Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TKOMWfoBk2BJ9iNqI2PUYiKbGy0.roa
File:                     TKOMWfoBk2BJ9iNqI2PUYiKbGy0.roa (raw, json)
Hash identifier:          WWZd7gtl16/lU6vdtp0U8tVjsdKE1DNztkwFxd02V6E=
Subject key identifier:   4C:A3:8C:59:FA:01:93:60:49:F6:23:6A:23:63:D4:62:22:9B:1B:2D
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       018E43B2F4C38B364550D559DEF4EC70FBE6
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TKOMWfoBk2BJ9iNqI2PUYiKbGy0.roa
Signing time:             Fri 15 Mar 2024 19:59:45 +0000
ROA not before:           Fri 15 Mar 2024 19:59:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8708
IP address blocks:        46.102.175.0/24 maxlen: 24
                          85.204.241.0/24 maxlen: 24
                          85.204.242.0/24 maxlen: 24
                          86.105.233.0/24 maxlen: 24
                          86.106.113.0/24 maxlen: 24
                          89.34.178.0/24 maxlen: 24
                          89.38.236.0/24 maxlen: 24
                          89.40.65.0/24 maxlen: 24
                          89.43.53.0/24 maxlen: 24
                          89.43.63.0/24 maxlen: 24
                          89.46.93.0/24 maxlen: 24
                          93.114.57.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:43:b2:f4:c3:8b:36:45:50:d5:59:de:f4:ec:70:fb:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Mar 15 19:59:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4ca38c59fa01936049f6236a2363d462229b1b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2d:c8:c3:18:78:da:81:13:fd:55:df:8c:aa:
                    1d:bd:b3:ea:28:c6:58:c0:89:0b:a3:73:99:b1:2d:
                    24:7e:9c:0c:0a:08:ec:44:fa:ae:12:5d:4f:89:da:
                    ff:fd:f0:0a:bd:4b:f3:2f:00:be:9c:99:15:00:6d:
                    2f:cd:c8:48:2d:a8:62:d4:89:6e:3d:d7:ab:6b:d4:
                    af:4e:37:87:7b:2a:3c:7a:f6:26:bd:39:a7:61:7b:
                    a8:3c:90:8b:3c:05:e6:4a:a4:37:99:32:38:dc:5b:
                    f8:21:9e:4a:4c:32:15:0a:54:bd:cd:3a:5d:fa:cb:
                    39:9e:ab:e6:5a:3f:90:56:18:ba:e7:62:04:ab:ef:
                    38:57:60:85:38:6d:f3:46:d5:a3:29:24:a1:86:1c:
                    c4:1c:2b:6d:e2:b6:60:50:7c:3f:67:75:0b:ce:78:
                    b5:26:89:9d:bc:3e:06:3f:cc:a0:ce:6d:15:86:66:
                    9b:9c:6a:8a:63:6d:74:17:94:d2:44:0f:17:25:b3:
                    95:8a:2a:17:a4:b0:7f:6b:87:f5:b9:e9:e3:99:cf:
                    9d:b0:70:21:b7:fa:1c:f2:f4:09:12:33:03:07:84:
                    a5:ff:a2:71:be:e5:93:56:46:74:87:cc:6f:86:ae:
                    fa:a1:b2:58:98:58:52:66:01:2b:47:df:8e:45:b2:
                    6d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A3:8C:59:FA:01:93:60:49:F6:23:6A:23:63:D4:62:22:9B:1B:2D
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TKOMWfoBk2BJ9iNqI2PUYiKbGy0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.175.0/24
                  85.204.241.0-85.204.242.255
                  86.105.233.0/24
                  86.106.113.0/24
                  89.34.178.0/24
                  89.38.236.0/24
                  89.40.65.0/24
                  89.43.53.0/24
                  89.43.63.0/24
                  89.46.93.0/24
                  93.114.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:3e:17:95:92:2e:6c:ff:35:bf:37:5f:95:42:43:6a:53:fa:
         dc:bd:b1:c4:5b:2e:00:d5:65:87:09:cb:83:d3:85:3e:58:f9:
         f3:d2:76:b4:82:05:06:43:16:32:7b:09:e6:57:9e:40:bf:9e:
         21:e6:32:e7:ca:65:9c:98:4c:15:97:e0:20:ff:3b:a9:1c:ca:
         84:1d:ad:99:87:ed:b9:c2:a0:31:b7:59:fd:70:5d:b3:f0:e9:
         8d:50:da:1f:5d:e2:35:5c:8d:7c:be:c5:a4:1d:28:7a:58:ce:
         b1:dd:1b:a7:bc:03:8a:26:70:1d:53:ce:e5:ff:f0:82:71:2e:
         db:a8:0d:d0:ad:38:80:14:a2:fa:6b:64:de:8a:71:69:96:6d:
         aa:43:ac:21:23:0d:a3:5e:44:23:70:a5:7b:a9:d3:68:28:3e:
         92:af:e1:dd:b2:ad:9d:0e:53:e1:a1:b8:7f:a9:35:7a:81:7a:
         cc:98:dc:4a:d1:19:58:42:11:99:29:42:af:7b:79:83:8f:57:
         e2:6e:38:b8:0f:81:db:8a:1d:c5:ad:ed:1b:77:df:19:65:03:
         b0:c4:17:97:7e:7b:22:00:f7:9a:9b:0f:8e:49:d1:51:f0:7e:
         9d:73:31:b5:43:33:91:b8:dc:0b:b1:95:c8:be:0c:2f:be:7e:
         e4:15:95:a4
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY5DsvTDizZFUNVZ3vTscPvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMzE1MTk1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2EzOGM1OWZhMDE5MzYwNDlmNjIzNmEyMzYzZDQ2MjIyOWIxYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi3Iwxh42oET/VXfjKodvbPqKMZY
wIkLo3OZsS0kfpwMCgjsRPquEl1Pidr//fAKvUvzLwC+nJkVAG0vzchILahi1Ilu
Pdera9SvTjeHeyo8evYmvTmnYXuoPJCLPAXmSqQ3mTI43Fv4IZ5KTDIVClS9zTpd
+ss5nqvmWj+QVhi652IEq+84V2CFOG3zRtWjKSShhhzEHCtt4rZgUHw/Z3ULzni1
JomdvD4GP8ygzm0VhmabnGqKY210F5TSRA8XJbOViioXpLB/a4f1uenjmc+dsHAh
t/oc8vQJEjMDB4Sl/6JxvuWTVkZ0h8xvhq76obJYmFhSZgErR9+ORbJtWwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEyjjFn6AZNgSfYjaiNj1GIimxstMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1RLT01XZm9CazJCSjlpTnFJMlBVWWlLYkd5MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEoDBAAuZq8w
DAMEAFXM8QMEAFXM8gMEAFZp6QMEAFZqcQMEAFkisgMEAFkm7AMEAFkoQQMEAFkr
NQMEAFkrPwMEAFkuXQMEAF1yOTANBgkqhkiG9w0BAQsFAAOCAQEAzD4XlZIubP81
vzdflUJDalP63L2xxFsuANVlhwnLg9OFPlj589J2tIIFBkMWMnsJ5leeQL+eIeYy
58plnJhMFZfgIP87qRzKhB2tmYftucKgMbdZ/XBds/DpjVDaH13iNVyNfL7FpB0o
eljOsd0bp7wDiiZwHVPO5f/wgnEu26gN0K04gBSi+mtk3opxaZZtqkOsISMNo15E
I3Cle6nTaCg+kq/h3bKtnQ5T4aG4f6k1eoF6zJjcStEZWEIRmSlCr3t5g49X4m44
uA+B24odxa3tG3ffGWUDsMQXl357IgD3mpsPjknRUfB+nXMxtUMzkbjcC7GVyL4M
L75+5BWVpA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:16:39 2024 by rpki-client on console-fra.rpki-client.org