Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/ad6954-af32-4996-bb69-2ed9f1cc2b0d/1/ci6rnIoVhIYkMukcetBXm4IEy7U.roa
File:                     ci6rnIoVhIYkMukcetBXm4IEy7U.roa (raw, json)
Hash identifier:          g7G5kgquM18dj9x/YcbFUYu9EyjPw6q63aMyW64HR2M=
Subject key identifier:   72:2E:AB:9C:8A:15:84:86:24:32:E9:1C:7A:D0:57:9B:82:04:CB:B5
Certificate issuer:       /CN=2fbe2ad7cc69a95e3a8071fb33df9af7a379928b
Certificate serial:       018CC9BC5021940FE25B241C7ECB04A3FD77
Authority key identifier: 2F:BE:2A:D7:CC:69:A9:5E:3A:80:71:FB:33:DF:9A:F7:A3:79:92:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L74q18xpqV46gHH7M9-a96N5kos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/ad6954-af32-4996-bb69-2ed9f1cc2b0d/1/ci6rnIoVhIYkMukcetBXm4IEy7U.roa
Signing time:             Tue 02 Jan 2024 10:33:30 +0000
ROA not before:           Tue 02 Jan 2024 10:33:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42605
IP address blocks:        185.243.200.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/ad6954-af32-4996-bb69-2ed9f1cc2b0d/1/L74q18xpqV46gHH7M9-a96N5kos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/ad6954-af32-4996-bb69-2ed9f1cc2b0d/1/L74q18xpqV46gHH7M9-a96N5kos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L74q18xpqV46gHH7M9-a96N5kos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:50:21:94:0f:e2:5b:24:1c:7e:cb:04:a3:fd:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fbe2ad7cc69a95e3a8071fb33df9af7a379928b
        Validity
            Not Before: Jan  2 10:33:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=722eab9c8a1584862432e91c7ad0579b8204cbb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:09:ae:7d:e2:ae:6d:8b:ff:7c:20:1e:27:22:
                    95:46:e5:95:f6:5a:79:ce:7f:40:1e:d3:f6:3d:7b:
                    41:24:80:fa:1c:af:eb:cd:1b:61:c9:87:53:f2:88:
                    70:01:ee:90:6c:43:e1:e6:49:68:b6:64:87:3d:01:
                    ed:ca:71:e3:11:2f:dd:f7:c5:11:e8:d6:ac:62:3d:
                    e2:7f:9e:cf:bb:d9:3b:02:6e:49:cb:a1:5f:8f:d6:
                    35:75:61:9c:ad:21:2b:d2:77:3a:e3:0e:dc:5e:1e:
                    70:5a:f8:1c:2c:26:ad:4d:8a:8f:c3:06:d9:2a:48:
                    1f:17:64:2b:a4:d6:60:cc:e1:53:23:ef:f5:36:5a:
                    f2:01:bc:c0:24:4c:de:43:b7:6f:62:29:af:98:90:
                    bc:a8:e4:c8:ea:bd:0f:0c:01:1f:16:ca:f0:e4:3d:
                    cc:20:bb:eb:62:38:04:24:b5:42:23:e3:0f:4b:4e:
                    f1:db:f9:7d:61:ca:b6:e3:64:02:8f:63:ee:55:e1:
                    44:7a:00:5a:8e:35:8f:d7:6b:45:3f:cb:6b:32:a3:
                    18:27:8e:46:bd:d2:56:20:27:12:33:62:f3:68:72:
                    3a:b6:a3:cd:d5:59:76:18:f2:b9:61:0d:94:ba:4b:
                    fb:dc:5e:2c:6e:6b:1d:cb:21:ec:aa:41:a0:23:01:
                    ce:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:2E:AB:9C:8A:15:84:86:24:32:E9:1C:7A:D0:57:9B:82:04:CB:B5
            X509v3 Authority Key Identifier:
                keyid:2F:BE:2A:D7:CC:69:A9:5E:3A:80:71:FB:33:DF:9A:F7:A3:79:92:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L74q18xpqV46gHH7M9-a96N5kos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ad6954-af32-4996-bb69-2ed9f1cc2b0d/1/ci6rnIoVhIYkMukcetBXm4IEy7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ad6954-af32-4996-bb69-2ed9f1cc2b0d/1/L74q18xpqV46gHH7M9-a96N5kos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:8b:4f:77:26:b3:9c:6a:42:2f:8b:a5:01:8b:51:2b:47:bc:
         e7:28:d4:f2:8c:1e:dd:7f:53:34:14:79:d8:a1:fd:04:95:ad:
         94:5c:7e:50:ac:90:8b:db:33:20:dd:eb:a0:30:a3:6a:f9:c3:
         82:bb:ce:bf:42:d2:e4:53:4a:b0:03:e5:d1:46:26:34:65:fe:
         f5:96:04:46:de:b1:d3:d0:ef:ed:8b:f5:79:3d:00:65:dc:55:
         b0:b7:52:5a:e6:95:be:eb:8c:70:0a:d8:d1:ac:bf:79:8d:4f:
         5b:5a:f1:ae:69:f9:94:17:78:d8:e7:83:7d:f4:24:90:6b:ed:
         bb:71:08:6f:e4:95:3d:3e:24:7d:3a:8d:cc:f6:f5:72:63:44:
         c9:c1:f9:ac:b0:25:fd:d0:43:ed:14:44:cc:3d:a2:7c:d5:49:
         7c:70:47:ef:7e:45:00:da:68:72:ae:0b:48:f7:b3:b2:61:46:
         a1:a4:4a:a0:72:94:0e:bc:76:6e:05:eb:d8:8f:0e:05:ca:98:
         e7:39:5b:ba:b2:e6:54:67:29:9a:3e:e4:16:ad:af:51:dc:bd:
         38:97:de:40:cc:9e:37:73:7c:36:2c:b2:77:ce:a2:ce:86:c0:
         6a:1f:e3:50:ce:32:fd:75:14:62:54:b5:27:49:55:ec:aa:6b:
         bb:e0:62:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvFAhlA/iWyQcfssEo/13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYmUyYWQ3Y2M2OWE5NWUzYTgwNzFmYjMzZGY5YWY3YTM3
OTkyOGIwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJlYWI5YzhhMTU4NDg2MjQzMmU5MWM3YWQwNTc5YjgyMDRjYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgmufeKubYv/fCAeJyKVRuWV9lp5
zn9AHtP2PXtBJID6HK/rzRthyYdT8ohwAe6QbEPh5klotmSHPQHtynHjES/d98UR
6NasYj3if57Pu9k7Am5Jy6Ffj9Y1dWGcrSEr0nc64w7cXh5wWvgcLCatTYqPwwbZ
KkgfF2QrpNZgzOFTI+/1NlryAbzAJEzeQ7dvYimvmJC8qOTI6r0PDAEfFsrw5D3M
ILvrYjgEJLVCI+MPS07x2/l9Ycq242QCj2PuVeFEegBajjWP12tFP8trMqMYJ45G
vdJWICcSM2LzaHI6tqPN1Vl2GPK5YQ2Uukv73F4sbmsdyyHsqkGgIwHOwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIuq5yKFYSGJDLpHHrQV5uCBMu1MB8GA1UdIwQY
MBaAFC++KtfMaaleOoBx+zPfmvejeZKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDc0cTE4eHBxVjQ2Z0hIN005LWE5Nk41a29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9hZDY5NTQtYWYzMi00OTk2LWJiNjkt
MmVkOWYxY2MyYjBkLzEvY2k2cm5Jb1ZoSVlrTXVrY2V0QlhtNElFeTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9hZDY5NTQtYWYzMi00OTk2LWJiNjktMmVkOWYxY2MyYjBk
LzEvTDc0cTE4eHBxVjQ2Z0hIN005LWE5Nk41a29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufPIMA0G
CSqGSIb3DQEBCwUAA4IBAQAbi093JrOcakIvi6UBi1ErR7znKNTyjB7df1M0FHnY
of0Ela2UXH5QrJCL2zMg3eugMKNq+cOCu86/QtLkU0qwA+XRRiY0Zf71lgRG3rHT
0O/ti/V5PQBl3FWwt1Ja5pW+64xwCtjRrL95jU9bWvGuafmUF3jY54N99CSQa+27
cQhv5JU9PiR9Oo3M9vVyY0TJwfmssCX90EPtFETMPaJ81Ul8cEfvfkUA2mhyrgtI
97OyYUahpEqgcpQOvHZuBevYjw4FypjnOVu6suZUZymaPuQWra9R3L04l95AzJ43
c3w2LLJ3zqLOhsBqH+NQzjL9dRRiVLUnSVXsqmu74GKS
-----END CERTIFICATE-----
Generated at Sat Jun 15 14:24:35 2024 by rpki-client on console-ams.rpki-client.org