Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/3mlS51qRQHmgtRZ06CrzNxtbDn4.roa
File:                     3mlS51qRQHmgtRZ06CrzNxtbDn4.roa (raw, json)
Hash identifier:          OsQLGWOBIynAClP5RQBywSgO9sVlPa9Gv8TWUv8/Q34=
Subject key identifier:   DE:69:52:E7:5A:91:40:79:A0:B5:16:74:E8:2A:F3:37:1B:5B:0E:7E
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018CC56E0F2B0CBD3B9495378FB34F7364AF
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/3mlS51qRQHmgtRZ06CrzNxtbDn4.roa
Signing time:             Mon 01 Jan 2024 14:29:33 +0000
ROA not before:           Mon 01 Jan 2024 14:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43160
IP address blocks:        185.244.229.0/24 maxlen: 24
                          185.244.231.0/24 maxlen: 24
                          185.244.230.0/24 maxlen: 24
                          185.28.51.0/24 maxlen: 24
                          185.231.187.0/24 maxlen: 24
                          185.246.13.0/24 maxlen: 24
                          185.246.15.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:0f:2b:0c:bd:3b:94:95:37:8f:b3:4f:73:64:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 14:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=de6952e75a914079a0b51674e82af3371b5b0e7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:34:63:65:38:e8:22:a9:27:ee:3c:0e:53:1d:
                    94:de:f6:31:cf:3c:c5:b1:c2:13:4f:82:51:50:ff:
                    29:72:d3:be:6a:c4:ab:07:71:0f:02:96:89:e9:29:
                    0e:0e:f2:9f:b9:64:bf:01:98:eb:72:ab:75:1a:45:
                    57:fc:b3:12:bf:c3:73:9e:44:50:aa:aa:3e:24:5d:
                    2a:5a:14:91:1e:2b:19:dc:10:7e:d5:67:fb:71:3a:
                    a7:67:45:be:6d:35:91:c0:3d:35:0c:16:ee:41:c8:
                    52:71:f4:df:64:e5:a7:28:96:dd:66:8e:b8:7b:69:
                    1f:c7:e8:a5:05:fc:b7:b0:9a:66:d2:32:18:97:12:
                    d2:c7:4a:71:4a:3d:71:5c:4e:8b:db:84:df:52:e9:
                    b4:7b:b4:bc:d1:5a:c4:21:b7:08:19:a1:b0:5f:03:
                    3f:85:ed:58:54:9b:66:d4:84:ab:25:0f:dd:e4:2c:
                    87:23:39:5a:14:59:83:b8:0f:7e:05:af:71:4a:c1:
                    20:94:40:f5:b8:fe:4a:07:6c:28:c4:38:a3:fe:a6:
                    f1:e9:72:39:b1:79:44:5b:71:12:34:63:5c:2b:c9:
                    ee:4c:15:87:7b:14:71:83:ba:16:da:96:78:1b:22:
                    11:91:a6:d0:a9:3e:c8:0c:11:f0:da:aa:b9:e2:97:
                    46:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:69:52:E7:5A:91:40:79:A0:B5:16:74:E8:2A:F3:37:1B:5B:0E:7E
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/3mlS51qRQHmgtRZ06CrzNxtbDn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.28.51.0/24
                  185.231.187.0/24
                  185.244.229.0-185.244.231.255
                  185.246.13.0/24
                  185.246.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:8f:23:fc:9d:a9:4d:f0:2b:9f:95:7f:e4:81:65:ce:d1:a5:
         54:74:07:ca:54:20:c4:88:fb:64:02:69:61:1f:2b:77:2a:63:
         f0:ec:c4:10:d6:99:e4:41:2b:27:e1:fe:68:db:78:cd:12:9f:
         aa:0f:72:22:b0:de:51:21:d2:84:25:87:2f:47:00:c5:bb:25:
         a9:a9:77:07:5b:11:8d:ab:75:88:f7:e9:59:d8:e1:8b:56:a6:
         a7:85:33:76:b2:c2:e1:eb:e7:12:55:af:84:48:82:57:bb:ff:
         85:78:a0:29:d8:ed:1c:08:af:56:a2:7e:1e:a9:32:77:a4:f7:
         ba:46:33:7f:15:af:e4:7a:f4:10:b4:31:20:03:c5:5b:c2:c2:
         b6:c5:38:2b:7d:90:e8:37:98:9f:83:07:0a:6c:78:50:46:76:
         e0:09:39:16:45:96:a0:32:aa:bc:c9:d6:bd:69:12:fa:e0:19:
         75:01:a9:ed:6a:b0:fe:bc:5d:b9:a8:3f:6f:c4:33:99:e9:bc:
         73:50:72:0a:dd:e9:70:60:2d:a9:56:9f:e8:fe:ba:7c:79:3e:
         00:96:72:13:bf:7d:0a:c2:73:d7:e1:8b:eb:70:55:53:13:ca:
         bb:bb:66:19:07:96:16:53:f4:f3:79:a8:b0:88:f7:b9:bd:26:
         28:7b:db:72
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzFbg8rDL07lJU3j7NPc2SvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTY5NTJlNzVhOTE0MDc5YTBiNTE2NzRlODJhZjMzNzFiNWIwZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTRjZTjoIqkn7jwOUx2U3vYxzzzF
scITT4JRUP8pctO+asSrB3EPApaJ6SkODvKfuWS/AZjrcqt1GkVX/LMSv8NznkRQ
qqo+JF0qWhSRHisZ3BB+1Wf7cTqnZ0W+bTWRwD01DBbuQchScfTfZOWnKJbdZo64
e2kfx+ilBfy3sJpm0jIYlxLSx0pxSj1xXE6L24TfUum0e7S80VrEIbcIGaGwXwM/
he1YVJtm1ISrJQ/d5CyHIzlaFFmDuA9+Ba9xSsEglED1uP5KB2woxDij/qbx6XI5
sXlEW3ESNGNcK8nuTBWHexRxg7oW2pZ4GyIRkabQqT7IDBHw2qq54pdGywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN5pUudakUB5oLUWdOgq8zcbWw5+MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvM21sUzUxcVJRSG1ndFJaMDZDcnpOeHRiRG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAuRwzAwQA
uee7MAwDBAC59OUDBAO59OADBAC59g0DBAC59g8wDQYJKoZIhvcNAQELBQADggEB
ACOPI/ydqU3wK5+Vf+SBZc7RpVR0B8pUIMSI+2QCaWEfK3cqY/DsxBDWmeRBKyfh
/mjbeM0Sn6oPciKw3lEh0oQlhy9HAMW7JampdwdbEY2rdYj36VnY4YtWpqeFM3ay
wuHr5xJVr4RIgle7/4V4oCnY7RwIr1aifh6pMnek97pGM38Vr+R69BC0MSADxVvC
wrbFOCt9kOg3mJ+DBwpseFBGduAJORZFlqAyqrzJ1r1pEvrgGXUBqe1qsP68Xbmo
P2/EM5npvHNQcgrd6XBgLalWn+j+unx5PgCWchO/fQrCc9fhi+twVVMTyru7ZhkH
lhZT9PN5qLCI97m9Jih723I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:53:09 2024 by rpki-client on console-fra.rpki-client.org