Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/RXhDmF0Nf1871TrkNv974L3Z29Y.roa
File:                     RXhDmF0Nf1871TrkNv974L3Z29Y.roa (raw, json)
Hash identifier:          NgWViqE4Dkuoc5sG/jNUAWTg7/UWYJWTg2J3N4zUoWc=
Subject key identifier:   45:78:43:98:5D:0D:7F:5F:3B:D5:3A:E4:36:FF:7B:E0:BD:D9:DB:D6
Certificate issuer:       /CN=88e719f426793b1e9063771460abd311a3dff116
Certificate serial:       018CC493985827A328A20AF7866CCACEC8FF
Authority key identifier: 88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/RXhDmF0Nf1871TrkNv974L3Z29Y.roa
Signing time:             Mon 01 Jan 2024 10:30:56 +0000
ROA not before:           Mon 01 Jan 2024 10:30:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62528
IP address blocks:        185.134.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 07:03:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:98:58:27:a3:28:a2:0a:f7:86:6c:ca:ce:c8:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e719f426793b1e9063771460abd311a3dff116
        Validity
            Not Before: Jan  1 10:30:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=457843985d0d7f5f3bd53ae436ff7be0bdd9dbd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8d:0e:80:89:8c:e2:5b:04:de:f4:ac:3b:24:
                    0c:68:3a:41:10:3d:d2:d8:0f:0d:98:5b:d1:e2:5a:
                    ec:fa:1a:ca:bf:d3:b6:03:21:f3:e9:99:93:8b:3d:
                    74:59:af:7c:f8:8e:87:0f:b0:e8:ae:cf:04:4a:05:
                    c5:f9:56:c4:bf:5d:7e:b4:f2:83:5a:bb:06:1f:07:
                    de:5e:bb:f4:35:15:24:81:b4:8b:07:cc:5e:d1:85:
                    37:dc:c4:35:72:9e:0c:b5:33:8e:bf:ad:e2:19:62:
                    75:59:a4:bf:76:59:e9:60:27:50:73:93:b6:c7:55:
                    36:0b:63:8e:98:c9:11:52:ed:b0:62:c5:19:61:3b:
                    02:21:d0:da:36:ee:50:5b:62:27:a9:23:b1:f1:92:
                    d6:cf:c9:0e:d0:d3:a3:9e:40:01:79:7a:9f:a2:b0:
                    74:53:ef:46:98:f7:71:09:1c:05:6a:82:82:39:bc:
                    ea:17:bc:b3:1e:d3:28:fc:39:e1:be:4e:67:a8:9e:
                    2d:d3:95:06:e2:80:00:7f:4b:93:4f:0b:c3:79:c1:
                    18:d1:3b:3d:0a:7e:66:23:df:d9:a4:cd:10:cf:bb:
                    72:7e:73:07:78:86:b4:09:09:c7:7d:ae:f7:58:be:
                    da:cf:a5:ed:58:06:18:80:97:46:33:59:29:48:3d:
                    fa:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:78:43:98:5D:0D:7F:5F:3B:D5:3A:E4:36:FF:7B:E0:BD:D9:DB:D6
            X509v3 Authority Key Identifier:
                keyid:88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/RXhDmF0Nf1871TrkNv974L3Z29Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:1e:fd:ef:23:5f:e6:6e:a1:8d:d8:db:f2:d2:ac:19:07:67:
         03:38:5e:0c:11:4f:5c:59:ab:48:d5:fd:36:0a:16:e3:f0:76:
         9f:c7:ba:23:6e:6d:bd:36:fd:41:10:aa:37:56:54:4c:52:57:
         46:cf:87:f7:05:ac:07:71:c4:59:2b:a0:09:c0:d3:ea:1c:aa:
         a9:0d:00:57:68:6e:3d:5c:d1:e0:48:f1:20:10:18:73:c6:b6:
         54:5e:99:5d:b1:5b:07:e0:b1:29:db:01:71:40:ed:ef:2e:a7:
         c7:6b:28:54:77:d6:12:68:0e:44:0d:fc:92:11:cd:75:d5:47:
         53:74:17:1b:b1:05:d9:50:d1:17:4a:09:c4:d0:42:8a:75:03:
         c0:16:b7:25:68:60:ff:2e:c6:19:3a:3a:48:93:9f:30:e2:24:
         6a:31:f1:dd:a6:44:57:a4:f2:a8:62:3d:04:83:b7:85:66:65:
         01:4b:7e:5d:1c:37:ca:88:75:14:55:e0:7e:e9:1b:cc:20:d2:
         24:a7:7c:c3:b3:2c:5d:a7:1c:bb:72:98:18:69:46:06:3f:0d:
         b1:38:8e:00:b8:28:10:87:9b:e3:a3:55:db:26:82:53:75:4c:
         59:88:ca:ff:7f:bd:0e:b6:3b:54:95:81:d7:2b:94:0a:e3:d9:
         e7:77:2d:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5hYJ6Moogr3hmzKzsj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTcxOWY0MjY3OTNiMWU5MDYzNzcxNDYwYWJkMzExYTNk
ZmYxMTYwHhcNMjQwMTAxMTAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc4NDM5ODVkMGQ3ZjVmM2JkNTNhZTQzNmZmN2JlMGJkZDlkYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI0OgImM4lsE3vSsOyQMaDpBED3S
2A8NmFvR4lrs+hrKv9O2AyHz6ZmTiz10Wa98+I6HD7Dors8ESgXF+VbEv11+tPKD
WrsGHwfeXrv0NRUkgbSLB8xe0YU33MQ1cp4MtTOOv63iGWJ1WaS/dlnpYCdQc5O2
x1U2C2OOmMkRUu2wYsUZYTsCIdDaNu5QW2InqSOx8ZLWz8kO0NOjnkABeXqforB0
U+9GmPdxCRwFaoKCObzqF7yzHtMo/Dnhvk5nqJ4t05UG4oAAf0uTTwvDecEY0Ts9
Cn5mI9/ZpM0Qz7tyfnMHeIa0CQnHfa73WL7az6XtWAYYgJdGM1kpSD36awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEV4Q5hdDX9fO9U65Db/e+C92dvWMB8GA1UdIwQY
MBaAFIjnGfQmeTsekGN3FGCr0xGj3/EWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjct
YWU1MmUxNTZiNzdlLzEvUlhoRG1GME5mMTg3MVRya052OTc0TDNaMjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjctYWU1MmUxNTZiNzdl
LzEvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYa3MA0G
CSqGSIb3DQEBCwUAA4IBAQBVHv3vI1/mbqGN2Nvy0qwZB2cDOF4MEU9cWatI1f02
Chbj8Hafx7ojbm29Nv1BEKo3VlRMUldGz4f3BawHccRZK6AJwNPqHKqpDQBXaG49
XNHgSPEgEBhzxrZUXpldsVsH4LEp2wFxQO3vLqfHayhUd9YSaA5EDfySEc111UdT
dBcbsQXZUNEXSgnE0EKKdQPAFrclaGD/LsYZOjpIk58w4iRqMfHdpkRXpPKoYj0E
g7eFZmUBS35dHDfKiHUUVeB+6RvMINIkp3zDsyxdpxy7cpgYaUYGPw2xOI4AuCgQ
h5vjo1XbJoJTdUxZiMr/f70OtjtUlYHXK5QK49nndy2i
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:07:51 2024 by rpki-client on console-ams.rpki-client.org