Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/yk8QvcHQfMmoizYXS18sEr3Ur1w.roa
File:                     yk8QvcHQfMmoizYXS18sEr3Ur1w.roa (raw, json)
Hash identifier:          1wnA8zGH8L/1dd3DsK7khrrK8zzgX+7vJx5UGKfzVHI=
Subject key identifier:   CA:4F:10:BD:C1:D0:7C:C9:A8:8B:36:17:4B:5F:2C:12:BD:D4:AF:5C
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018F533D4BB81681F364DD9E146C5359B7EE
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/yk8QvcHQfMmoizYXS18sEr3Ur1w.roa
Signing time:             Tue 07 May 2024 13:27:56 +0000
ROA not before:           Tue 07 May 2024 13:27:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3320
IP address blocks:        176.57.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 04 Jun 2024 07:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:53:3d:4b:b8:16:81:f3:64:dd:9e:14:6c:53:59:b7:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: May  7 13:27:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ca4f10bdc1d07cc9a88b36174b5f2c12bdd4af5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:09:f4:fa:d5:f1:57:ae:e5:8c:67:a9:d8:f2:
                    6b:75:e1:78:d5:24:9f:45:df:31:a3:60:e4:d9:91:
                    df:0f:f4:ac:fb:7a:8c:2d:09:a4:82:82:80:82:ff:
                    b2:a8:59:ee:9f:25:49:e1:1f:d0:05:4f:ae:f6:59:
                    2a:3c:fb:e2:1c:e6:ca:b0:a2:fc:96:ff:8b:99:08:
                    7c:88:3f:f3:c7:ec:4c:a8:72:75:c1:7f:6c:72:af:
                    25:a3:cb:28:0f:5a:5f:b2:4a:ce:c1:a6:76:52:b4:
                    f2:e3:4a:01:4b:ae:09:da:a1:57:d2:cd:d6:5d:04:
                    87:59:38:b9:bf:8b:39:6b:42:dd:0c:36:f0:0c:e2:
                    df:97:08:8e:f0:5b:e3:22:92:fe:01:c3:dc:bb:ff:
                    21:a6:29:28:29:15:41:a9:11:ea:b9:51:cf:56:45:
                    c5:f9:33:1b:d9:cb:4f:a8:42:e5:da:86:19:b2:19:
                    ab:84:39:d9:90:5b:f4:ee:25:d0:1e:87:ff:54:18:
                    04:2e:49:72:4a:0f:0b:64:ba:0f:33:92:9e:6d:0c:
                    5a:ed:70:44:be:a2:5a:1c:1b:c2:ad:93:57:8a:c4:
                    b6:22:21:88:46:54:9f:0c:66:20:62:34:4b:5d:8c:
                    f5:53:45:41:90:6b:94:6d:03:23:2e:3c:02:92:7f:
                    a2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:4F:10:BD:C1:D0:7C:C9:A8:8B:36:17:4B:5F:2C:12:BD:D4:AF:5C
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/yk8QvcHQfMmoizYXS18sEr3Ur1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.57.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:e0:6a:70:8a:14:d8:2a:df:93:de:50:d1:ea:3a:4d:4b:18:
         e9:f3:f8:23:af:62:dc:2b:08:6f:fb:6b:a0:82:a2:06:79:8e:
         0e:2f:d4:a7:ec:42:63:07:2c:67:3a:0f:b6:3f:c4:e2:5e:5f:
         ec:cc:dc:6d:3b:b5:52:b5:3f:b8:9a:b6:98:ab:b0:cb:3d:0e:
         ae:41:6c:51:80:66:e5:ee:8e:b3:62:f7:3b:9a:a2:f4:bb:17:
         be:b2:98:b2:01:09:e8:8c:90:34:69:7d:c3:55:6f:c1:32:f1:
         bd:6a:f2:ee:c5:d4:ea:13:68:16:50:12:6a:95:93:52:46:37:
         8d:ee:a9:39:53:96:ed:1d:dd:37:3b:b8:09:16:fb:7d:64:7f:
         a0:37:0f:6c:88:a1:c3:79:07:3a:92:c6:c3:b8:f4:c8:03:3b:
         12:1f:59:9e:da:05:1c:94:98:f8:56:55:16:b7:ec:9c:05:33:
         46:8c:42:c2:f4:1d:7f:6a:c1:b1:86:78:57:44:79:83:99:c3:
         07:f1:c3:ac:51:f1:33:ea:b0:25:fa:d0:a1:25:ed:21:1b:2e:
         72:a9:12:3b:0f:3d:17:e9:d9:46:f1:a3:fa:99:28:3c:f8:ed:
         6e:40:6d:1a:89:7e:db:bd:5a:b0:49:42:51:90:b8:a7:96:54:
         38:68:74:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9TPUu4FoHzZN2eFGxTWbfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNTA3MTMyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRmMTBiZGMxZDA3Y2M5YTg4YjM2MTc0YjVmMmMxMmJkZDRhZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswn0+tXxV67ljGep2PJrdeF41SSf
Rd8xo2Dk2ZHfD/Ss+3qMLQmkgoKAgv+yqFnunyVJ4R/QBU+u9lkqPPviHObKsKL8
lv+LmQh8iD/zx+xMqHJ1wX9scq8lo8soD1pfskrOwaZ2UrTy40oBS64J2qFX0s3W
XQSHWTi5v4s5a0LdDDbwDOLflwiO8FvjIpL+AcPcu/8hpikoKRVBqRHquVHPVkXF
+TMb2ctPqELl2oYZshmrhDnZkFv07iXQHof/VBgELklySg8LZLoPM5KebQxa7XBE
vqJaHBvCrZNXisS2IiGIRlSfDGYgYjRLXYz1U0VBkGuUbQMjLjwCkn+ipQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpPEL3B0HzJqIs2F0tfLBK91K9cMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEveWs4UXZjSFFmTW1vaXpZWFMxOHNFcjNVcjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDk7MA0G
CSqGSIb3DQEBCwUAA4IBAQCa4GpwihTYKt+T3lDR6jpNSxjp8/gjr2LcKwhv+2ug
gqIGeY4OL9Sn7EJjByxnOg+2P8TiXl/szNxtO7VStT+4mraYq7DLPQ6uQWxRgGbl
7o6zYvc7mqL0uxe+spiyAQnojJA0aX3DVW/BMvG9avLuxdTqE2gWUBJqlZNSRjeN
7qk5U5btHd03O7gJFvt9ZH+gNw9siKHDeQc6ksbDuPTIAzsSH1me2gUclJj4VlUW
t+ycBTNGjELC9B1/asGxhnhXRHmDmcMH8cOsUfEz6rAl+tChJe0hGy5yqRI7Dz0X
6dlG8aP6mSg8+O1uQG0aiX7bvVqwSUJRkLinllQ4aHSH
-----END CERTIFICATE-----
Generated at Mon Jun 3 13:49:22 2024 by rpki-client on console-fra.rpki-client.org