Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/vmgxE8WZfq3tcV5Dq0vRTDR6_Q4.roa
File:                     vmgxE8WZfq3tcV5Dq0vRTDR6_Q4.roa (raw, json)
Hash identifier:          qwvHnxHi1vLQu+kawNchF/PfejIFICvMNxXLEBZznh0=
Subject key identifier:   BE:68:31:13:C5:99:7E:AD:ED:71:5E:43:AB:4B:D1:4C:34:7A:FD:0E
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       018CC72763DD7C802CF747A49A27B5948903
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/vmgxE8WZfq3tcV5Dq0vRTDR6_Q4.roa
Signing time:             Mon 01 Jan 2024 22:31:36 +0000
ROA not before:           Mon 01 Jan 2024 22:31:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34254
IP address blocks:        217.8.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:63:dd:7c:80:2c:f7:47:a4:9a:27:b5:94:89:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  1 22:31:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be683113c5997eaded715e43ab4bd14c347afd0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:98:5b:c1:5c:79:d5:a8:cc:12:ec:ef:cf:4e:
                    34:4e:5a:5b:a2:dd:06:67:be:7a:97:20:a2:7c:e0:
                    03:36:80:af:9a:74:94:80:97:b2:8d:71:9f:b6:ac:
                    a5:13:ad:f6:51:56:05:30:47:83:ec:0b:01:86:7a:
                    71:41:3f:4c:28:87:0a:2f:4d:ae:36:4b:38:88:bc:
                    03:3b:70:2e:3e:2e:4b:9b:51:da:e4:ef:2a:c8:38:
                    e4:da:b4:0c:87:31:d1:bc:a5:7d:0e:f0:d8:ff:63:
                    a6:42:c3:db:1c:9a:36:63:9c:22:2e:b7:41:99:bd:
                    31:06:7d:c3:c0:21:d1:40:d7:06:70:7b:00:55:06:
                    92:6e:83:1c:4e:12:69:b5:3a:e5:d6:ec:a3:28:e1:
                    06:d3:22:70:b9:74:12:e9:12:f8:a5:a1:db:05:03:
                    0f:fc:de:b4:5b:87:75:fe:89:9a:2e:66:f6:35:19:
                    fa:83:a3:5b:03:8a:0b:4f:1a:0a:85:b9:83:7d:5f:
                    cd:c9:50:44:c5:c2:d7:6b:a1:8f:6e:cc:32:9f:97:
                    5b:e6:f5:d5:1c:6f:25:67:92:38:58:13:f2:f9:07:
                    6b:36:bf:b3:15:11:c7:15:ee:3e:a7:7d:2b:dc:7c:
                    ef:4a:aa:eb:96:10:00:43:b8:51:9a:fe:95:7e:7d:
                    a8:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:68:31:13:C5:99:7E:AD:ED:71:5E:43:AB:4B:D1:4C:34:7A:FD:0E
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/vmgxE8WZfq3tcV5Dq0vRTDR6_Q4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.8.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:18:c0:4d:2d:4f:5a:40:72:00:8f:5b:42:70:8c:cc:fb:64:
         c0:1b:ff:97:68:1c:3e:70:1f:b0:65:b2:51:98:b6:f6:35:ec:
         fa:5d:21:b3:d6:fa:bb:f6:a3:3f:03:82:fe:a0:fd:20:33:02:
         0e:28:0c:6a:f8:34:6f:f5:1f:eb:1a:ba:ed:f2:c2:fb:45:8f:
         9f:a0:d6:7c:be:8f:d4:56:95:aa:b2:88:02:7b:db:04:b6:ef:
         41:db:30:dd:84:a4:a0:15:d3:b0:b9:0c:26:5a:6b:a9:d7:a6:
         e5:ff:31:f2:cc:f5:ce:01:8f:52:c2:5d:8d:d3:ee:dd:26:5c:
         41:d2:c9:f8:02:ee:bc:7a:b5:17:b2:e4:fc:a8:36:07:f1:3e:
         13:29:65:f7:6e:08:f8:af:5e:7c:09:11:fb:ee:73:46:db:0a:
         65:a5:a6:c9:78:02:9d:84:b3:ac:31:cc:47:ca:80:f9:a8:69:
         0f:7c:56:ce:53:a5:bf:2e:fd:c8:16:50:ed:4d:49:08:c1:db:
         4c:2a:df:dd:de:37:0b:d0:90:17:cc:ae:fa:53:9b:31:51:a1:
         44:59:54:dc:3e:b9:78:9c:60:78:56:3c:72:36:9f:1c:61:31:
         1c:aa:c5:5c:4c:dc:b3:01:7a:b6:ae:81:ff:5a:bd:39:76:e5:
         9b:5f:b4:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ2PdfIAs90ekmie1lIkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY4MzExM2M1OTk3ZWFkZWQ3MTVlNDNhYjRiZDE0YzM0N2FmZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJhbwVx51ajMEuzvz040Tlpbot0G
Z756lyCifOADNoCvmnSUgJeyjXGftqylE632UVYFMEeD7AsBhnpxQT9MKIcKL02u
Nks4iLwDO3AuPi5Lm1Ha5O8qyDjk2rQMhzHRvKV9DvDY/2OmQsPbHJo2Y5wiLrdB
mb0xBn3DwCHRQNcGcHsAVQaSboMcThJptTrl1uyjKOEG0yJwuXQS6RL4paHbBQMP
/N60W4d1/omaLmb2NRn6g6NbA4oLTxoKhbmDfV/NyVBExcLXa6GPbswyn5db5vXV
HG8lZ5I4WBPy+QdrNr+zFRHHFe4+p30r3HzvSqrrlhAAQ7hRmv6Vfn2oNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5oMRPFmX6t7XFeQ6tL0Uw0ev0OMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvdm1neEU4V1pmcTN0Y1Y1RHEwdlJURFI2X1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QivMA0G
CSqGSIb3DQEBCwUAA4IBAQB3GMBNLU9aQHIAj1tCcIzM+2TAG/+XaBw+cB+wZbJR
mLb2Nez6XSGz1vq79qM/A4L+oP0gMwIOKAxq+DRv9R/rGrrt8sL7RY+foNZ8vo/U
VpWqsogCe9sEtu9B2zDdhKSgFdOwuQwmWmup16bl/zHyzPXOAY9Swl2N0+7dJlxB
0sn4Au68erUXsuT8qDYH8T4TKWX3bgj4r158CRH77nNG2wplpabJeAKdhLOsMcxH
yoD5qGkPfFbOU6W/Lv3IFlDtTUkIwdtMKt/d3jcL0JAXzK76U5sxUaFEWVTcPrl4
nGB4VjxyNp8cYTEcqsVcTNyzAXq2roH/Wr05duWbX7Rn
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:44 2024 by rpki-client on console-fra.rpki-client.org