd:d2:29:4c:ce:
         d4:3d:52:97:3d:f2:64:4f:f3:7d:64:32:22:a4:53:95:f9:40:
         54:a3:f5:34:70:e3:8a:86:6c:91:98:9e:09:c4:b6:03:31:f6:
         97:29:f2:bf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2ted8dTK7QtyTpCyYQSLRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQwMjE1MTU1NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGM5YjU0NGQyZjA2ZjI4ZTIwOGU1ODE1NDI5MWUwNzIzMTJkMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqh5X8AbHM3BYRZUwfjQ7IZCXBeA
70KuRtLmYkooCzrS0Czw1RBf/EoXUHKuccQQu3vjiRG2z7wCT0Sy+swgRz6+MrA5
QmU6IdRSMyFGLdYe8RppK2tqbgKl/tvuH2NT9X8btplxGaGObeMsc4U/Sa1ea21S
QVoIlB+0HgGeUxbh5NFCpWBfEInlU/pEh/M7aA2mNmKAI222ANECXKX9ZwThOWoD
0t3POT9F7lxDWwejNcBmcnsjNcBNWtPqqk6MV0PJsAZVIMGjPVkflIKDKX8BVvft
Z1SixrsUsSFqddLsYIneBxcOb0ILZJzBVZwvx2m/nyUyvfkmZ5wEmUdXlQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNTJtUTS8G8o4gjlgVQpHgcjEtAnMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvMU1tMVJOTHdieWppQ09XQlZDa2VCeU1TMENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/RTAN
BgkqhkiG9w0BAQsFAAOCAQEApAuTHFIyhHD7k1UOs7EEXCXsFyzOXjdJw55lPAAz
B2b721kRZBxpewbGk0yNXkum4qPOoIFRIukelCnyle5segKTEyrNeL50iYjjz/dy
br/OxFP/FGsxMzZTDjkzHRKmngylwBK5Qmc4yuMJYX5nR1bps/bn82gFmbd/Zfc3
NACMO8Bnl7JEih23Rz5iYmP1+IWveWSEEf85AiF6+QXSAfyd7ttNe+OqHMAqQ1/h
Wh4Ss/LmZbVeU1fskIuLDQTTRovrWDwMmWlofZw3dKRtQqXwXb3SKUzO1D1Slz3y
ZE/zfWQyIqRTlflAVKP1NHDjioZskZieCcS2AzH2lynyvw==
-----END CERTIFICATE-----
Generated at Sat Sep 28 20:53:10 2024 by rpki-client on console-fra.rpki-client.org