Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/NeBUyNnFXtSKShVvUNEIZWTrh_k.roa
File:                     NeBUyNnFXtSKShVvUNEIZWTrh_k.roa (raw, json)
Hash identifier:          /3l5vOVIZbgErU///U2QXrW/hTZIiGQnTA2qPwJ3nt4=
Subject key identifier:   35:E0:54:C8:D9:C5:5E:D4:8A:4A:15:6F:50:D1:08:65:64:EB:87:F9
Certificate issuer:       /CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Certificate serial:       018CCA2A7ED362DF68D421EB8B4444BA229F
Authority key identifier: B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/NeBUyNnFXtSKShVvUNEIZWTrh_k.roa
Signing time:             Tue 02 Jan 2024 12:33:51 +0000
ROA not before:           Tue 02 Jan 2024 12:33:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206789
IP address blocks:        185.173.236.0/24 maxlen: 24
                          185.173.238.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 04:03:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:7e:d3:62:df:68:d4:21:eb:8b:44:44:ba:22:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
        Validity
            Not Before: Jan  2 12:33:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=35e054c8d9c55ed48a4a156f50d1086564eb87f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fe:89:47:c0:a8:23:47:92:a4:43:75:97:f7:
                    ec:61:64:e7:33:79:e5:cd:2e:56:3b:e5:bb:64:95:
                    03:ff:e8:4c:d3:02:6c:ad:b2:d9:96:22:12:4e:01:
                    ae:38:84:76:d5:0b:a3:1f:1b:15:fc:00:f5:21:e7:
                    6a:ce:fe:f5:8e:bd:c1:0f:b0:10:8d:22:5b:b4:0a:
                    86:09:5b:15:7b:56:c2:00:ed:8a:a9:09:de:bc:e6:
                    a7:06:95:90:05:ff:d2:5c:16:b9:fb:93:72:4b:2f:
                    30:2d:f8:fe:6e:de:85:57:03:57:a8:c5:fe:04:3e:
                    14:03:c5:36:e1:a0:69:dc:25:c3:1e:b9:31:51:d3:
                    b8:87:fe:d9:b7:89:5f:65:ca:26:c1:f4:48:95:59:
                    e9:ef:d1:6e:46:97:3b:de:09:6d:c6:b5:f2:20:b7:
                    9f:ae:a6:ab:e9:6f:b9:cb:e5:90:a4:56:21:78:68:
                    5c:bc:30:1f:e6:79:b6:3a:72:73:3d:0f:aa:f6:98:
                    76:a4:2d:98:98:ed:1a:2d:9d:cb:b3:f0:7a:44:b7:
                    ac:58:7c:22:87:1f:78:ad:8a:11:a6:5e:ba:78:23:
                    4a:bd:e3:cc:9b:cf:cf:5c:e9:ac:38:7a:18:22:12:
                    43:f5:8a:6c:90:35:10:14:ed:fb:40:97:ab:e7:25:
                    00:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:E0:54:C8:D9:C5:5E:D4:8A:4A:15:6F:50:D1:08:65:64:EB:87:F9
            X509v3 Authority Key Identifier:
                keyid:B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/NeBUyNnFXtSKShVvUNEIZWTrh_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.173.236.0/24
                  185.173.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:83:ab:cb:24:73:47:4a:2b:8d:1c:f1:97:ea:ae:fc:ae:64:
         95:b2:2f:1e:e2:ee:e8:dc:46:45:e7:b6:d1:c6:d3:9c:37:55:
         2d:6f:12:12:a2:92:d2:e4:c4:19:6f:fd:37:15:64:6a:07:d7:
         72:b0:c9:fd:dd:ee:79:b9:b4:ae:c6:c0:1b:b6:86:62:2a:da:
         50:8f:18:aa:9e:58:18:e5:ee:56:40:b9:e0:cb:21:ea:7b:f0:
         42:4d:5f:eb:61:3d:44:2f:d3:fc:b7:89:02:ca:00:7e:f2:d0:
         fc:d3:88:7c:0e:02:2e:e8:93:2e:ff:7f:79:6c:ff:81:43:29:
         98:96:e9:69:b4:fb:31:05:31:f3:0e:ae:20:24:25:fd:35:80:
         cb:f4:b1:6f:8d:fe:3b:80:c9:78:88:77:1d:86:66:8c:4d:ca:
         ff:4f:d1:00:44:69:9a:0d:94:00:ee:43:9f:fc:54:3d:68:7b:
         a6:a7:8e:52:fa:63:da:7b:a0:c4:10:b1:f0:e7:da:6e:4c:58:
         2a:3a:79:a7:97:d5:8c:fa:b0:d9:eb:64:a8:76:85:d0:aa:bb:
         49:d0:46:88:2d:89:11:ec:c4:88:1c:e1:40:12:84:57:94:96:
         65:d1:d9:06:1d:93:6c:9c:8d:b1:8b:f3:2c:05:8d:8f:94:81:
         47:1d:16:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKn7TYt9o1CHri0REuiKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTJkYzIzNDBjNTMwOWI2M2ViYTIzY2ZiZTdlZWQxMWI3
NGFmNDcwHhcNMjQwMTAyMTIzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWUwNTRjOGQ5YzU1ZWQ0OGE0YTE1NmY1MGQxMDg2NTY0ZWI4N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf6JR8CoI0eSpEN1l/fsYWTnM3nl
zS5WO+W7ZJUD/+hM0wJsrbLZliISTgGuOIR21QujHxsV/AD1Iedqzv71jr3BD7AQ
jSJbtAqGCVsVe1bCAO2KqQnevOanBpWQBf/SXBa5+5NySy8wLfj+bt6FVwNXqMX+
BD4UA8U24aBp3CXDHrkxUdO4h/7Zt4lfZcomwfRIlVnp79FuRpc73gltxrXyILef
rqar6W+5y+WQpFYheGhcvDAf5nm2OnJzPQ+q9ph2pC2YmO0aLZ3Ls/B6RLesWHwi
hx94rYoRpl66eCNKvePMm8/PXOmsOHoYIhJD9YpskDUQFO37QJer5yUAyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDXgVMjZxV7UikoVb1DRCGVk64f5MB8GA1UdIwQY
MBaAFLni3CNAxTCbY+uiPPvn7tEbdK9HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVMY0kwREZNSnRqNjZJOC0tZnUwUnQwcjBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82Zjk5ZDItYWQwNS00Y2ZjLTlhNWUt
OWNiZWRjZWM4NmQ2LzEvTmVCVXlObkZYdFNLU2hWdlVORUlaV1RyaF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82Zjk5ZDItYWQwNS00Y2ZjLTlhNWUtOWNiZWRjZWM4NmQ2
LzEvdWVMY0kwREZNSnRqNjZJOC0tZnUwUnQwcjBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAua3sAwQA
ua3uMA0GCSqGSIb3DQEBCwUAA4IBAQA4g6vLJHNHSiuNHPGX6q78rmSVsi8e4u7o
3EZF57bRxtOcN1UtbxISopLS5MQZb/03FWRqB9dysMn93e55ubSuxsAbtoZiKtpQ
jxiqnlgY5e5WQLngyyHqe/BCTV/rYT1EL9P8t4kCygB+8tD804h8DgIu6JMu/395
bP+BQymYlulptPsxBTHzDq4gJCX9NYDL9LFvjf47gMl4iHcdhmaMTcr/T9EARGma
DZQA7kOf/FQ9aHump45S+mPae6DEELHw59puTFgqOnmnl9WM+rDZ62SodoXQqrtJ
0EaILYkR7MSIHOFAEoRXlJZl0dkGHZNsnI2xi/MsBY2PlIFHHRYw
-----END CERTIFICATE-----
Generated at Sat Jun 15 14:19:54 2024 by rpki-client on console-ams.rpki-client.org