Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/853849-be2e-432f-87a6-a64dad67b735/1/NeahiD1oVmTiWVHicEaSJZ0Qj2A.roa
File:                     NeahiD1oVmTiWVHicEaSJZ0Qj2A.roa (raw, json)
Hash identifier:          hbVEaRzWU8AhFuRn2I/0J2LteARkkV4Mz8zpmW3YkIc=
Subject key identifier:   35:E6:A1:88:3D:68:56:64:E2:59:51:E2:70:46:92:25:9D:10:8F:60
Certificate issuer:       /CN=9826d90deb1016289dc0ef8c44b534e9fb271b5b
Certificate serial:       018CC4250A3EDEAB09F9C0FC3AD9710D37A8
Authority key identifier: 98:26:D9:0D:EB:10:16:28:9D:C0:EF:8C:44:B5:34:E9:FB:27:1B:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCbZDesQFiidwO-MRLU06fsnG1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/853849-be2e-432f-87a6-a64dad67b735/1/NeahiD1oVmTiWVHicEaSJZ0Qj2A.roa
Signing time:             Mon 01 Jan 2024 08:30:10 +0000
ROA not before:           Mon 01 Jan 2024 08:30:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31192
IP address blocks:        193.26.135.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/853849-be2e-432f-87a6-a64dad67b735/1/mCbZDesQFiidwO-MRLU06fsnG1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/853849-be2e-432f-87a6-a64dad67b735/1/mCbZDesQFiidwO-MRLU06fsnG1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mCbZDesQFiidwO-MRLU06fsnG1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:0a:3e:de:ab:09:f9:c0:fc:3a:d9:71:0d:37:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9826d90deb1016289dc0ef8c44b534e9fb271b5b
        Validity
            Not Before: Jan  1 08:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=35e6a1883d685664e25951e2704692259d108f60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:01:4c:ca:7e:fe:b3:e0:f7:47:c4:97:4d:cb:
                    7e:14:64:59:77:da:19:06:1d:df:73:bf:02:81:8f:
                    29:07:d4:99:69:f0:67:d3:73:88:65:bd:31:81:88:
                    f4:0e:87:58:0f:42:cf:1c:3c:fc:0c:0f:97:7e:75:
                    55:c5:69:74:24:0b:bd:38:db:31:78:1c:06:1b:6b:
                    6c:31:f7:eb:4d:d7:85:4b:cd:2c:08:f1:d6:e7:8e:
                    47:7f:a1:fb:2c:fb:ad:c2:f5:66:8b:b9:68:a5:b4:
                    ed:2a:fa:e5:20:62:89:06:7d:bb:a5:28:69:32:01:
                    75:30:cd:cf:1f:8d:df:06:7a:2e:ca:18:9d:e6:6f:
                    6b:d0:6e:3e:83:d6:b5:aa:b7:31:c4:6f:0a:d0:a0:
                    f8:e7:6a:0f:ca:d9:35:3e:af:ee:5e:b0:71:24:c0:
                    12:33:1a:25:8b:ab:30:88:16:d4:72:4f:bb:39:94:
                    c8:41:4b:cf:7d:db:63:a6:ef:85:eb:05:d2:3f:05:
                    7a:5e:c5:e5:0f:37:7e:b3:9f:a1:0a:ca:98:d2:fc:
                    fa:1e:14:78:95:84:2e:dc:3a:d2:d2:73:0d:8b:a2:
                    e1:29:be:28:6b:34:77:88:26:d1:5c:6f:5a:68:7a:
                    3c:2d:d4:0f:65:47:98:b4:bf:96:5a:a2:b1:79:89:
                    5a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:E6:A1:88:3D:68:56:64:E2:59:51:E2:70:46:92:25:9D:10:8F:60
            X509v3 Authority Key Identifier:
                keyid:98:26:D9:0D:EB:10:16:28:9D:C0:EF:8C:44:B5:34:E9:FB:27:1B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCbZDesQFiidwO-MRLU06fsnG1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/853849-be2e-432f-87a6-a64dad67b735/1/NeahiD1oVmTiWVHicEaSJZ0Qj2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/853849-be2e-432f-87a6-a64dad67b735/1/mCbZDesQFiidwO-MRLU06fsnG1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.26.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:ef:89:07:5e:41:69:da:cb:69:49:8e:b8:44:52:ef:2b:13:
         72:69:ff:62:c2:df:39:5c:f5:28:17:32:b1:eb:21:d1:e7:ba:
         5b:8a:be:80:f2:32:60:55:14:18:e2:50:3e:6c:a0:fb:b7:33:
         5f:96:7b:5c:30:f4:92:bd:45:4c:82:d3:5d:a7:97:8d:63:72:
         14:17:1c:20:f9:b4:77:09:c4:9b:53:37:61:be:05:53:15:1a:
         ac:b6:97:5e:60:b4:21:ee:ea:5d:97:89:6c:05:50:00:f1:7a:
         8d:a4:f2:e8:a4:af:e5:8b:26:f6:a9:31:4d:a3:9c:31:e4:00:
         1c:68:df:62:3e:51:ca:23:a6:9d:f9:b0:a0:09:cc:4c:0b:b7:
         9c:82:94:56:34:8e:23:1a:7d:f3:4e:73:ab:78:14:e8:75:48:
         2c:7f:45:ec:8c:d9:c7:28:61:fd:02:15:6a:a6:dd:4d:44:23:
         86:5f:c9:41:31:af:c1:e7:b7:ae:19:78:57:3e:63:00:39:0a:
         bc:ec:53:64:32:14:b6:17:55:a1:33:1a:f8:95:b1:39:ad:7e:
         a5:11:42:3a:af:98:62:c9:0c:9e:8c:45:cb:6c:66:33:55:d6:
         d9:87:70:b8:9c:a8:45:2d:3b:83:a3:1f:64:93:a0:6a:ab:da:
         88:9c:66:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQo+3qsJ+cD8OtlxDTeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MjZkOTBkZWIxMDE2Mjg5ZGMwZWY4YzQ0YjUzNGU5ZmIy
NzFiNWIwHhcNMjQwMTAxMDgzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU2YTE4ODNkNjg1NjY0ZTI1OTUxZTI3MDQ2OTIyNTlkMTA4ZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigFMyn7+s+D3R8SXTct+FGRZd9oZ
Bh3fc78CgY8pB9SZafBn03OIZb0xgYj0DodYD0LPHDz8DA+XfnVVxWl0JAu9ONsx
eBwGG2tsMffrTdeFS80sCPHW545Hf6H7LPutwvVmi7lopbTtKvrlIGKJBn27pShp
MgF1MM3PH43fBnouyhid5m9r0G4+g9a1qrcxxG8K0KD452oPytk1Pq/uXrBxJMAS
Mxoli6swiBbUck+7OZTIQUvPfdtjpu+F6wXSPwV6XsXlDzd+s5+hCsqY0vz6HhR4
lYQu3DrS0nMNi6LhKb4oazR3iCbRXG9aaHo8LdQPZUeYtL+WWqKxeYlabQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXmoYg9aFZk4llR4nBGkiWdEI9gMB8GA1UdIwQY
MBaAFJgm2Q3rEBYoncDvjES1NOn7JxtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUNiWkRlc1FGaWlkd08tTVJMVTA2ZnNuRzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NTM4NDktYmUyZS00MzJmLTg3YTYt
YTY0ZGFkNjdiNzM1LzEvTmVhaGlEMW9WbVRpV1ZIaWNFYVNKWjBRajJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NTM4NDktYmUyZS00MzJmLTg3YTYtYTY0ZGFkNjdiNzM1
LzEvbUNiWkRlc1FGaWlkd08tTVJMVTA2ZnNuRzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRqHMA0G
CSqGSIb3DQEBCwUAA4IBAQCo74kHXkFp2stpSY64RFLvKxNyaf9iwt85XPUoFzKx
6yHR57pbir6A8jJgVRQY4lA+bKD7tzNflntcMPSSvUVMgtNdp5eNY3IUFxwg+bR3
CcSbUzdhvgVTFRqstpdeYLQh7updl4lsBVAA8XqNpPLopK/liyb2qTFNo5wx5AAc
aN9iPlHKI6ad+bCgCcxMC7ecgpRWNI4jGn3zTnOreBTodUgsf0XsjNnHKGH9AhVq
pt1NRCOGX8lBMa/B57euGXhXPmMAOQq87FNkMhS2F1WhMxr4lbE5rX6lEUI6r5hi
yQyejEXLbGYzVdbZh3C4nKhFLTuDox9kk6Bqq9qInGZk
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:09:38 2024 by rpki-client on console-fra.rpki-client.org