Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/JtR9nCi6Yshbx4pICUy7zqHn9GI.roa
File:                     JtR9nCi6Yshbx4pICUy7zqHn9GI.roa (raw, json)
Hash identifier:          kxCXtYQCX1Usi2DJUsD7pe9ArRt69gV4nLEvxYab4xA=
Subject key identifier:   26:D4:7D:9C:28:BA:62:C8:5B:C7:8A:48:09:4C:BB:CE:A1:E7:F4:62
Certificate issuer:       /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial:       018CC2DAEDFE5CBB04F7D4AB06937E75C667
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/JtR9nCi6Yshbx4pICUy7zqHn9GI.roa
Signing time:             Mon 01 Jan 2024 02:29:36 +0000
ROA not before:           Mon 01 Jan 2024 02:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43160
IP address blocks:        185.240.164.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:ed:fe:5c:bb:04:f7:d4:ab:06:93:7e:75:c6:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
        Validity
            Not Before: Jan  1 02:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=26d47d9c28ba62c85bc78a48094cbbcea1e7f462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:eb:b5:c0:e2:df:3a:f7:19:a5:54:a4:9f:4c:
                    45:0b:ce:bb:23:b1:de:41:eb:0d:db:e7:a0:a4:a7:
                    a1:78:e5:b0:76:08:b9:55:b8:8a:f6:ea:a7:0c:df:
                    2d:97:2e:88:4d:84:e1:d9:12:b7:d2:54:ae:75:31:
                    f9:52:8c:39:12:22:48:1d:ad:77:cb:b2:d7:ef:e1:
                    44:57:4a:df:0e:12:bf:de:9d:98:b3:32:da:3a:df:
                    b8:c3:0a:28:ee:b3:dd:27:f3:90:a0:26:10:eb:4e:
                    fb:f3:de:b5:1b:fa:a0:53:04:9d:62:61:98:ee:86:
                    ed:1c:3b:9a:a1:31:10:65:44:04:6d:67:c7:d6:c5:
                    4d:2d:82:3b:81:45:17:a3:89:87:57:1e:b8:72:62:
                    f8:63:c4:14:57:89:a8:8e:18:0a:83:8e:92:22:59:
                    33:23:35:32:c2:96:a5:6e:61:78:f2:4a:32:33:ac:
                    20:76:2b:17:03:78:9a:0e:c7:54:6b:44:0b:11:51:
                    e8:3d:33:23:cd:bd:d3:04:2e:11:5e:34:93:50:f2:
                    7a:fb:2b:1f:c0:2d:e9:79:2f:8e:d0:79:71:fb:c4:
                    60:68:f6:0d:7f:e1:9b:fa:1b:da:87:aa:52:38:b4:
                    fd:3f:54:90:dc:c7:e2:2d:02:7b:99:b2:6a:b9:b6:
                    db:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:D4:7D:9C:28:BA:62:C8:5B:C7:8A:48:09:4C:BB:CE:A1:E7:F4:62
            X509v3 Authority Key Identifier:
                keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/JtR9nCi6Yshbx4pICUy7zqHn9GI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.240.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:42:91:e1:8e:c0:55:35:03:78:db:98:a3:25:42:12:5c:19:
         97:2d:74:ce:ea:03:e8:f2:47:fe:22:f9:76:78:a3:0f:d9:1e:
         0a:44:e0:6c:8a:ea:0d:1f:73:51:f2:88:89:02:b8:1b:d2:5e:
         45:9b:85:26:fa:77:4c:d1:6c:7f:89:32:1b:43:27:0d:0c:b2:
         ed:29:29:31:3c:c9:97:b3:34:64:38:20:fc:5e:b9:a7:cf:75:
         ef:0d:20:88:df:ca:0c:00:72:5a:25:89:d8:22:4b:59:63:15:
         f7:06:2e:56:4e:a4:cd:76:50:9d:25:9b:ae:cd:fc:fa:31:c3:
         64:2a:7b:d4:26:10:40:01:f5:fc:a4:2e:5d:3d:81:25:fa:96:
         be:d2:8b:f0:44:b6:23:91:d6:42:5b:1f:75:77:a5:24:6c:47:
         86:b4:7f:6d:47:83:ec:0e:17:38:f8:fb:eb:d4:f5:6f:93:47:
         99:0d:c2:b7:b6:c8:f4:f2:a6:ea:6c:dc:e5:88:a1:14:0c:a6:
         c4:35:d4:49:78:4d:b7:68:fc:14:e6:f9:c9:16:55:b2:a5:13:
         82:c3:a3:3d:9d:36:96:fe:8c:43:ee:f7:a9:36:41:7b:3f:90:
         78:de:79:55:ae:a8:ae:1a:2e:a9:8e:58:0d:b0:c3:a7:20:49:
         90:9c:88:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2u3+XLsE99SrBpN+dcZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ0N2Q5YzI4YmE2MmM4NWJjNzhhNDgwOTRjYmJjZWExZTdmNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOu1wOLfOvcZpVSkn0xFC867I7He
QesN2+egpKeheOWwdgi5VbiK9uqnDN8tly6ITYTh2RK30lSudTH5Uow5EiJIHa13
y7LX7+FEV0rfDhK/3p2YszLaOt+4wwoo7rPdJ/OQoCYQ60778961G/qgUwSdYmGY
7obtHDuaoTEQZUQEbWfH1sVNLYI7gUUXo4mHVx64cmL4Y8QUV4mojhgKg46SIlkz
IzUywpalbmF48koyM6wgdisXA3iaDsdUa0QLEVHoPTMjzb3TBC4RXjSTUPJ6+ysf
wC3peS+O0Hlx+8RgaPYNf+Gb+hvah6pSOLT9P1SQ3MfiLQJ7mbJqubbbBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbUfZwoumLIW8eKSAlMu86h5/RiMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvSnRSOW5DaTZZc2hieDRwSUNVeTd6cUhuOUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufCkMA0G
CSqGSIb3DQEBCwUAA4IBAQA7QpHhjsBVNQN425ijJUISXBmXLXTO6gPo8kf+Ivl2
eKMP2R4KROBsiuoNH3NR8oiJArgb0l5Fm4Um+ndM0Wx/iTIbQycNDLLtKSkxPMmX
szRkOCD8Xrmnz3XvDSCI38oMAHJaJYnYIktZYxX3Bi5WTqTNdlCdJZuuzfz6McNk
KnvUJhBAAfX8pC5dPYEl+pa+0ovwRLYjkdZCWx91d6UkbEeGtH9tR4PsDhc4+Pvr
1PVvk0eZDcK3tsj08qbqbNzliKEUDKbENdRJeE23aPwU5vnJFlWypROCw6M9nTaW
/oxD7vepNkF7P5B43nlVrqiuGi6pjlgNsMOnIEmQnIje
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:10:45 2024 by rpki-client on console-fra.rpki-client.org