Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa
File:                     Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa (raw, json)
Hash identifier:          Vm6gEcAMPfxaiYr6nJ4B7+74KQBTRq8x4yX49QGV7E0=
Subject key identifier:   55:EE:EA:4D:27:D2:BB:25:33:0B:72:9A:D4:C7:59:87:49:3F:D9:5A
Certificate issuer:       /CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Certificate serial:       018CC5DC2AF7DFB06F30492B4B169BD7A4BB
Authority key identifier: 90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa
Signing time:             Mon 01 Jan 2024 16:29:49 +0000
ROA not before:           Mon 01 Jan 2024 16:29:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60157
IP address blocks:        185.54.171.0/24 maxlen: 24
                          185.54.168.0/24 maxlen: 24
                          185.54.168.0/22 maxlen: 22
                          185.54.168.0/23 maxlen: 23
                          185.54.170.0/24 maxlen: 24
                          185.54.169.0/24 maxlen: 24
                          2a02:4560::/32 maxlen: 32
                          2a02:4560::/48 maxlen: 48
                          2a02:4560:3::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:2a:f7:df:b0:6f:30:49:2b:4b:16:9b:d7:a4:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
        Validity
            Not Before: Jan  1 16:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=55eeea4d27d2bb25330b729ad4c75987493fd95a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:4b:24:68:2d:76:3e:d8:fd:98:87:e4:c9:0b:
                    97:cd:f8:c9:90:be:42:cc:5f:10:bd:ba:14:2d:96:
                    64:7e:9c:73:8b:29:4b:2f:fc:d3:70:66:3b:f6:54:
                    ab:25:3e:3c:42:79:f2:e0:8f:d4:bc:9d:d7:26:e3:
                    5d:8a:74:4b:d5:36:23:53:5c:ed:de:a8:07:17:fe:
                    14:ec:27:8d:ca:e0:9a:b1:75:2c:17:31:d7:c4:0f:
                    bf:85:c0:b3:2f:dc:29:55:f1:f7:ff:c1:80:f7:5e:
                    31:36:4e:a2:e3:21:45:47:70:aa:32:25:ae:f7:f7:
                    50:2a:8a:4d:a9:f8:18:03:f9:64:ed:dd:ac:af:da:
                    02:e5:7a:8d:ef:ec:a6:d3:a3:50:74:7d:16:a6:b3:
                    76:3e:7b:ed:71:ac:0c:6d:dd:c6:02:6f:6c:62:01:
                    fc:6f:4c:83:99:b6:14:15:5b:a3:29:99:42:ea:9d:
                    de:54:2c:f1:19:47:f4:9b:3f:d9:b5:71:00:20:39:
                    15:9f:a8:67:de:45:d1:1f:19:4c:6d:7a:2a:3b:fb:
                    df:f4:9f:b5:da:63:d1:2f:63:b0:13:68:0b:28:3f:
                    f1:b2:95:b8:54:b7:8a:c8:a6:07:e9:86:0f:a9:e1:
                    32:a8:4a:40:3d:e0:dc:2f:4f:37:74:1a:a6:9a:89:
                    00:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:EE:EA:4D:27:D2:BB:25:33:0B:72:9A:D4:C7:59:87:49:3F:D9:5A
            X509v3 Authority Key Identifier:
                keyid:90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.168.0/22
                IPv6:
                  2a02:4560::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:88:8e:50:5d:39:1f:65:7d:34:21:f9:d6:a9:01:b2:30:90:
         ea:bf:08:e1:e2:e8:77:17:5b:df:93:e8:36:10:2e:83:cf:96:
         3d:74:17:54:14:32:1c:16:4e:e0:73:e8:2d:d4:c9:dd:24:59:
         b5:f2:7b:ec:5a:37:c9:61:a4:70:4a:75:55:dc:1e:8a:89:de:
         ba:e1:78:25:7a:52:83:87:39:83:fa:b2:22:fc:7a:53:97:1d:
         63:4f:b6:6f:b5:49:d0:44:dd:24:69:cb:8b:a5:c2:69:b2:e6:
         d6:9a:6b:13:0b:e3:e3:f0:99:2a:4d:e1:bb:62:7b:cf:38:62:
         7a:22:11:4f:33:d9:b3:f3:b7:18:97:ee:55:51:0e:81:d5:ad:
         ee:76:8e:d6:7e:13:59:f3:5f:e2:1a:ee:e9:4a:b4:f9:22:03:
         f5:fc:63:1e:85:67:de:14:e3:aa:23:70:e8:8f:34:36:65:06:
         28:13:34:89:d5:95:5e:c6:29:98:43:72:bd:73:8d:8a:85:73:
         7a:7e:ce:c9:53:54:63:9a:e4:5a:ec:4c:0d:70:26:25:df:b2:
         2f:1c:53:db:b2:82:95:ce:d7:83:06:7b:e2:a3:e2:12:cc:93:
         f2:93:61:18:2b:32:d5:c5:a6:2f:88:97:ed:58:f2:f2:14:89:
         d4:79:80:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3Cr337BvMEkrSxab16S7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYTA2NWVlZjQwZGMwMTZhMWJlN2YyOGQ2ZTY2Y2E3YTg3
ZTdmZTUwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWVlZWE0ZDI3ZDJiYjI1MzMwYjcyOWFkNGM3NTk4NzQ5M2ZkOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kskaC12Ptj9mIfkyQuXzfjJkL5C
zF8QvboULZZkfpxziylLL/zTcGY79lSrJT48Qnny4I/UvJ3XJuNdinRL1TYjU1zt
3qgHF/4U7CeNyuCasXUsFzHXxA+/hcCzL9wpVfH3/8GA914xNk6i4yFFR3CqMiWu
9/dQKopNqfgYA/lk7d2sr9oC5XqN7+ym06NQdH0WprN2PnvtcawMbd3GAm9sYgH8
b0yDmbYUFVujKZlC6p3eVCzxGUf0mz/ZtXEAIDkVn6hn3kXRHxlMbXoqO/vf9J+1
2mPRL2OwE2gLKD/xspW4VLeKyKYH6YYPqeEyqEpAPeDcL083dBqmmokA1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFXu6k0n0rslMwtymtTHWYdJP9laMB8GA1UdIwQY
MBaAFJCgZe70DcAWob5/KNbmbKeofn/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tCbDd2UU53QmFodm44bzF1WnNwNmgtZi1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NjhhYTItMGI0NC00Y2Y0LWI5ODQt
OTI0Y2RmMjc2ZDhkLzEvVmU3cVRTZlN1eVV6QzNLYTFNZFpoMGtfMlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83NjhhYTItMGI0NC00Y2Y0LWI5ODQtOTI0Y2RmMjc2ZDhk
LzEva0tCbDd2UU53QmFodm44bzF1WnNwNmgtZi1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTaoMA0E
AgACMAcDBQAqAkVgMA0GCSqGSIb3DQEBCwUAA4IBAQCuiI5QXTkfZX00IfnWqQGy
MJDqvwjh4uh3F1vfk+g2EC6Dz5Y9dBdUFDIcFk7gc+gt1MndJFm18nvsWjfJYaRw
SnVV3B6Kid664XglelKDhzmD+rIi/HpTlx1jT7ZvtUnQRN0kacuLpcJpsubWmmsT
C+Pj8JkqTeG7YnvPOGJ6IhFPM9mz87cYl+5VUQ6B1a3udo7WfhNZ81/iGu7pSrT5
IgP1/GMehWfeFOOqI3DojzQ2ZQYoEzSJ1ZVeximYQ3K9c42KhXN6fs7JU1RjmuRa
7EwNcCYl37IvHFPbsoKVzteDBnvio+ISzJPyk2EYKzLVxaYviJftWPLyFInUeYCZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:46:25 2024 by rpki-client on console-fra.rpki-client.org