Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/NQ_0RGcgko8xWuS2A3ISkmOMAWU.roa
File:                     NQ_0RGcgko8xWuS2A3ISkmOMAWU.roa (raw, json)
Hash identifier:          B5+RzFrt9L241eaG3ogx7IBafNpm9tdDowgBqPaJD4c=
Subject key identifier:   35:0F:F4:44:67:20:92:8F:31:5A:E4:B6:03:72:12:92:63:8C:01:65
Certificate issuer:       /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial:       018CC801579A9A294960A1276B6D060C2479
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/NQ_0RGcgko8xWuS2A3ISkmOMAWU.roa
Signing time:             Tue 02 Jan 2024 02:29:40 +0000
ROA not before:           Tue 02 Jan 2024 02:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213198
IP address blocks:        195.64.238.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:57:9a:9a:29:49:60:a1:27:6b:6d:06:0c:24:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
        Validity
            Not Before: Jan  2 02:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=350ff4446720928f315ae4b603721292638c0165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:af:cf:29:43:7b:93:3f:dc:ad:84:e9:6d:22:
                    1f:ef:2d:f3:a3:ea:92:9b:a9:5f:a6:31:e0:43:6b:
                    1c:2d:10:ec:9f:9b:bc:42:87:99:5a:7b:53:a2:db:
                    77:69:2a:9a:62:78:4b:a3:f3:db:77:59:a3:be:ee:
                    c7:09:d6:96:4e:99:63:7b:5d:d4:05:33:23:9b:c4:
                    3c:d5:ed:75:1a:11:76:f2:d1:85:91:6b:d8:a1:10:
                    7a:c5:8e:81:9d:61:29:95:3b:2d:a4:f0:44:6d:4a:
                    89:b1:bd:46:1b:bf:14:b7:b4:0e:64:01:38:7b:3c:
                    60:4b:21:fe:76:31:d6:3e:6d:09:2e:4e:fe:cb:26:
                    78:f3:bd:40:1a:58:b0:70:ec:96:87:48:be:5e:4d:
                    9f:26:44:f0:25:31:04:e8:e0:d1:45:48:89:60:36:
                    60:c3:96:ec:50:fe:d1:3c:f7:71:56:ab:04:30:53:
                    10:37:37:08:fc:6b:59:56:c9:19:3e:c4:fe:d3:e1:
                    a3:84:a4:ae:26:3f:3e:de:34:12:0f:5b:69:38:07:
                    a2:9a:5b:5d:28:97:2c:7c:94:1e:9f:ad:fc:8e:15:
                    e6:a3:27:06:20:7f:c4:24:3f:7d:4a:dc:b9:77:54:
                    29:70:24:a6:f1:d1:f6:79:b5:7e:a7:af:17:78:e5:
                    26:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:0F:F4:44:67:20:92:8F:31:5A:E4:B6:03:72:12:92:63:8C:01:65
            X509v3 Authority Key Identifier:
                keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/NQ_0RGcgko8xWuS2A3ISkmOMAWU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:1a:be:71:58:ef:95:9d:d9:2a:a0:87:28:5c:0b:64:28:6c:
         bd:1d:57:c8:cc:6b:57:16:d4:0d:fb:4d:72:38:18:47:0d:a8:
         8b:38:31:6f:89:04:04:1a:a6:b9:1c:9f:e2:90:f8:60:0f:37:
         17:f1:97:d6:33:99:ba:ae:cb:6a:64:63:f9:57:00:39:42:dd:
         8e:44:22:e7:c6:b9:c5:74:23:c6:1a:7f:dc:e9:60:60:fa:9a:
         2c:ea:07:e7:46:6e:79:0f:f1:ff:ac:44:4a:23:7b:90:13:84:
         2c:cf:0b:6a:44:b6:0c:f3:f2:1f:6c:b7:ea:57:68:74:07:49:
         a3:14:86:02:72:db:ff:5f:b8:ee:42:05:ef:83:9c:3f:18:44:
         cb:9e:92:ef:14:15:fe:40:e1:9f:6e:58:f9:a8:90:ba:65:53:
         e3:41:67:3b:ee:ca:06:6a:12:be:2d:66:29:65:e5:8b:74:e3:
         d3:60:cc:01:d5:b6:04:c5:31:05:f1:75:e8:9d:4c:ea:1b:d1:
         51:94:39:2a:de:08:dc:a7:be:5f:54:fb:05:d6:96:ef:ce:ec:
         c8:d2:a3:b3:62:de:da:ce:56:d5:19:91:f7:26:4b:bc:75:e2:
         0d:cb:a8:07:05:2a:b1:48:12:21:1a:7d:f2:e7:cc:0d:0f:07:
         bf:5c:73:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAVeamilJYKEna20GDCR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBmZjQ0NDY3MjA5MjhmMzE1YWU0YjYwMzcyMTI5MjYzOGMwMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K/PKUN7kz/crYTpbSIf7y3zo+qS
m6lfpjHgQ2scLRDsn5u8QoeZWntTott3aSqaYnhLo/Pbd1mjvu7HCdaWTplje13U
BTMjm8Q81e11GhF28tGFkWvYoRB6xY6BnWEplTstpPBEbUqJsb1GG78Ut7QOZAE4
ezxgSyH+djHWPm0JLk7+yyZ4871AGliwcOyWh0i+Xk2fJkTwJTEE6ODRRUiJYDZg
w5bsUP7RPPdxVqsEMFMQNzcI/GtZVskZPsT+0+GjhKSuJj8+3jQSD1tpOAeimltd
KJcsfJQen638jhXmoycGIH/EJD99Sty5d1QpcCSm8dH2ebV+p68XeOUmxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUP9ERnIJKPMVrktgNyEpJjjAFlMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvTlFfMFJHY2drbzh4V3VTMkEzSVNrbU9NQVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0DuMA0G
CSqGSIb3DQEBCwUAA4IBAQAIGr5xWO+VndkqoIcoXAtkKGy9HVfIzGtXFtQN+01y
OBhHDaiLODFviQQEGqa5HJ/ikPhgDzcX8ZfWM5m6rstqZGP5VwA5Qt2ORCLnxrnF
dCPGGn/c6WBg+pos6gfnRm55D/H/rERKI3uQE4QszwtqRLYM8/IfbLfqV2h0B0mj
FIYCctv/X7juQgXvg5w/GETLnpLvFBX+QOGfblj5qJC6ZVPjQWc77soGahK+LWYp
ZeWLdOPTYMwB1bYExTEF8XXonUzqG9FRlDkq3gjcp75fVPsF1pbvzuzI0qOzYt7a
zlbVGZH3Jku8deINy6gHBSqxSBIhGn3y58wNDwe/XHPQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:39 2024 by rpki-client on console-fra.rpki-client.org