Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Dbtu8Q4LRr4mUflt5S1AEixcaCc.roa
File:                     Dbtu8Q4LRr4mUflt5S1AEixcaCc.roa (raw, json)
Hash identifier:          xUBi+io7ZaVIjhm6Nozmfowm+LNA6VbcrZ5HGxH8N6E=
Subject key identifier:   0D:BB:6E:F1:0E:0B:46:BE:26:51:F9:6D:E5:2D:40:12:2C:5C:68:27
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0191C40822269AAD9E45E005E5C7B675CA19
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Dbtu8Q4LRr4mUflt5S1AEixcaCc.roa
Signing time:             Thu 05 Sep 2024 21:12:32 +0000
ROA not before:           Thu 05 Sep 2024 21:12:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216141
IP address blocks:        185.186.67.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 08:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:c4:08:22:26:9a:ad:9e:45:e0:05:e5:c7:b6:75:ca:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Sep  5 21:12:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0dbb6ef10e0b46be2651f96de52d40122c5c6827
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:32:92:80:89:27:24:22:c3:70:97:3b:9b:a2:
                    c5:fe:9f:a6:a0:1d:85:0e:af:bb:2a:98:8f:21:42:
                    7a:67:b9:74:04:43:c3:10:b7:f5:9d:61:73:9c:5f:
                    be:ab:ac:f6:62:b0:3f:95:2e:4d:e0:7a:8c:1c:20:
                    40:36:e2:20:26:8a:be:e8:19:61:8e:b8:fe:17:3c:
                    70:9f:cc:2d:75:61:1d:f0:97:74:51:73:4f:95:8a:
                    94:db:fe:50:94:0d:db:b6:d5:3d:70:44:72:93:73:
                    19:03:0b:88:5d:d3:f0:80:d9:a9:6c:7b:2e:24:57:
                    fa:ee:0d:c1:00:77:49:25:3b:1a:e6:e7:7b:8b:35:
                    13:cd:24:dd:c7:70:d3:a1:27:65:81:7e:30:c1:0f:
                    a5:7f:38:50:f4:dd:b3:d4:8b:1b:8b:aa:cd:ee:93:
                    c9:cd:5f:98:cc:29:0b:26:ca:7a:2f:80:dc:fd:76:
                    bb:03:e4:f7:88:74:16:b8:a0:6a:0c:c2:4c:67:27:
                    33:4c:be:d3:68:f0:29:8d:84:8d:af:a1:66:e1:ad:
                    35:0a:62:9d:3d:d8:c8:69:95:cb:e6:bc:27:b1:af:
                    b3:9b:ec:8a:aa:cf:da:e5:b7:03:cc:4b:8a:c3:c0:
                    7c:c6:a6:e3:3c:4a:85:e6:55:33:8a:24:15:a8:f1:
                    a7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:BB:6E:F1:0E:0B:46:BE:26:51:F9:6D:E5:2D:40:12:2C:5C:68:27
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Dbtu8Q4LRr4mUflt5S1AEixcaCc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         dd:e5:57:21:08:d5:cf:57:2a:65:81:bf:3e:73:aa:3a:d3:2d:
         3b:df:a5:1f:c0:57:84:ce:ca:d6:ee:b7:0e:52:7e:51:d6:63:
         54:41:3c:72:4b:18:fb:a3:d7:c8:16:a8:1c:ac:05:8a:a0:d9:
         c7:8a:8c:97:3b:ea:9f:2f:1a:57:87:96:3d:48:f4:ed:06:76:
         d3:12:8d:2f:9b:1a:ca:4d:41:b0:45:33:23:3f:59:09:82:ab:
         dc:2f:a9:2d:c6:dc:eb:27:63:6d:18:f4:d6:17:6e:8f:1c:84:
         2e:fe:9a:7e:00:d5:b8:b6:55:ab:66:93:e1:d3:42:b7:7f:4d:
         64:3e:ee:9a:09:18:a5:3b:3f:33:45:63:9a:f1:6a:8f:03:7e:
         a8:33:6f:c8:99:bf:4f:fa:b2:c7:61:a0:bd:46:8f:d9:0c:34:
         b0:ba:5e:71:1c:cd:c6:47:02:e8:5c:ba:62:a8:57:f1:8d:28:
         d3:02:c5:37:22:e2:2f:ec:b1:16:3a:f2:e9:5f:f8:7d:d3:9f:
         49:4f:40:5b:83:af:5b:c5:31:c3:60:89:07:92:7d:ff:68:31:
         8b:fe:97:5f:d5:e5:36:05:0d:d5:7b:39:b7:49:a6:0b:3f:d2:
         bc:34:fe:fc:2c:cb:73:45:0d:12:55:2a:b3:f5:81:4e:88:f4:
         b0:9b:b4:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHECCImmq2eReAF5ce2dcoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwOTA1MjExMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJiNmVmMTBlMGI0NmJlMjY1MWY5NmRlNTJkNDAxMjJjNWM2ODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDKSgIknJCLDcJc7m6LF/p+moB2F
Dq+7KpiPIUJ6Z7l0BEPDELf1nWFznF++q6z2YrA/lS5N4HqMHCBANuIgJoq+6Blh
jrj+Fzxwn8wtdWEd8Jd0UXNPlYqU2/5QlA3bttU9cERyk3MZAwuIXdPwgNmpbHsu
JFf67g3BAHdJJTsa5ud7izUTzSTdx3DToSdlgX4wwQ+lfzhQ9N2z1Isbi6rN7pPJ
zV+YzCkLJsp6L4Dc/Xa7A+T3iHQWuKBqDMJMZyczTL7TaPApjYSNr6Fm4a01CmKd
PdjIaZXL5rwnsa+zm+yKqs/a5bcDzEuKw8B8xqbjPEqF5lUziiQVqPGnGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA27bvEOC0a+JlH5beUtQBIsXGgnMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRGJ0dThRNExScjRtVWZsdDVTMUFFaXhjYUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpDMA0G
CSqGSIb3DQEBCwUAA4IBAQDd5VchCNXPVyplgb8+c6o60y0736UfwFeEzsrW7rcO
Un5R1mNUQTxySxj7o9fIFqgcrAWKoNnHioyXO+qfLxpXh5Y9SPTtBnbTEo0vmxrK
TUGwRTMjP1kJgqvcL6ktxtzrJ2NtGPTWF26PHIQu/pp+ANW4tlWrZpPh00K3f01k
Pu6aCRilOz8zRWOa8WqPA36oM2/Imb9P+rLHYaC9Ro/ZDDSwul5xHM3GRwLoXLpi
qFfxjSjTAsU3IuIv7LEWOvLpX/h9059JT0Bbg69bxTHDYIkHkn3/aDGL/pdf1eU2
BQ3Vezm3SaYLP9K8NP78LMtzRQ0SVSqz9YFOiPSwm7Rq
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:38:22 2024 by rpki-client on console-ams.rpki-client.org