Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mHPvsllEb2yKFJSRgWh7FCZY1nI.roa
File:                     mHPvsllEb2yKFJSRgWh7FCZY1nI.roa (raw, json)
Hash identifier:          Ra6d9nGZOdiDvILCEsPe+uRl4QN5kiUHdTyinj8Vdc4=
Subject key identifier:   98:73:EF:B2:59:44:6F:6C:8A:14:94:91:81:68:7B:14:26:58:D6:72
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       018CC42493BCD6AD82F7E51FF5D824C39FA8
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mHPvsllEb2yKFJSRgWh7FCZY1nI.roa
Signing time:             Mon 01 Jan 2024 08:29:40 +0000
ROA not before:           Mon 01 Jan 2024 08:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202749
IP address blocks:        178.254.147.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:93:bc:d6:ad:82:f7:e5:1f:f5:d8:24:c3:9f:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Jan  1 08:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9873efb259446f6c8a14949181687b142658d672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f1:75:8f:47:9e:72:cb:32:eb:1f:d5:ac:0f:
                    9b:76:c6:2c:b2:7b:b1:d7:1f:e5:43:c1:f9:28:7a:
                    ec:11:88:93:0b:68:55:52:63:d5:30:05:33:46:bb:
                    af:4f:36:a2:17:b5:59:8b:69:71:94:26:3d:a6:39:
                    19:55:0b:3d:b6:09:22:70:58:3c:4f:51:4d:d8:ef:
                    41:e3:e3:93:0a:cc:47:10:c2:98:90:ba:3d:88:e8:
                    b0:e3:97:e7:1e:f6:2c:7c:ef:df:2b:ac:e2:07:69:
                    25:f3:3d:ae:bc:2b:d6:9c:db:57:db:c3:61:6f:da:
                    7b:06:0e:ca:90:40:12:26:11:c1:ea:1a:db:80:f4:
                    8b:d2:b9:97:e7:05:0a:37:91:35:8a:7b:fc:d5:78:
                    6a:7e:cf:4a:1b:4e:7f:fb:a9:39:85:59:dd:09:c6:
                    c5:a4:8e:cc:0f:b8:e3:ec:07:7e:d9:bf:7c:12:af:
                    f1:db:28:59:6f:42:21:10:27:05:70:84:73:83:59:
                    3d:1b:94:47:a1:6a:ec:5f:37:d3:f0:76:80:d2:80:
                    20:e5:83:1d:4a:f1:81:b0:a4:68:f1:78:11:1a:15:
                    31:06:04:31:80:ef:52:0d:bb:40:18:38:96:a3:86:
                    44:aa:98:e6:7e:2e:88:3a:ed:b1:a4:4f:28:a8:ba:
                    2d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:73:EF:B2:59:44:6F:6C:8A:14:94:91:81:68:7B:14:26:58:D6:72
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mHPvsllEb2yKFJSRgWh7FCZY1nI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.254.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:27:1e:a2:e4:1d:26:73:32:64:1e:fb:3e:77:ea:5e:80:76:
         de:15:67:5b:e0:da:8c:c0:69:53:06:be:ee:58:d4:cc:a8:f3:
         ec:f9:8f:64:bc:8c:d9:30:f1:dc:f1:85:84:e3:8d:25:4a:15:
         f7:c0:9b:f0:ed:2d:4f:2f:4f:6a:4f:65:95:5b:60:f8:20:81:
         4f:60:1e:d6:d6:24:c7:a3:8e:dd:d4:19:c1:3c:2b:4e:e2:a8:
         1b:76:a5:f1:28:c9:dc:08:91:60:95:43:ab:78:41:cd:65:3c:
         20:31:dc:dc:07:c6:a0:29:38:58:6e:45:51:33:2d:c0:22:c3:
         c4:1a:50:34:6c:f8:15:61:89:4c:99:a4:18:31:fb:13:8c:e5:
         82:0f:a5:44:0c:62:19:16:9f:86:e0:30:fc:8f:dc:55:ee:46:
         03:52:dc:23:da:6e:20:69:37:44:07:76:e0:aa:05:bd:41:f9:
         dd:4a:4a:06:8e:a1:b3:5d:63:30:85:27:09:36:fe:cb:f5:52:
         f5:b4:a1:73:2f:60:ed:7d:71:19:64:2c:ec:13:73:9b:e9:c3:
         26:97:d3:19:e8:46:79:53:35:41:d8:4f:80:2d:2f:fc:2b:17:
         af:e7:6e:82:43:69:7e:c1:50:74:6c:a8:a4:96:52:93:6a:27:
         29:aa:4a:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJJO81q2C9+Uf9dgkw5+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQwMTAxMDgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODczZWZiMjU5NDQ2ZjZjOGExNDk0OTE4MTY4N2IxNDI2NThkNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfF1j0eecssy6x/VrA+bdsYssnux
1x/lQ8H5KHrsEYiTC2hVUmPVMAUzRruvTzaiF7VZi2lxlCY9pjkZVQs9tgkicFg8
T1FN2O9B4+OTCsxHEMKYkLo9iOiw45fnHvYsfO/fK6ziB2kl8z2uvCvWnNtX28Nh
b9p7Bg7KkEASJhHB6hrbgPSL0rmX5wUKN5E1inv81Xhqfs9KG05/+6k5hVndCcbF
pI7MD7jj7Ad+2b98Eq/x2yhZb0IhECcFcIRzg1k9G5RHoWrsXzfT8HaA0oAg5YMd
SvGBsKRo8XgRGhUxBgQxgO9SDbtAGDiWo4ZEqpjmfi6IOu2xpE8oqLotvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhz77JZRG9sihSUkYFoexQmWNZyMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvbUhQdnNsbEViMnlLRkpTUmdXaDdGQ1pZMW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv6TMA0G
CSqGSIb3DQEBCwUAA4IBAQAsJx6i5B0mczJkHvs+d+pegHbeFWdb4NqMwGlTBr7u
WNTMqPPs+Y9kvIzZMPHc8YWE440lShX3wJvw7S1PL09qT2WVW2D4IIFPYB7W1iTH
o47d1BnBPCtO4qgbdqXxKMncCJFglUOreEHNZTwgMdzcB8agKThYbkVRMy3AIsPE
GlA0bPgVYYlMmaQYMfsTjOWCD6VEDGIZFp+G4DD8j9xV7kYDUtwj2m4gaTdEB3bg
qgW9QfndSkoGjqGzXWMwhScJNv7L9VL1tKFzL2DtfXEZZCzsE3Ob6cMml9MZ6EZ5
UzVB2E+ALS/8Kxev526CQ2l+wVB0bKikllKTaicpqkrL
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:31 2024 by rpki-client on console-ams.rpki-client.org