Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/dF1pgPQgZvs-7XHrFzpRmWd_5Q0.roa
File:                     dF1pgPQgZvs-7XHrFzpRmWd_5Q0.roa (raw, json)
Hash identifier:          aXFcSf2sl+R1kOTNV6O5fS6nRsNyJ9CvCwkgkmhs4+w=
Subject key identifier:   74:5D:69:80:F4:20:66:FB:3E:ED:71:EB:17:3A:51:99:67:7F:E5:0D
Certificate issuer:       /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial:       018CC802D12C357C1E1F9BE3370508A90317
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/dF1pgPQgZvs-7XHrFzpRmWd_5Q0.roa
Signing time:             Tue 02 Jan 2024 02:31:16 +0000
ROA not before:           Tue 02 Jan 2024 02:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212929
IP address blocks:        93.115.40.0/24 maxlen: 24
                          93.115.41.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:d1:2c:35:7c:1e:1f:9b:e3:37:05:08:a9:03:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
        Validity
            Not Before: Jan  2 02:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=745d6980f42066fb3eed71eb173a5199677fe50d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:be:34:7d:4d:04:f1:61:84:c0:9d:d2:61:e0:
                    b3:2b:68:81:3e:39:cd:82:18:ed:79:b5:26:f1:04:
                    b9:f5:e3:74:6b:5c:86:d2:cc:ac:f5:50:ad:b9:46:
                    1d:17:f4:99:1d:57:76:7e:7b:80:8d:45:4d:30:d4:
                    84:62:2a:27:fb:48:40:04:69:e1:7f:ad:0f:ad:e7:
                    4f:8f:62:fd:71:b2:dd:81:94:75:be:84:4a:e6:da:
                    21:fe:2e:c1:58:0a:e7:75:64:d7:48:b8:3b:ce:a0:
                    8b:8b:26:d6:dd:1f:72:51:2b:0a:53:02:12:86:8b:
                    99:4e:22:50:24:eb:12:a6:21:bf:11:0b:e3:e4:54:
                    9f:37:f5:dc:a2:5f:08:04:da:a7:f7:85:68:a4:a3:
                    db:13:78:2a:f0:29:78:42:a7:fd:76:f1:70:e7:34:
                    62:59:ca:2a:e0:5f:c4:92:c5:ac:54:69:f0:93:51:
                    46:52:4b:29:c8:a8:39:f6:68:2b:00:38:25:bf:03:
                    37:12:44:51:89:81:c7:66:f1:b6:3d:50:f0:77:99:
                    05:0c:35:2e:6c:ac:27:75:c9:22:3f:5a:69:8d:04:
                    c7:55:88:2c:5d:1e:f7:38:64:dd:ca:ec:5b:b6:ed:
                    c6:9b:90:1f:cd:5c:ac:c9:32:50:c3:90:7f:4b:e8:
                    4a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:5D:69:80:F4:20:66:FB:3E:ED:71:EB:17:3A:51:99:67:7F:E5:0D
            X509v3 Authority Key Identifier:
                keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/dF1pgPQgZvs-7XHrFzpRmWd_5Q0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.115.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:63:7b:8e:dc:e5:29:f8:38:c1:c5:da:cd:a6:19:8d:86:06:
         46:2d:89:3a:09:b2:57:02:5b:1d:c4:df:d7:d0:31:ba:92:4b:
         c1:7d:62:0a:c8:2b:f4:ad:65:6f:15:24:8f:f8:be:8e:1c:0f:
         52:84:c0:1f:f7:7e:cc:f6:99:fb:55:2e:51:31:18:6f:8a:2b:
         d4:f1:02:12:d3:f5:d1:1d:8a:bf:fd:9c:7d:f5:7d:9f:a0:8c:
         d8:9d:c1:c8:a0:0e:f2:84:7e:a2:75:bf:d6:77:fc:54:07:18:
         ba:c6:14:21:b1:ab:a2:d2:c6:ac:cd:5b:00:b4:2c:4e:21:27:
         23:3a:04:01:f5:68:88:1f:61:14:ad:a6:c4:b6:21:d1:17:80:
         9e:a6:e1:04:39:46:8f:63:de:32:f6:64:3c:39:ac:b5:1b:29:
         94:8d:5c:d0:33:22:35:cc:88:61:56:3a:79:ca:80:74:57:73:
         d7:1d:f6:73:14:e2:4f:e6:c7:79:34:bb:81:3b:23:4c:6a:b3:
         05:6a:60:8e:86:7b:1f:1c:3e:7e:f1:22:51:7a:d8:0d:53:0a:
         8e:a3:e5:31:40:2e:8d:f9:3b:20:f3:9c:b5:87:4e:51:3d:e3:
         fd:9f:71:c0:21:05:de:01:0b:20:1a:c7:2b:a8:b4:19:55:a8:
         92:a8:53:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAtEsNXweH5vjNwUIqQMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVkNjk4MGY0MjA2NmZiM2VlZDcxZWIxNzNhNTE5OTY3N2ZlNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb40fU0E8WGEwJ3SYeCzK2iBPjnN
ghjtebUm8QS59eN0a1yG0sys9VCtuUYdF/SZHVd2fnuAjUVNMNSEYion+0hABGnh
f60PredPj2L9cbLdgZR1voRK5toh/i7BWArndWTXSLg7zqCLiybW3R9yUSsKUwIS
houZTiJQJOsSpiG/EQvj5FSfN/Xcol8IBNqn94VopKPbE3gq8Cl4Qqf9dvFw5zRi
Wcoq4F/EksWsVGnwk1FGUkspyKg59mgrADglvwM3EkRRiYHHZvG2PVDwd5kFDDUu
bKwndckiP1ppjQTHVYgsXR73OGTdyuxbtu3Gm5AfzVysyTJQw5B/S+hKBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRdaYD0IGb7Pu1x6xc6UZlnf+UNMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvZEYxcGdQUWdadnMtN1hIckZ6cFJtV2RfNVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXXMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAGY3uO3OUp+DjBxdrNphmNhgZGLYk6CbJXAlsdxN/X
0DG6kkvBfWIKyCv0rWVvFSSP+L6OHA9ShMAf937M9pn7VS5RMRhviivU8QIS0/XR
HYq//Zx99X2foIzYncHIoA7yhH6idb/Wd/xUBxi6xhQhsaui0saszVsAtCxOIScj
OgQB9WiIH2EUrabEtiHRF4CepuEEOUaPY94y9mQ8Oay1GymUjVzQMyI1zIhhVjp5
yoB0V3PXHfZzFOJP5sd5NLuBOyNMarMFamCOhnsfHD5+8SJRetgNUwqOo+UxQC6N
+Tsg85y1h05RPeP9n3HAIQXeAQsgGscrqLQZVaiSqFOm
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org