Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/_Nf26EMzN2gzbZnGOtyfFLFX2DI.roa
File:                     _Nf26EMzN2gzbZnGOtyfFLFX2DI.roa (raw, json)
Hash identifier:          Z1jgVuq+F3dsvxGJfJqIsDqecTynWD/2FJQZ3YfImBw=
Subject key identifier:   FC:D7:F6:E8:43:33:37:68:33:6D:99:C6:3A:DC:9F:14:B1:57:D8:32
Certificate issuer:       /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial:       0191223C53F322DEDAC5F25F31818B697179
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/_Nf26EMzN2gzbZnGOtyfFLFX2DI.roa
Signing time:             Mon 05 Aug 2024 11:11:04 +0000
ROA not before:           Mon 05 Aug 2024 11:11:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60829
IP address blocks:        188.95.151.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:22:3c:53:f3:22:de:da:c5:f2:5f:31:81:8b:69:71:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
        Validity
            Not Before: Aug  5 11:11:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fcd7f6e843333768336d99c63adc9f14b157d832
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:30:d7:31:5b:40:14:37:72:2b:f1:25:77:ba:
                    0f:6b:91:69:08:b1:fb:a4:8f:7c:d0:e4:7b:d7:62:
                    b7:78:cc:30:e4:a8:89:9b:f8:96:cc:03:52:33:ea:
                    2c:d6:37:38:c5:8f:9b:c4:12:48:ae:84:57:27:2e:
                    e9:74:46:4b:57:b2:97:4c:7d:be:14:f1:a8:ab:06:
                    8e:b2:99:36:30:aa:76:7c:85:ac:c5:3f:1a:7e:7c:
                    dd:a6:ae:2c:1f:77:91:62:6a:63:78:ea:53:5f:9f:
                    4a:88:55:f6:5e:01:87:c8:b8:f5:e6:b7:54:86:52:
                    c1:19:3f:c6:86:ee:9d:3e:62:34:a4:0f:23:de:60:
                    47:4b:ad:0e:13:e8:7c:ce:1e:f0:de:fb:ca:f0:64:
                    09:f7:e9:71:50:94:4b:a5:4f:0b:a2:90:f9:20:00:
                    3f:e9:3d:88:5b:37:02:24:55:0a:38:83:69:62:78:
                    70:7e:00:8d:64:11:82:e0:b1:3d:34:d7:ef:a1:18:
                    95:5a:b1:49:7a:30:70:db:a0:be:77:c4:b4:59:bc:
                    4e:48:54:54:9b:21:42:ad:3d:fe:2a:21:a5:77:6b:
                    86:c1:b9:4c:11:78:29:c5:11:bf:1e:02:8e:90:b6:
                    91:be:3f:e6:bd:11:46:cf:7b:4a:d7:22:e4:db:18:
                    cd:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:D7:F6:E8:43:33:37:68:33:6D:99:C6:3A:DC:9F:14:B1:57:D8:32
            X509v3 Authority Key Identifier:
                keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/_Nf26EMzN2gzbZnGOtyfFLFX2DI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.95.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:a7:28:c1:7b:40:12:08:d3:f6:54:3f:71:9e:93:b9:c6:87:
         42:40:c3:37:84:6a:f8:ae:7f:34:61:bc:26:99:b0:49:b0:2b:
         00:e5:0c:34:27:e6:eb:99:e7:a0:7e:cc:f4:cf:1e:d6:d8:96:
         93:22:15:b0:5c:cc:a5:de:c5:02:6d:32:c9:97:22:24:b8:4f:
         ae:2d:34:9c:85:bb:f5:5d:c1:a8:40:24:66:0c:cb:b0:29:cc:
         34:bb:b0:70:fa:1b:f5:46:03:17:a5:0c:bd:85:5b:6f:43:b7:
         26:34:82:ba:fe:2b:88:48:5d:23:37:97:09:f2:aa:21:9c:11:
         00:2c:bf:70:09:c6:26:7d:54:bf:47:36:41:92:47:9e:e9:5f:
         45:97:4d:8f:d3:9e:a5:4f:59:e8:af:46:31:4a:19:51:48:5b:
         33:7f:ca:b1:2f:92:a3:20:92:9c:86:37:77:37:3f:04:3b:01:
         91:07:57:2d:60:fd:33:cb:86:ca:ce:0e:cf:df:af:6d:e4:85:
         0a:97:22:3e:18:8f:46:97:31:75:c0:6f:72:90:db:9c:d7:73:
         5c:53:e9:01:06:3f:3c:b6:bc:ea:a2:53:99:08:da:c1:a9:51:
         27:7d:66:a3:70:fc:32:d1:9d:4b:46:f9:b8:52:ef:8f:dd:e1:
         18:2a:42:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEiPFPzIt7axfJfMYGLaXF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwODA1MTExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q3ZjZlODQzMzMzNzY4MzM2ZDk5YzYzYWRjOWYxNGIxNTdkODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDDXMVtAFDdyK/Eld7oPa5FpCLH7
pI980OR712K3eMww5KiJm/iWzANSM+os1jc4xY+bxBJIroRXJy7pdEZLV7KXTH2+
FPGoqwaOspk2MKp2fIWsxT8afnzdpq4sH3eRYmpjeOpTX59KiFX2XgGHyLj15rdU
hlLBGT/Ghu6dPmI0pA8j3mBHS60OE+h8zh7w3vvK8GQJ9+lxUJRLpU8LopD5IAA/
6T2IWzcCJFUKOINpYnhwfgCNZBGC4LE9NNfvoRiVWrFJejBw26C+d8S0WbxOSFRU
myFCrT3+KiGld2uGwblMEXgpxRG/HgKOkLaRvj/mvRFGz3tK1yLk2xjNFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzX9uhDMzdoM22ZxjrcnxSxV9gyMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvX05mMjZFTXpOMmd6YlpuR090eWZGTEZYMkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF+XMA0G
CSqGSIb3DQEBCwUAA4IBAQB2pyjBe0ASCNP2VD9xnpO5xodCQMM3hGr4rn80Ybwm
mbBJsCsA5Qw0J+brmeegfsz0zx7W2JaTIhWwXMyl3sUCbTLJlyIkuE+uLTSchbv1
XcGoQCRmDMuwKcw0u7Bw+hv1RgMXpQy9hVtvQ7cmNIK6/iuISF0jN5cJ8qohnBEA
LL9wCcYmfVS/RzZBkkee6V9Fl02P056lT1nor0YxShlRSFszf8qxL5KjIJKchjd3
Nz8EOwGRB1ctYP0zy4bKzg7P369t5IUKlyI+GI9GlzF1wG9ykNuc13NcU+kBBj88
trzqolOZCNrBqVEnfWajcPwy0Z1LRvm4Uu+P3eEYKkIc
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:12:42 2024 by rpki-client on console-fra.rpki-client.org