Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/vNI5QPBNeGI6XmmAbDwFrZGyPpQ.roa
File:                     vNI5QPBNeGI6XmmAbDwFrZGyPpQ.roa (raw, json)
Hash identifier:          0lSKppOteliwbQQXurIn+FqpLq9y5LGZdOSircUdZ/g=
Subject key identifier:   BC:D2:39:40:F0:4D:78:62:3A:5E:69:80:6C:3C:05:AD:91:B2:3E:94
Certificate issuer:       /CN=10f7741cd1af2bb34c86c73ea3bd6c76d9968d0d
Certificate serial:       018CC2DB62D877E1D07DB1A27C14582A3407
Authority key identifier: 10:F7:74:1C:D1:AF:2B:B3:4C:86:C7:3E:A3:BD:6C:76:D9:96:8D:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EPd0HNGvK7NMhsc-o71sdtmWjQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/vNI5QPBNeGI6XmmAbDwFrZGyPpQ.roa
Signing time:             Mon 01 Jan 2024 02:30:06 +0000
ROA not before:           Mon 01 Jan 2024 02:30:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20495
IP address blocks:        185.37.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/EPd0HNGvK7NMhsc-o71sdtmWjQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/EPd0HNGvK7NMhsc-o71sdtmWjQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EPd0HNGvK7NMhsc-o71sdtmWjQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 May 2024 10:03:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:62:d8:77:e1:d0:7d:b1:a2:7c:14:58:2a:34:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10f7741cd1af2bb34c86c73ea3bd6c76d9968d0d
        Validity
            Not Before: Jan  1 02:30:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bcd23940f04d78623a5e69806c3c05ad91b23e94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:40:71:a6:a2:c0:a8:fa:1b:fe:51:61:78:20:
                    48:fa:e0:1e:4f:16:60:f4:8b:93:c5:46:37:59:71:
                    a3:4a:5a:62:0e:df:a9:c9:94:5d:5d:89:c3:ea:d2:
                    9a:7d:ed:83:f6:56:11:e0:82:01:98:c7:39:f9:31:
                    c2:12:26:70:a0:55:6c:51:ce:c1:38:68:22:40:dc:
                    19:55:e5:13:2c:54:52:54:1d:0e:28:b1:b9:67:f8:
                    be:90:0f:cb:32:a0:9d:54:fe:45:0e:d4:79:bb:13:
                    6e:0e:89:42:85:76:17:f9:86:76:f0:2a:b1:9e:c2:
                    5d:ef:34:f4:5a:1e:be:20:81:69:9d:a8:6f:e6:35:
                    e5:72:70:c6:83:ca:40:25:70:a5:ef:40:92:b1:cb:
                    52:d7:01:f4:7b:69:b1:d1:86:bf:35:57:3c:27:48:
                    e0:dc:08:57:38:06:18:46:43:e5:a5:1c:c3:e6:25:
                    d3:bc:77:f9:ea:17:4c:bc:01:32:29:a4:f1:46:d7:
                    d9:9e:bf:5b:95:84:a0:3f:96:3a:2f:ee:64:a1:4b:
                    32:65:c4:80:68:0c:86:c3:46:09:58:08:55:67:be:
                    dd:94:b0:92:5a:29:32:23:b6:6b:b4:36:88:1d:26:
                    e7:35:6a:94:7e:b3:a1:fb:c6:bb:51:a1:28:a2:00:
                    b9:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:D2:39:40:F0:4D:78:62:3A:5E:69:80:6C:3C:05:AD:91:B2:3E:94
            X509v3 Authority Key Identifier:
                keyid:10:F7:74:1C:D1:AF:2B:B3:4C:86:C7:3E:A3:BD:6C:76:D9:96:8D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPd0HNGvK7NMhsc-o71sdtmWjQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/vNI5QPBNeGI6XmmAbDwFrZGyPpQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/EPd0HNGvK7NMhsc-o71sdtmWjQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.37.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:ae:a4:e2:f6:8c:93:d6:6a:e0:b4:e9:84:45:d3:df:d4:6e:
         00:2f:51:19:01:cf:ca:dc:d0:0d:32:01:c1:0e:61:9b:70:ed:
         7a:c4:5d:48:09:d1:10:e3:65:f4:03:e6:21:4c:6f:84:25:26:
         93:8b:ab:3c:af:2d:b7:5e:64:57:00:6f:48:7f:44:14:10:d8:
         1f:cb:b3:1d:57:e8:e9:48:26:d9:10:cf:7c:dc:71:d4:a6:1e:
         0e:df:ca:cf:ef:f7:69:14:80:b1:af:d6:fa:f1:32:93:70:07:
         02:91:64:ce:06:63:45:d2:16:e6:3a:1f:cf:99:03:9c:50:e2:
         0c:ed:60:88:28:a6:4f:cb:56:9f:de:9b:28:5d:63:94:f4:d7:
         20:1c:e9:b9:a6:ec:ee:19:f9:36:97:db:4d:7c:a7:cf:f0:db:
         54:69:47:b4:44:ed:b4:f9:0e:30:86:f5:c0:d1:cf:43:85:74:
         2e:ae:a6:b6:27:ce:f9:13:83:2b:e7:46:81:81:bd:c6:60:f9:
         96:67:b6:16:cc:34:81:12:34:e3:a1:58:26:42:a4:64:1e:19:
         25:eb:07:a3:33:dc:53:9b:94:23:d8:c7:6b:a6:86:ec:01:07:
         58:d0:8e:d1:0b:bf:6a:c7:8b:e4:af:3a:f0:74:26:91:c4:89:
         85:a1:1f:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22LYd+HQfbGifBRYKjQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZjc3NDFjZDFhZjJiYjM0Yzg2YzczZWEzYmQ2Yzc2ZDk5
NjhkMGQwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QyMzk0MGYwNGQ3ODYyM2E1ZTY5ODA2YzNjMDVhZDkxYjIzZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUBxpqLAqPob/lFheCBI+uAeTxZg
9IuTxUY3WXGjSlpiDt+pyZRdXYnD6tKafe2D9lYR4IIBmMc5+THCEiZwoFVsUc7B
OGgiQNwZVeUTLFRSVB0OKLG5Z/i+kA/LMqCdVP5FDtR5uxNuDolChXYX+YZ28Cqx
nsJd7zT0Wh6+IIFpnahv5jXlcnDGg8pAJXCl70CSsctS1wH0e2mx0Ya/NVc8J0jg
3AhXOAYYRkPlpRzD5iXTvHf56hdMvAEyKaTxRtfZnr9blYSgP5Y6L+5koUsyZcSA
aAyGw0YJWAhVZ77dlLCSWikyI7ZrtDaIHSbnNWqUfrOh+8a7UaEoogC52wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzSOUDwTXhiOl5pgGw8Ba2Rsj6UMB8GA1UdIwQY
MBaAFBD3dBzRryuzTIbHPqO9bHbZlo0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVBkMEhOR3ZLN05NaHNjLW83MXNkdG1XalEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZWY3Y2UtMjVkNC00M2MxLThlYWUt
MWE2NGNmMjFhNjA0LzEvdk5JNVFQQk5lR0k2WG1tQWJEd0ZyWkd5UHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZWY3Y2UtMjVkNC00M2MxLThlYWUtMWE2NGNmMjFhNjA0
LzEvRVBkMEhOR3ZLN05NaHNjLW83MXNkdG1XalEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSUHMA0G
CSqGSIb3DQEBCwUAA4IBAQBwrqTi9oyT1mrgtOmERdPf1G4AL1EZAc/K3NANMgHB
DmGbcO16xF1ICdEQ42X0A+YhTG+EJSaTi6s8ry23XmRXAG9If0QUENgfy7MdV+jp
SCbZEM983HHUph4O38rP7/dpFICxr9b68TKTcAcCkWTOBmNF0hbmOh/PmQOcUOIM
7WCIKKZPy1af3psoXWOU9NcgHOm5puzuGfk2l9tNfKfP8NtUaUe0RO20+Q4whvXA
0c9DhXQurqa2J875E4Mr50aBgb3GYPmWZ7YWzDSBEjTjoVgmQqRkHhkl6wejM9xT
m5Qj2MdrpobsAQdY0I7RC79qx4vkrzrwdCaRxImFoR9m
-----END CERTIFICATE-----
Generated at Mon May 27 16:06:53 2024 by rpki-client on console-fra.rpki-client.org