Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/1ALR0hi1VYmVYauVmxC1s7ZSdVw.roa
File:                     1ALR0hi1VYmVYauVmxC1s7ZSdVw.roa (raw, json)
Hash identifier:          LQvTReE9Kilp88mvV3z0W8zBrVDVUBTkV75n7kQbexs=
Subject key identifier:   D4:02:D1:D2:18:B5:55:89:95:61:AB:95:9B:10:B5:B3:B6:52:75:5C
Certificate issuer:       /CN=380b283a0513940d520a680b8b3d14dbc367770d
Certificate serial:       018CC49396DB911CE5E31DFBF2E2C6662BA8
Authority key identifier: 38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/1ALR0hi1VYmVYauVmxC1s7ZSdVw.roa
Signing time:             Mon 01 Jan 2024 10:30:55 +0000
ROA not before:           Mon 01 Jan 2024 10:30:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201723
IP address blocks:        185.54.95.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/OAsoOgUTlA1SCmgLiz0U28Nndw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/OAsoOgUTlA1SCmgLiz0U28Nndw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:96:db:91:1c:e5:e3:1d:fb:f2:e2:c6:66:2b:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380b283a0513940d520a680b8b3d14dbc367770d
        Validity
            Not Before: Jan  1 10:30:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d402d1d218b555899561ab959b10b5b3b652755c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:b9:12:92:4f:39:2f:47:10:49:86:af:53:b4:
                    29:9c:00:2d:72:9d:b6:b8:5b:8d:b8:39:36:5c:da:
                    15:92:67:6c:9a:dd:59:b4:bc:25:32:30:0f:ee:d4:
                    dc:2c:8e:4b:05:ec:c6:b4:1a:bf:d3:bb:fd:3b:60:
                    30:67:c3:91:a5:cc:2d:2e:aa:1c:ed:1d:79:96:74:
                    66:e1:64:df:69:78:46:3d:e8:71:7e:ea:df:1c:56:
                    0f:d7:de:ea:fb:11:24:47:c9:25:1b:cf:b3:b2:2c:
                    70:f4:6b:00:65:1d:57:68:3f:40:ab:87:df:3d:58:
                    8f:49:f9:b9:46:26:ff:c0:c0:b6:17:b3:72:f0:df:
                    16:f0:b9:4e:c8:2e:15:c1:2d:ed:ac:67:f0:9c:f8:
                    69:5b:a2:bd:72:f4:5b:46:69:44:c3:da:7f:ab:e7:
                    4d:d1:2e:76:e7:ad:57:3a:e2:56:8c:89:6e:71:67:
                    e0:65:d8:76:93:e7:8e:ff:1c:d4:be:04:62:a1:36:
                    3d:d6:07:3d:b7:10:37:33:5b:06:f1:f2:fb:9b:cb:
                    46:07:68:a0:6b:a4:74:6f:7b:56:02:71:be:8a:ba:
                    ec:f5:8a:3a:de:f8:03:d7:34:a7:c5:be:80:a2:ce:
                    37:e0:73:63:97:cc:6a:a6:2a:5e:ca:4d:35:25:e6:
                    00:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:02:D1:D2:18:B5:55:89:95:61:AB:95:9B:10:B5:B3:B6:52:75:5C
            X509v3 Authority Key Identifier:
                keyid:38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/1ALR0hi1VYmVYauVmxC1s7ZSdVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/OAsoOgUTlA1SCmgLiz0U28Nndw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:5e:1f:f3:27:0f:e9:4a:6f:2b:66:6a:08:ac:ec:6a:3e:fd:
         0b:dd:c9:c0:b9:ca:76:00:c3:f0:be:49:8b:0a:bd:5a:66:f4:
         4f:d0:6a:1e:90:40:91:62:24:48:bd:09:75:a0:50:de:4c:f4:
         06:4d:0d:70:a3:7f:20:d6:7d:db:8d:79:42:1b:48:27:65:98:
         0c:23:18:57:dd:93:13:28:95:c5:aa:18:9a:64:d6:a0:72:4d:
         a8:30:59:20:e1:c4:89:45:68:db:a5:a1:e2:51:8d:3b:b7:af:
         f5:27:09:32:9f:4f:bb:45:e0:88:2f:89:4c:07:6c:69:0c:d4:
         3c:61:ec:04:53:3b:9e:36:75:ed:06:79:7a:60:f0:f6:cb:09:
         93:81:4b:e1:40:f4:7d:bc:59:8f:1f:ae:55:0f:c6:54:27:fc:
         9c:9a:2c:d5:e8:10:5a:5f:9d:78:33:02:9d:9a:18:d7:69:54:
         5e:80:b4:c7:d0:21:7b:14:5c:41:6d:48:10:a4:f7:29:cf:14:
         8c:8b:9d:eb:73:74:ef:b1:5a:7a:fe:45:d4:12:92:38:c9:43:
         23:6b:2f:98:f9:f8:d8:13:56:ae:8e:a5:cc:ed:51:62:6c:b8:
         a8:ce:23:95:72:38:97:68:4b:c7:8f:77:46:62:64:77:7e:cf:
         28:de:9c:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5bbkRzl4x378uLGZiuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGIyODNhMDUxMzk0MGQ1MjBhNjgwYjhiM2QxNGRiYzM2
Nzc3MGQwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDAyZDFkMjE4YjU1NTg5OTU2MWFiOTU5YjEwYjViM2I2NTI3NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbkSkk85L0cQSYavU7QpnAAtcp22
uFuNuDk2XNoVkmdsmt1ZtLwlMjAP7tTcLI5LBezGtBq/07v9O2AwZ8ORpcwtLqoc
7R15lnRm4WTfaXhGPehxfurfHFYP197q+xEkR8klG8+zsixw9GsAZR1XaD9Aq4ff
PViPSfm5Rib/wMC2F7Ny8N8W8LlOyC4VwS3trGfwnPhpW6K9cvRbRmlEw9p/q+dN
0S52561XOuJWjIlucWfgZdh2k+eO/xzUvgRioTY91gc9txA3M1sG8fL7m8tGB2ig
a6R0b3tWAnG+irrs9Yo63vgD1zSnxb6Aos434HNjl8xqpipeyk01JeYALwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQC0dIYtVWJlWGrlZsQtbO2UnVcMB8GA1UdIwQY
MBaAFDgLKDoFE5QNUgpoC4s9FNvDZ3cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEt
Y2NmNjQ1NGJiMjRjLzEvMUFMUjBoaTFWWW1WWWF1Vm14QzFzN1pTZFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEtY2NmNjQ1NGJiMjRj
LzEvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTZfMA0G
CSqGSIb3DQEBCwUAA4IBAQBOXh/zJw/pSm8rZmoIrOxqPv0L3cnAucp2AMPwvkmL
Cr1aZvRP0GoekECRYiRIvQl1oFDeTPQGTQ1wo38g1n3bjXlCG0gnZZgMIxhX3ZMT
KJXFqhiaZNagck2oMFkg4cSJRWjbpaHiUY07t6/1Jwkyn0+7ReCIL4lMB2xpDNQ8
YewEUzueNnXtBnl6YPD2ywmTgUvhQPR9vFmPH65VD8ZUJ/ycmizV6BBaX514MwKd
mhjXaVRegLTH0CF7FFxBbUgQpPcpzxSMi53rc3TvsVp6/kXUEpI4yUMjay+Y+fjY
E1aujqXM7VFibLioziOVcjiXaEvHj3dGYmR3fs8o3pyE
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:36:56 2024 by rpki-client on console-ams.rpki-client.org