Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/1-ttLkEM0oEswuNEuerz3YWNdvL0.roa
File:                     1-ttLkEM0oEswuNEuerz3YWNdvL0.roa (raw, json)
Hash identifier:          YY/AKCk161nhoyjRigHBJvrBKyVonHes1th/UUAtIBs=
Subject key identifier:   FA:DB:4B:90:43:34:A0:4B:30:B8:D1:2E:7A:BC:F7:61:63:5D:BC:BD
Certificate issuer:       /CN=e6596f1b163cab0c45a84eeb13261b65f1a22962
Certificate serial:       018CC64997D06E3103DC0E7132C62FD42A42
Authority key identifier: E6:59:6F:1B:16:3C:AB:0C:45:A8:4E:EB:13:26:1B:65:F1:A2:29:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5llvGxY8qwxFqE7rEyYbZfGiKWI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/1-ttLkEM0oEswuNEuerz3YWNdvL0.roa
Signing time:             Mon 01 Jan 2024 18:29:20 +0000
ROA not before:           Mon 01 Jan 2024 18:29:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20552
IP address blocks:        93.105.74.0/24 maxlen: 24
                          93.105.73.0/24 maxlen: 24
                          93.105.75.0/24 maxlen: 24
                          93.105.72.0/24 maxlen: 24
                          178.235.240.0/22 maxlen: 22
                          178.235.240.0/24 maxlen: 24
                          178.235.241.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/5llvGxY8qwxFqE7rEyYbZfGiKWI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/5llvGxY8qwxFqE7rEyYbZfGiKWI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5llvGxY8qwxFqE7rEyYbZfGiKWI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 15 Nov 2024 13:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:97:d0:6e:31:03:dc:0e:71:32:c6:2f:d4:2a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6596f1b163cab0c45a84eeb13261b65f1a22962
        Validity
            Not Before: Jan  1 18:29:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fadb4b904334a04b30b8d12e7abcf761635dbcbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b6:a9:22:82:51:8e:2f:ee:b0:ac:21:2a:0b:
                    56:8d:6e:48:12:bd:cc:be:95:fe:d8:e8:02:29:d1:
                    0e:a1:00:a7:f7:94:95:b3:00:e2:8d:0d:3f:99:e7:
                    f7:31:7c:03:15:43:00:6a:fe:7b:74:84:ed:87:f6:
                    d1:83:20:10:41:b6:39:61:07:ea:25:ce:16:d4:b8:
                    cb:24:19:d0:e7:3c:15:fd:a1:7d:92:a8:6f:6a:4c:
                    03:53:b4:c7:eb:1b:23:ca:80:c0:c6:b4:48:67:fe:
                    53:54:49:08:e5:e9:b4:47:52:8f:88:34:af:68:ab:
                    25:09:b4:aa:4d:46:95:f3:db:b9:15:5d:c6:5f:22:
                    86:9e:d7:7e:61:31:bb:01:b0:76:30:d4:32:f1:08:
                    a8:2f:6f:4e:bf:b6:d1:e0:74:3f:ea:c8:b8:a3:b5:
                    cb:b0:ac:31:0e:e5:14:0a:f3:54:32:33:78:1f:07:
                    d9:f4:6f:06:54:a1:a4:5d:99:20:fa:ac:27:5c:fe:
                    ec:e7:31:f0:f6:0a:4e:21:d7:39:9e:3f:65:c3:35:
                    9c:24:e7:73:5c:08:a3:d6:53:12:d6:3c:f2:47:57:
                    d2:f5:0c:21:85:ca:9f:60:2b:b5:d5:5c:99:d9:b1:
                    9a:b8:64:e0:f6:bf:f6:7b:93:63:2a:09:3a:54:87:
                    f5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:DB:4B:90:43:34:A0:4B:30:B8:D1:2E:7A:BC:F7:61:63:5D:BC:BD
            X509v3 Authority Key Identifier:
                keyid:E6:59:6F:1B:16:3C:AB:0C:45:A8:4E:EB:13:26:1B:65:F1:A2:29:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5llvGxY8qwxFqE7rEyYbZfGiKWI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/1-ttLkEM0oEswuNEuerz3YWNdvL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/5llvGxY8qwxFqE7rEyYbZfGiKWI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.105.72.0/22
                  178.235.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:52:7b:24:34:d2:28:c2:a4:6d:26:e6:0a:a8:86:78:78:1b:
         d0:87:5d:3b:a6:c6:62:75:58:35:16:f5:71:1d:5e:ea:33:0d:
         36:50:7e:67:75:1e:91:89:90:7c:6e:c8:5a:5f:c4:92:7c:83:
         08:17:67:b0:db:43:29:7c:da:f3:5f:dc:1f:74:83:f9:63:df:
         ca:32:22:bb:7a:3d:e4:9d:a9:bc:3b:40:d0:00:a7:38:38:83:
         d7:0d:60:aa:31:0b:96:af:ee:2e:ed:96:ff:b7:18:44:0c:0e:
         b0:43:79:e0:3c:08:d1:ab:0e:88:a9:58:12:af:d4:3e:ff:9e:
         b3:42:44:e7:2b:22:02:c2:a3:17:d3:63:6f:1d:53:bb:e5:43:
         fe:74:77:89:a5:c9:91:b9:ca:0e:0d:29:64:4e:0e:56:6d:84:
         13:f4:0f:31:64:7e:70:eb:c1:ab:0c:1f:6f:c7:6a:63:82:c6:
         2e:64:3f:3b:44:04:68:57:da:e0:59:ff:04:12:18:5c:d4:db:
         64:bf:c1:ee:c9:3b:13:07:20:fe:10:af:94:b2:82:0e:4e:be:
         a1:2a:26:e4:53:5b:4e:94:fc:e7:9a:94:a4:e3:da:ad:8a:7c:
         ec:62:47:ad:98:d2:f8:1b:84:6d:e0:36:f3:31:8c:40:73:de:
         97:ad:23:f0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzGSZfQbjED3A5xMsYv1CpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTk2ZjFiMTYzY2FiMGM0NWE4NGVlYjEzMjYxYjY1ZjFh
MjI5NjIwHhcNMjQwMTAxMTgyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRiNGI5MDQzMzRhMDRiMzBiOGQxMmU3YWJjZjc2MTYzNWRiY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbapIoJRji/usKwhKgtWjW5IEr3M
vpX+2OgCKdEOoQCn95SVswDijQ0/mef3MXwDFUMAav57dITth/bRgyAQQbY5YQfq
Jc4W1LjLJBnQ5zwV/aF9kqhvakwDU7TH6xsjyoDAxrRIZ/5TVEkI5em0R1KPiDSv
aKslCbSqTUaV89u5FV3GXyKGntd+YTG7AbB2MNQy8QioL29Ov7bR4HQ/6si4o7XL
sKwxDuUUCvNUMjN4HwfZ9G8GVKGkXZkg+qwnXP7s5zHw9gpOIdc5nj9lwzWcJOdz
XAij1lMS1jzyR1fS9QwhhcqfYCu11VyZ2bGauGTg9r/2e5NjKgk6VIf1AwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrbS5BDNKBLMLjRLnq892FjXby9MB8GA1UdIwQY
MBaAFOZZbxsWPKsMRahO6xMmG2XxoiliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxsdkd4WThxd3hGcUU3ckV5WWJaZkdpS1dJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lZGU5NGUtYmEyYS00MWVlLWIxMmMt
ZTA1MzRlMjM4NTliLzEvMS10dExrRU0wb0Vzd3VORXVlcnozWVdOZHZMMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODUvZWRlOTRlLWJhMmEtNDFlZS1iMTJjLWUwNTM0ZTIzODU5
Yi8xLzVsbHZHeFk4cXd4RnFFN3JFeVliWmZHaUtXSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAl1pSAME
ArLr8DANBgkqhkiG9w0BAQsFAAOCAQEAjVJ7JDTSKMKkbSbmCqiGeHgb0IddO6bG
YnVYNRb1cR1e6jMNNlB+Z3UekYmQfG7IWl/EknyDCBdnsNtDKXza81/cH3SD+WPf
yjIiu3o95J2pvDtA0ACnODiD1w1gqjELlq/uLu2W/7cYRAwOsEN54DwI0asOiKlY
Eq/UPv+es0JE5ysiAsKjF9Njbx1Tu+VD/nR3iaXJkbnKDg0pZE4OVm2EE/QPMWR+
cOvBqwwfb8dqY4LGLmQ/O0QEaFfa4Fn/BBIYXNTbZL/B7sk7Ewcg/hCvlLKCDk6+
oSom5FNbTpT855qUpOParYp87GJHrZjS+BuEbeA28zGMQHPel60j8A==
-----END CERTIFICATE-----
Generated at Thu Nov 14 19:48:08 2024 by rpki-client on console-fra.rpki-client.org