Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CuU16V8Dhahw5mBm_Ou9Bv6JCHE.roa
File:                     CuU16V8Dhahw5mBm_Ou9Bv6JCHE.roa (raw, json)
Hash identifier:          EvsI6YtxgVvk7rzVpg8PjvIe1I6azHUnsRWLOUwtt/s=
Subject key identifier:   0A:E5:35:E9:5F:03:85:A8:70:E6:60:66:FC:EB:BD:06:FE:89:08:71
Certificate issuer:       /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial:       018CC802C3A67DC7FC9F721510C42B1B05DC
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CuU16V8Dhahw5mBm_Ou9Bv6JCHE.roa
Signing time:             Tue 02 Jan 2024 02:31:13 +0000
ROA not before:           Tue 02 Jan 2024 02:31:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31207
IP address blocks:        188.208.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:c3:a6:7d:c7:fc:9f:72:15:10:c4:2b:1b:05:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
        Validity
            Not Before: Jan  2 02:31:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ae535e95f0385a870e66066fcebbd06fe890871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:57:89:26:4a:3b:11:d3:85:e0:0b:19:57:ac:
                    25:37:b6:b0:54:5a:f3:59:93:70:b1:76:4f:ff:48:
                    18:09:e6:d4:90:15:5c:7c:14:ac:d5:6d:61:d7:a8:
                    04:16:1f:18:03:b1:05:e0:e1:e7:28:24:b9:58:bb:
                    a6:b4:7e:f4:87:0f:b3:9e:15:38:b7:eb:6e:45:00:
                    e8:f0:7f:d4:c5:ac:7a:08:17:a8:87:b8:84:3c:a9:
                    13:8f:21:b7:d6:21:66:b7:b3:f9:38:32:84:e0:9b:
                    03:32:7f:6a:40:27:46:d0:3b:ce:05:01:ae:b8:86:
                    ed:c8:a7:d6:d5:39:ed:d3:c3:70:47:c8:ee:2a:cf:
                    69:07:b4:2a:27:b3:a7:32:78:73:69:b4:bd:28:8b:
                    a2:ea:ec:7b:cb:be:bb:97:c0:8c:86:13:6c:a3:3d:
                    9a:55:df:32:2d:44:71:86:0d:7e:be:50:ff:f5:71:
                    39:9b:e0:9c:b6:9b:be:4c:f1:46:7b:2c:d5:bb:5d:
                    b9:61:cf:3e:71:37:5b:3a:88:bc:b2:05:a1:76:27:
                    10:ee:23:e9:34:1c:6c:ee:3f:19:41:df:5c:4f:cf:
                    84:c8:2d:c2:0a:76:c0:ed:8c:c0:23:75:de:17:81:
                    12:51:64:c3:61:3a:d1:68:16:13:6c:e4:9d:da:6a:
                    8d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:E5:35:E9:5F:03:85:A8:70:E6:60:66:FC:EB:BD:06:FE:89:08:71
            X509v3 Authority Key Identifier:
                keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CuU16V8Dhahw5mBm_Ou9Bv6JCHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.208.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:83:2f:06:92:60:55:75:32:e4:61:0f:21:3a:94:44:d2:ec:
         00:c7:ae:17:9b:ce:09:7a:c9:d2:9a:e0:28:0d:d8:89:23:8c:
         ed:d5:30:73:19:fc:ad:94:07:18:03:99:1d:cc:f6:9f:a8:a0:
         70:ce:7c:22:ff:97:f5:01:8a:dc:44:83:00:86:90:4c:3a:96:
         eb:78:da:d1:01:d3:43:86:d3:00:bd:30:5f:fb:cd:92:06:a9:
         ab:52:4c:a7:dd:fa:68:9f:33:56:f4:20:c7:1c:53:e9:81:1d:
         6a:77:ee:f4:4d:b3:3b:af:3d:4c:a1:a0:cd:65:0f:01:61:8d:
         27:27:b9:43:79:20:0c:12:fb:fa:bb:5e:7b:37:01:83:7e:cb:
         46:2c:84:a0:64:7b:e1:a9:ad:c7:e4:02:38:75:21:9a:e8:55:
         54:a4:91:cd:11:51:cb:05:08:28:17:46:18:3c:6a:c9:88:6e:
         81:82:94:bc:e1:da:a4:c1:45:2c:30:d1:a8:48:56:e3:20:94:
         0b:32:26:e1:07:7e:12:57:de:4f:0b:ed:ca:b3:7a:81:e4:33:
         24:d8:b5:7d:11:59:8c:94:31:5e:27:6f:06:72:3b:c6:1b:ab:
         d9:06:f2:b8:18:3e:20:a8:bc:09:20:43:01:e2:51:11:5a:06:
         dd:aa:0b:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAsOmfcf8n3IVEMQrGwXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1MzVlOTVmMDM4NWE4NzBlNjYwNjZmY2ViYmQwNmZlODkwODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvleJJko7EdOF4AsZV6wlN7awVFrz
WZNwsXZP/0gYCebUkBVcfBSs1W1h16gEFh8YA7EF4OHnKCS5WLumtH70hw+znhU4
t+tuRQDo8H/Uxax6CBeoh7iEPKkTjyG31iFmt7P5ODKE4JsDMn9qQCdG0DvOBQGu
uIbtyKfW1Tnt08NwR8juKs9pB7QqJ7OnMnhzabS9KIui6ux7y767l8CMhhNsoz2a
Vd8yLURxhg1+vlD/9XE5m+Cctpu+TPFGeyzVu125Yc8+cTdbOoi8sgWhdicQ7iPp
NBxs7j8ZQd9cT8+EyC3CCnbA7YzAI3XeF4ESUWTDYTrRaBYTbOSd2mqNuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArlNelfA4WocOZgZvzrvQb+iQhxMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvQ3VVMTZWOERoYWh3NW1CbV9PdTlCdjZKQ0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNAfMA0G
CSqGSIb3DQEBCwUAA4IBAQBYgy8GkmBVdTLkYQ8hOpRE0uwAx64Xm84JesnSmuAo
DdiJI4zt1TBzGfytlAcYA5kdzPafqKBwznwi/5f1AYrcRIMAhpBMOpbreNrRAdND
htMAvTBf+82SBqmrUkyn3fponzNW9CDHHFPpgR1qd+70TbM7rz1MoaDNZQ8BYY0n
J7lDeSAMEvv6u157NwGDfstGLISgZHvhqa3H5AI4dSGa6FVUpJHNEVHLBQgoF0YY
PGrJiG6BgpS84dqkwUUsMNGoSFbjIJQLMibhB34SV95PC+3Ks3qB5DMk2LV9EVmM
lDFeJ28GcjvGG6vZBvK4GD4gqLwJIEMB4lERWgbdqgv8
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:19 2024 by rpki-client on console-fra.rpki-client.org