Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa
File:                     D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa (raw, json)
Hash identifier:          9l/Vsk2V0XWMdAILLoXd2gFb/H41u3V7R4sx8+sfi7o=
Subject key identifier:   0F:E3:67:A5:A8:BF:08:51:EF:FE:7E:40:2E:FB:EE:AB:4B:56:FD:11
Certificate issuer:       /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial:       018CC56E3BFAA4D035D6B116C8DFDDDCAB8E
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa
Signing time:             Mon 01 Jan 2024 14:29:45 +0000
ROA not before:           Mon 01 Jan 2024 14:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50593
IP address blocks:        178.172.214.0/24 maxlen: 24
                          178.172.228.0/24 maxlen: 24
                          178.172.234.0/24 maxlen: 24
                          213.184.234.0/24 maxlen: 24
                          93.125.50.0/24 maxlen: 24
                          178.172.204.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:3b:fa:a4:d0:35:d6:b1:16:c8:df:dd:dc:ab:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
        Validity
            Not Before: Jan  1 14:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0fe367a5a8bf0851effe7e402efbeeab4b56fd11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:c3:5b:ec:0d:f3:97:25:cd:af:a0:f5:68:5c:
                    dd:ec:4c:32:36:f9:57:ee:f5:90:40:98:7a:24:73:
                    b1:43:55:eb:1e:5b:dc:36:00:d5:5b:50:43:b5:78:
                    5b:c1:ed:a4:f8:25:3c:45:2a:07:ca:37:36:11:46:
                    b1:51:d1:68:00:b1:d0:47:c7:32:12:e9:9c:6f:74:
                    26:02:01:99:a4:16:5e:9d:fd:f5:bf:19:fc:15:f4:
                    30:bb:ac:1f:70:5c:9a:44:e2:0b:b7:73:89:c5:49:
                    ed:2a:42:c9:91:41:76:76:7b:79:63:bb:4b:b6:ad:
                    11:d3:0f:69:19:6a:35:a9:9d:6f:fd:74:ec:1c:69:
                    44:fe:19:a5:2a:18:d4:28:e1:ab:18:c8:e6:7d:7e:
                    fe:c2:38:44:76:ed:47:27:3e:2f:36:77:e0:c3:18:
                    c8:0c:61:59:9d:ff:db:5d:f7:41:2f:5b:99:7b:a9:
                    d4:24:a9:30:02:d4:59:34:3d:d6:45:f3:36:3e:20:
                    10:6d:b6:48:49:8d:20:81:3d:08:49:3b:09:de:25:
                    c9:17:8c:62:89:a4:ed:77:de:89:85:d6:e6:24:a6:
                    b2:af:5b:b6:62:19:9e:5f:d3:d2:c2:40:12:2b:0d:
                    1a:fc:68:1f:6b:e8:af:a3:99:d5:91:a9:99:40:a0:
                    a1:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:E3:67:A5:A8:BF:08:51:EF:FE:7E:40:2E:FB:EE:AB:4B:56:FD:11
            X509v3 Authority Key Identifier:
                keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.125.50.0/24
                  178.172.204.0/24
                  178.172.214.0/24
                  178.172.228.0/24
                  178.172.234.0/24
                  213.184.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:23:b4:de:73:80:c3:cb:ce:57:57:a1:21:0c:94:74:e3:d9:
         05:d2:2a:b8:11:d5:76:ce:59:2d:15:1e:b8:d5:bc:81:2f:f1:
         8f:23:4e:67:2c:57:a2:c5:40:d6:18:3c:59:55:56:04:0c:3f:
         2c:e9:a4:d5:75:ae:9c:91:64:64:ba:92:24:39:15:b9:27:75:
         09:bb:bb:d5:88:c3:14:a9:c5:ad:d4:3a:d6:65:b3:9d:3a:18:
         46:84:19:c3:0f:8a:3c:2a:e4:2f:71:59:a5:ee:84:52:69:7c:
         76:4b:c7:bc:30:d0:c3:33:b0:ca:ca:4e:5f:c8:ba:f2:a3:66:
         9b:96:c1:9a:2b:70:b9:4b:e7:93:99:bc:9b:64:76:72:58:1f:
         0e:76:ba:1d:f3:ca:2c:4f:3c:d8:15:83:31:1a:32:b4:65:63:
         93:f2:ff:fb:9b:0e:fb:17:20:b7:e6:58:81:47:81:53:8a:82:
         1d:98:6c:03:70:3a:ef:c5:35:09:cc:12:98:60:1d:3e:9c:ea:
         d9:21:12:df:2b:6d:91:b4:3a:8f:db:80:6c:56:29:1d:2b:ad:
         e9:d3:24:79:1c:8a:38:c3:9d:3a:4c:32:5c:72:75:ab:9f:6d:
         05:23:11:c5:ec:52:d1:f7:1d:a8:a5:91:dd:be:b9:69:f1:19:
         12:ed:f6:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbjv6pNA11rEWyN/d3KuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQwMTAxMTQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmUzNjdhNWE4YmYwODUxZWZmZTdlNDAyZWZiZWVhYjRiNTZmZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsNb7A3zlyXNr6D1aFzd7EwyNvlX
7vWQQJh6JHOxQ1XrHlvcNgDVW1BDtXhbwe2k+CU8RSoHyjc2EUaxUdFoALHQR8cy
Eumcb3QmAgGZpBZenf31vxn8FfQwu6wfcFyaROILt3OJxUntKkLJkUF2dnt5Y7tL
tq0R0w9pGWo1qZ1v/XTsHGlE/hmlKhjUKOGrGMjmfX7+wjhEdu1HJz4vNnfgwxjI
DGFZnf/bXfdBL1uZe6nUJKkwAtRZND3WRfM2PiAQbbZISY0ggT0ISTsJ3iXJF4xi
iaTtd96JhdbmJKayr1u2YhmeX9PSwkASKw0a/Ggfa+ivo5nVkamZQKChiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA/jZ6WovwhR7/5+QC777qtLVv0RMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvRC1ObnBhaV9DRkh2X241QUx2dnVxMHRXX1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXX0yAwQA
sqzMAwQAsqzWAwQAsqzkAwQAsqzqAwQA1bjqMA0GCSqGSIb3DQEBCwUAA4IBAQAT
I7Tec4DDy85XV6EhDJR049kF0iq4EdV2zlktFR641byBL/GPI05nLFeixUDWGDxZ
VVYEDD8s6aTVda6ckWRkupIkORW5J3UJu7vViMMUqcWt1DrWZbOdOhhGhBnDD4o8
KuQvcVml7oRSaXx2S8e8MNDDM7DKyk5fyLryo2ablsGaK3C5S+eTmbybZHZyWB8O
drod88osTzzYFYMxGjK0ZWOT8v/7mw77FyC35liBR4FTioIdmGwDcDrvxTUJzBKY
YB0+nOrZIRLfK22RtDqP24BsVikdK63p0yR5HIo4w506TDJccnWrn20FIxHF7FLR
9x2opZHdvrlp8RkS7fZh
-----END CERTIFICATE-----
Generated at Sat Jun 15 21:22:49 2024 by rpki-client on console-ams.rpki-client.org