Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/0TtBUb8fAjpTR00xfwE2DLSL7eM.roa
File:                     0TtBUb8fAjpTR00xfwE2DLSL7eM.roa (raw, json)
Hash identifier:          oTEx/1SMgd8cV5v+L+E3c5aNKeW4iJwi4bwmw4n2DCs=
Subject key identifier:   D1:3B:41:51:BF:1F:02:3A:53:47:4D:31:7F:01:36:0C:B4:8B:ED:E3
Certificate issuer:       /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial:       018E0D9DAEB86A109960E6450FABE3CEA509
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/0TtBUb8fAjpTR00xfwE2DLSL7eM.roa
Signing time:             Tue 05 Mar 2024 07:57:01 +0000
ROA not before:           Tue 05 Mar 2024 07:57:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1299
IP address blocks:        46.16.192.0/21 maxlen: 24
                          85.118.192.0/21 maxlen: 24
                          87.120.72.0/24 maxlen: 24
                          87.120.73.0/24 maxlen: 24
                          87.120.74.0/24 maxlen: 24
                          87.120.75.0/24 maxlen: 24
                          87.120.76.0/24 maxlen: 24
                          87.120.77.0/24 maxlen: 24
                          87.120.78.0/24 maxlen: 24
                          87.120.79.0/24 maxlen: 24
                          91.92.8.0/24 maxlen: 24
                          91.92.9.0/24 maxlen: 24
                          91.92.10.0/24 maxlen: 24
                          91.92.11.0/24 maxlen: 24
                          91.92.12.0/24 maxlen: 24
                          91.92.13.0/24 maxlen: 24
                          91.92.14.0/24 maxlen: 24
                          91.92.15.0/24 maxlen: 24
                          93.123.88.0/24 maxlen: 24
                          93.123.89.0/24 maxlen: 24
                          93.123.90.0/24 maxlen: 24
                          93.123.91.0/24 maxlen: 24
                          93.123.92.0/24 maxlen: 24
                          93.123.93.0/24 maxlen: 24
                          93.123.94.0/24 maxlen: 24
                          93.123.95.0/24 maxlen: 24
                          94.156.136.0/24 maxlen: 24
                          94.156.137.0/24 maxlen: 24
                          94.156.138.0/24 maxlen: 24
                          94.156.139.0/24 maxlen: 24
                          94.156.140.0/24 maxlen: 24
                          94.156.141.0/24 maxlen: 24
                          94.156.142.0/24 maxlen: 24
                          94.156.143.0/24 maxlen: 24
                          149.62.192.0/18 maxlen: 24
                          185.201.36.0/22 maxlen: 24
                          193.104.79.0/24 maxlen: 24
                          193.193.171.0/24 maxlen: 24
                          193.193.182.0/24 maxlen: 24
                          193.194.147.0/24 maxlen: 24
                          193.194.155.0/24 maxlen: 24
                          194.147.223.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0d:9d:ae:b8:6a:10:99:60:e6:45:0f:ab:e3:ce:a5:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
        Validity
            Not Before: Mar  5 07:57:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d13b4151bf1f023a53474d317f01360cb48bede3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:bc:56:f6:b8:9f:23:41:f7:94:6c:b0:6a:26:
                    34:c9:15:0d:8d:93:ce:9b:84:7a:ef:c1:97:ed:98:
                    eb:c7:e3:d2:5a:99:8d:a4:75:4a:51:7c:10:0b:25:
                    cb:14:4d:5d:87:c1:2d:fa:09:44:b5:a4:d2:cd:b9:
                    f2:fa:35:88:5e:34:c1:36:fc:94:78:f9:0f:99:9c:
                    8a:d0:65:18:ec:60:65:a3:5b:eb:0a:4f:28:f6:4b:
                    2e:c7:8b:98:78:9c:42:34:d4:35:3b:28:79:3c:90:
                    00:1c:c1:8e:c2:90:0d:e1:dc:ae:6c:7f:4c:3d:a1:
                    7b:f8:c3:f5:43:4a:38:db:52:d5:45:93:54:3d:ff:
                    bc:12:33:32:7e:1a:79:d2:40:69:89:cc:fb:25:1b:
                    2f:d9:bb:4f:34:07:37:0f:b8:3a:29:0f:59:47:36:
                    32:3a:1a:57:6e:4b:18:61:ca:f5:b5:d5:4d:ce:d5:
                    04:d4:47:ce:cb:61:23:a9:a2:59:7b:1c:02:e7:16:
                    cc:95:71:5b:8c:59:09:07:49:9f:86:22:22:11:77:
                    40:61:db:ba:16:b8:fa:db:6e:af:e3:c5:aa:a1:a6:
                    59:6f:43:43:29:9b:f1:05:12:6e:e0:87:10:7f:d1:
                    69:ae:1f:0e:77:a8:55:98:f6:1d:a3:0e:82:61:7a:
                    f3:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:3B:41:51:BF:1F:02:3A:53:47:4D:31:7F:01:36:0C:B4:8B:ED:E3
            X509v3 Authority Key Identifier:
                keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/0TtBUb8fAjpTR00xfwE2DLSL7eM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.16.192.0/21
                  85.118.192.0/21
                  87.120.72.0/21
                  91.92.8.0/21
                  93.123.88.0/21
                  94.156.136.0/21
                  149.62.192.0/18
                  185.201.36.0/22
                  193.104.79.0/24
                  193.193.171.0/24
                  193.193.182.0/24
                  193.194.147.0/24
                  193.194.155.0/24
                  194.147.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:15:df:2f:7b:59:12:8f:2a:6d:99:b2:e0:d3:26:bc:f7:a4:
         0c:a9:9f:06:fb:64:c2:74:14:8d:69:76:2f:67:ee:7e:12:69:
         c2:93:b9:3b:9a:bd:7c:2e:65:c7:1c:d7:ac:7a:bb:fd:fa:2b:
         40:b9:a4:c7:44:64:f0:49:77:4e:13:5c:62:0d:56:c8:cc:d9:
         2e:32:3c:38:82:39:79:b3:36:e1:76:8a:56:5f:dd:bd:1d:f2:
         a3:ea:1b:d5:78:7d:fb:f5:35:be:71:23:b1:a4:65:0f:2d:e3:
         b1:38:e3:03:91:4a:c1:b5:c1:e0:33:06:61:a1:49:5e:52:a7:
         19:73:e7:9e:de:41:56:69:6f:1e:1c:84:d2:11:59:46:ed:41:
         d1:f7:b7:a1:77:87:23:eb:8e:64:35:d2:da:52:39:47:ea:ea:
         21:4b:d5:f7:8c:9b:2a:0e:47:c3:92:5e:61:14:34:7a:bf:14:
         89:70:9a:01:ce:e0:ea:be:ca:f2:8b:f0:d4:47:4f:89:3e:80:
         90:53:a0:0f:f3:66:d5:f9:15:b3:b1:be:0d:9f:5b:61:eb:ce:
         84:38:c4:25:5e:98:db:a5:9b:e2:6e:c3:af:b9:35:e1:f8:69:
         b9:af:bc:57:6c:88:9c:76:36:14:59:96:58:b8:d8:33:1d:e2:
         04:56:5c:4e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY4Nna64ahCZYOZFD6vjzqUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjQwMzA1MDc1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNiNDE1MWJmMWYwMjNhNTM0NzRkMzE3ZjAxMzYwY2I0OGJlZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrxW9rifI0H3lGywaiY0yRUNjZPO
m4R678GX7Zjrx+PSWpmNpHVKUXwQCyXLFE1dh8Et+glEtaTSzbny+jWIXjTBNvyU
ePkPmZyK0GUY7GBlo1vrCk8o9ksux4uYeJxCNNQ1Oyh5PJAAHMGOwpAN4dyubH9M
PaF7+MP1Q0o421LVRZNUPf+8EjMyfhp50kBpicz7JRsv2btPNAc3D7g6KQ9ZRzYy
OhpXbksYYcr1tdVNztUE1EfOy2EjqaJZexwC5xbMlXFbjFkJB0mfhiIiEXdAYdu6
Frj6226v48WqoaZZb0NDKZvxBRJu4IcQf9Fprh8Od6hVmPYdow6CYXrzQQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNE7QVG/HwI6U0dNMX8BNgy0i+3jMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvMFR0QlViOGZBanBUUjAweGZ3RTJETFNMN2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQDLhDAAwQD
VXbAAwQDV3hIAwQDW1wIAwQDXXtYAwQDXpyIAwQGlT7AAwQCuckkAwQAwWhPAwQA
wcGrAwQAwcG2AwQAwcKTAwQAwcKbAwQAwpPfMA0GCSqGSIb3DQEBCwUAA4IBAQDK
Fd8ve1kSjyptmbLg0ya896QMqZ8G+2TCdBSNaXYvZ+5+EmnCk7k7mr18LmXHHNes
erv9+itAuaTHRGTwSXdOE1xiDVbIzNkuMjw4gjl5szbhdopWX929HfKj6hvVeH37
9TW+cSOxpGUPLeOxOOMDkUrBtcHgMwZhoUleUqcZc+ee3kFWaW8eHITSEVlG7UHR
97ehd4cj645kNdLaUjlH6uohS9X3jJsqDkfDkl5hFDR6vxSJcJoBzuDqvsryi/DU
R0+JPoCQU6AP82bV+RWzsb4Nn1th686EOMQlXpjbpZvibsOvuTXh+Gm5r7xXbIic
djYUWZZYuNgzHeIEVlxO
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:30:20 2024 by rpki-client on console-ams.rpki-client.org