Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/sFtrhPJdlco1bSXcAqqFXO0RN6c.roa
File:                     sFtrhPJdlco1bSXcAqqFXO0RN6c.roa (raw, json)
Hash identifier:          Z3bdRRc0SIeE/TUSuHdvZUK9KSukB1pVeM7ZeU0d+To=
Subject key identifier:   B0:5B:6B:84:F2:5D:95:CA:35:6D:25:DC:02:AA:85:5C:ED:11:37:A7
Certificate issuer:       /CN=92eff6162502ea3b52fd8ca3ae108d13d6bff652
Certificate serial:       018D6A4AB1AB376B056D4A8810F1A47EB3E1
Authority key identifier: 92:EF:F6:16:25:02:EA:3B:52:FD:8C:A3:AE:10:8D:13:D6:BF:F6:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ku_2FiUC6jtS_YyjrhCNE9a_9lI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/sFtrhPJdlco1bSXcAqqFXO0RN6c.roa
Signing time:             Fri 02 Feb 2024 14:48:16 +0000
ROA not before:           Fri 02 Feb 2024 14:48:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60670
IP address blocks:        45.155.108.0/24 maxlen: 24
                          45.155.109.0/24 maxlen: 24
                          45.155.110.0/24 maxlen: 24
                          45.155.111.0/24 maxlen: 24
                          62.68.95.0/24 maxlen: 24
                          185.180.184.0/24 maxlen: 24
                          185.180.185.0/24 maxlen: 24
                          185.180.186.0/24 maxlen: 24
                          185.180.187.0/24 maxlen: 24
                          2a0a:ad80::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/ku_2FiUC6jtS_YyjrhCNE9a_9lI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/ku_2FiUC6jtS_YyjrhCNE9a_9lI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ku_2FiUC6jtS_YyjrhCNE9a_9lI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 16:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6a:4a:b1:ab:37:6b:05:6d:4a:88:10:f1:a4:7e:b3:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92eff6162502ea3b52fd8ca3ae108d13d6bff652
        Validity
            Not Before: Feb  2 14:48:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b05b6b84f25d95ca356d25dc02aa855ced1137a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f2:f3:9c:17:ae:aa:b6:0f:1a:e4:b1:44:71:
                    a2:a2:90:77:58:ec:18:bb:94:3d:e8:cb:f8:89:32:
                    14:7b:e2:66:b1:67:2a:58:41:5b:1b:52:b1:6d:3a:
                    8a:41:92:9e:2d:d3:c8:42:64:47:2f:78:13:9e:ae:
                    90:12:44:49:8a:9a:da:21:f5:79:58:0a:fd:aa:c2:
                    08:94:50:4f:36:02:b3:1d:a4:0e:47:e5:22:fa:5c:
                    4a:14:6e:2f:04:c6:73:19:61:b1:34:ee:7f:13:0f:
                    0b:37:ac:b7:c0:83:61:1c:ab:70:5f:1e:01:e6:1a:
                    31:40:31:f2:65:cf:92:b8:21:b1:22:4e:fd:68:54:
                    6b:b6:45:0e:34:e0:a9:9b:d6:de:64:58:ee:5f:de:
                    f5:43:b5:ed:c2:1a:b0:c8:aa:d0:a6:86:84:e5:04:
                    cf:0a:72:64:9a:27:56:bd:25:fc:2f:17:ff:36:1b:
                    a9:ef:e9:02:e1:0f:c5:eb:e4:37:5a:ae:ce:82:b7:
                    57:85:12:01:79:b8:04:53:ed:14:85:32:5a:3a:2d:
                    d5:1a:3d:97:32:8f:df:97:dc:17:ab:a9:d8:b0:84:
                    05:a6:37:41:71:fe:f1:41:8e:ba:02:1b:11:a9:69:
                    b3:f4:65:ab:21:62:5a:c8:5f:94:c6:eb:e1:00:9e:
                    17:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:5B:6B:84:F2:5D:95:CA:35:6D:25:DC:02:AA:85:5C:ED:11:37:A7
            X509v3 Authority Key Identifier:
                keyid:92:EF:F6:16:25:02:EA:3B:52:FD:8C:A3:AE:10:8D:13:D6:BF:F6:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ku_2FiUC6jtS_YyjrhCNE9a_9lI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/sFtrhPJdlco1bSXcAqqFXO0RN6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/ku_2FiUC6jtS_YyjrhCNE9a_9lI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.108.0/22
                  62.68.95.0/24
                  185.180.184.0/22
                IPv6:
                  2a0a:ad80::/29

    Signature Algorithm: sha256WithRSAEncryption
         02:2d:0e:93:88:94:fd:65:6a:ca:79:2a:43:c2:28:fe:c9:45:
         0b:d0:1e:b3:50:d9:12:91:ae:7d:f5:f0:52:52:71:af:aa:db:
         2e:f3:df:bd:51:a6:17:4f:60:b5:5c:ed:3d:03:67:36:6f:ad:
         2b:17:89:47:28:53:84:82:ff:81:12:38:ea:66:5c:41:84:61:
         7a:fb:57:a7:22:70:18:99:90:85:13:66:20:44:94:3f:a2:3d:
         7c:06:60:d9:14:26:8f:f2:b5:8a:a3:88:ec:f1:2c:22:d5:89:
         58:bd:1c:63:4e:7e:bc:84:3d:57:dd:08:f5:09:3f:ba:17:6c:
         f5:99:2d:76:b2:1e:6e:d1:88:e0:fc:86:5a:93:6e:3b:a6:4d:
         4a:3f:56:14:2f:2f:40:11:c9:c9:f4:4f:fd:3a:ef:46:d8:97:
         62:4c:23:af:dd:3f:62:0f:f0:64:60:a8:c0:47:44:06:13:95:
         45:ea:dd:b2:4e:3e:28:ae:43:08:63:02:81:db:af:2b:5a:b5:
         65:46:5c:cb:37:ff:2b:68:fa:a1:5e:36:b9:e5:82:bf:f8:5f:
         dc:22:88:75:7a:ab:4a:d3:f0:08:b4:b6:1e:0a:20:85:d3:55:
         cc:29:3d:96:08:ac:56:fd:49:c9:58:7e:f9:73:56:4d:a6:00:
         4f:37:5c:8e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1qSrGrN2sFbUqIEPGkfrPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZWZmNjE2MjUwMmVhM2I1MmZkOGNhM2FlMTA4ZDEzZDZi
ZmY2NTIwHhcNMjQwMjAyMTQ0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDViNmI4NGYyNWQ5NWNhMzU2ZDI1ZGMwMmFhODU1Y2VkMTEzN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPLznBeuqrYPGuSxRHGiopB3WOwY
u5Q96Mv4iTIUe+JmsWcqWEFbG1KxbTqKQZKeLdPIQmRHL3gTnq6QEkRJipraIfV5
WAr9qsIIlFBPNgKzHaQOR+Ui+lxKFG4vBMZzGWGxNO5/Ew8LN6y3wINhHKtwXx4B
5hoxQDHyZc+SuCGxIk79aFRrtkUONOCpm9beZFjuX971Q7XtwhqwyKrQpoaE5QTP
CnJkmidWvSX8Lxf/Nhup7+kC4Q/F6+Q3Wq7OgrdXhRIBebgEU+0UhTJaOi3VGj2X
Mo/fl9wXq6nYsIQFpjdBcf7xQY66AhsRqWmz9GWrIWJayF+UxuvhAJ4XjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLBba4TyXZXKNW0l3AKqhVztETenMB8GA1UdIwQY
MBaAFJLv9hYlAuo7Uv2Mo64QjRPWv/ZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VfMkZpVUM2anRTX1l5anJoQ05FOWFfOWxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTQzYTAtY2NhYi00MjYwLWJkNTEt
YWZlODlhYWNjNDkyLzEvc0Z0cmhQSmRsY28xYlNYY0FxcUZYTzBSTjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTQzYTAtY2NhYi00MjYwLWJkNTEtYWZlODlhYWNjNDky
LzEva3VfMkZpVUM2anRTX1l5anJoQ05FOWFfOWxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZtsAwQA
PkRfAwQCubS4MA0EAgACMAcDBQMqCq2AMA0GCSqGSIb3DQEBCwUAA4IBAQACLQ6T
iJT9ZWrKeSpDwij+yUUL0B6zUNkSka599fBSUnGvqtsu89+9UaYXT2C1XO09A2c2
b60rF4lHKFOEgv+BEjjqZlxBhGF6+1enInAYmZCFE2YgRJQ/oj18BmDZFCaP8rWK
o4js8Swi1YlYvRxjTn68hD1X3Qj1CT+6F2z1mS12sh5u0Yjg/IZak247pk1KP1YU
Ly9AEcnJ9E/9Ou9G2JdiTCOv3T9iD/BkYKjAR0QGE5VF6t2yTj4orkMIYwKB268r
WrVlRlzLN/8raPqhXja55YK/+F/cIoh1eqtK0/AItLYeCiCF01XMKT2WCKxW/UnJ
WH75c1ZNpgBPN1yO
-----END CERTIFICATE-----
Generated at Sun Jun 16 19:48:49 2024 by rpki-client on console-fra.rpki-client.org