Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/wmkj68FY9JsHkY6HPMNXlB51wSs.roa
File:                     wmkj68FY9JsHkY6HPMNXlB51wSs.roa (raw, json)
Hash identifier:          n9nwfqPBuj5RHAZVDiDky/Rq+rAdypH7fVClLUKTK8g=
Subject key identifier:   C2:69:23:EB:C1:58:F4:9B:07:91:8E:87:3C:C3:57:94:1E:75:C1:2B
Certificate issuer:       /CN=6b7d1f1e877c12798274e01334554f899f38eac1
Certificate serial:       018CC86F0EE0F72090360391B1993ECED9ED
Authority key identifier: 6B:7D:1F:1E:87:7C:12:79:82:74:E0:13:34:55:4F:89:9F:38:EA:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/wmkj68FY9JsHkY6HPMNXlB51wSs.roa
Signing time:             Tue 02 Jan 2024 04:29:30 +0000
ROA not before:           Tue 02 Jan 2024 04:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204300
IP address blocks:        185.21.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/a30fHod8EnmCdOATNFVPiZ846sE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/a30fHod8EnmCdOATNFVPiZ846sE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:0e:e0:f7:20:90:36:03:91:b1:99:3e:ce:d9:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7d1f1e877c12798274e01334554f899f38eac1
        Validity
            Not Before: Jan  2 04:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c26923ebc158f49b07918e873cc357941e75c12b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c4:0a:12:2f:64:45:c0:82:5e:5a:2f:13:36:
                    b2:39:eb:6e:24:b3:8b:3f:0e:76:c0:90:9d:c8:7e:
                    ec:15:ec:f3:12:1e:41:87:2c:85:a3:35:dc:f1:1d:
                    dc:11:d4:78:5f:cd:98:8f:2f:21:8c:84:5e:03:3e:
                    b6:9c:dd:af:ad:77:6c:39:a9:a2:80:bc:67:8c:31:
                    fa:60:ec:7d:06:26:a3:d0:22:48:eb:7c:5b:63:f7:
                    c2:e5:4b:80:73:ef:52:3d:e3:76:85:e9:e4:cc:84:
                    7a:05:ef:c9:44:56:4c:5d:2a:06:9c:3f:9e:7e:15:
                    d1:24:d8:e3:e0:4b:88:90:1c:78:fa:26:2a:93:41:
                    60:c7:53:c0:ae:8a:4b:1a:5b:b4:dd:b8:d2:3e:6d:
                    c3:1c:4a:6e:5b:47:30:08:6e:00:e9:1a:49:4d:07:
                    9c:b6:55:be:92:f8:a0:f1:45:4a:99:5d:15:b8:11:
                    6b:5a:c9:37:5e:87:28:35:e0:03:c0:9c:26:d7:42:
                    94:56:e5:cf:90:8a:c5:8d:d5:8b:46:49:17:41:28:
                    70:3b:0f:72:f6:04:86:3d:23:7f:7f:3b:55:57:32:
                    84:11:d8:a7:51:6f:27:15:c6:ea:25:00:11:45:6e:
                    6b:94:36:d5:e5:5f:aa:e7:1e:16:7f:c3:50:61:ea:
                    39:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:69:23:EB:C1:58:F4:9B:07:91:8E:87:3C:C3:57:94:1E:75:C1:2B
            X509v3 Authority Key Identifier:
                keyid:6B:7D:1F:1E:87:7C:12:79:82:74:E0:13:34:55:4F:89:9F:38:EA:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/wmkj68FY9JsHkY6HPMNXlB51wSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/a30fHod8EnmCdOATNFVPiZ846sE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.21.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:06:93:47:16:aa:0a:5b:d3:5d:ca:75:c0:fa:bf:49:2d:6d:
         70:68:73:9f:41:c1:15:b6:d4:54:bb:48:3e:17:b0:df:23:bc:
         be:77:6d:ac:fc:cd:ff:27:30:bd:b8:41:3a:69:a6:de:ef:d4:
         a1:73:03:76:0f:05:0a:f5:99:3c:23:4e:f1:df:dd:ed:a1:b1:
         fe:88:86:66:88:0d:77:1f:56:fe:59:8a:77:a9:73:cc:f7:b0:
         7d:17:b7:9f:ed:b5:18:e5:c0:ec:86:f4:14:06:01:c8:73:2c:
         28:8f:14:e2:19:98:e1:1d:ad:d1:84:ff:6a:3d:37:f8:2d:d5:
         6e:75:7e:4a:0d:57:5b:f9:1a:6f:da:2b:3a:94:51:e7:9c:83:
         e4:ba:1b:b9:51:94:be:6b:bc:75:97:8d:1f:67:06:1c:60:82:
         2e:32:3f:b5:2f:06:1a:8c:cc:7b:35:00:bf:60:18:b8:f8:bf:
         5c:b2:69:ab:d5:17:ff:ea:cb:1b:59:bd:e9:d2:bb:e6:13:cb:
         4c:39:7c:2c:71:d7:4f:98:c7:23:47:f1:62:94:87:60:48:35:
         96:c0:14:1b:9c:cd:a4:83:09:4b:db:d4:4a:e4:0e:17:23:fb:
         5c:21:9a:1a:6d:f7:6d:34:fb:0c:9d:27:21:e5:e9:47:12:90:
         85:f9:1e:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbw7g9yCQNgORsZk+ztntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2QxZjFlODc3YzEyNzk4Mjc0ZTAxMzM0NTU0Zjg5OWYz
OGVhYzEwHhcNMjQwMTAyMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY5MjNlYmMxNThmNDliMDc5MThlODczY2MzNTc5NDFlNzVjMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8QKEi9kRcCCXlovEzayOetuJLOL
Pw52wJCdyH7sFezzEh5BhyyFozXc8R3cEdR4X82Yjy8hjIReAz62nN2vrXdsOami
gLxnjDH6YOx9Biaj0CJI63xbY/fC5UuAc+9SPeN2henkzIR6Be/JRFZMXSoGnD+e
fhXRJNjj4EuIkBx4+iYqk0Fgx1PAropLGlu03bjSPm3DHEpuW0cwCG4A6RpJTQec
tlW+kvig8UVKmV0VuBFrWsk3XocoNeADwJwm10KUVuXPkIrFjdWLRkkXQShwOw9y
9gSGPSN/fztVVzKEEdinUW8nFcbqJQARRW5rlDbV5V+q5x4Wf8NQYeo5DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJpI+vBWPSbB5GOhzzDV5QedcErMB8GA1UdIwQY
MBaAFGt9Hx6HfBJ5gnTgEzRVT4mfOOrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTMwZkhvZDhFbm1DZE9BVE5GVlBpWjg0NnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9hMTNjNDAtZGM2Ny00MjNjLTk3OWUt
MmZhZDlhMmZjM2VmLzEvd21rajY4Rlk5SnNIa1k2SFBNTlhsQjUxd1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9hMTNjNDAtZGM2Ny00MjNjLTk3OWUtMmZhZDlhMmZjM2Vm
LzEvYTMwZkhvZDhFbm1DZE9BVE5GVlBpWjg0NnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRWAMA0G
CSqGSIb3DQEBCwUAA4IBAQBPBpNHFqoKW9NdynXA+r9JLW1waHOfQcEVttRUu0g+
F7DfI7y+d22s/M3/JzC9uEE6aabe79ShcwN2DwUK9Zk8I07x393tobH+iIZmiA13
H1b+WYp3qXPM97B9F7ef7bUY5cDshvQUBgHIcywojxTiGZjhHa3RhP9qPTf4LdVu
dX5KDVdb+Rpv2is6lFHnnIPkuhu5UZS+a7x1l40fZwYcYIIuMj+1LwYajMx7NQC/
YBi4+L9csmmr1Rf/6ssbWb3p0rvmE8tMOXwscddPmMcjR/FilIdgSDWWwBQbnM2k
gwlL29RK5A4XI/tcIZoabfdtNPsMnSch5elHEpCF+R4T
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:30:55 2024 by rpki-client on console-fra.rpki-client.org