Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fPU9lcrebTQARYlqEE8XbKXDr_8.roa
File:                     fPU9lcrebTQARYlqEE8XbKXDr_8.roa (raw, json)
Hash identifier:          rvdpvlS5ATfv8h5/tVxotcY2undopd3YSmoEug4Zgyw=
Subject key identifier:   7C:F5:3D:95:CA:DE:6D:34:00:45:89:6A:10:4F:17:6C:A5:C3:AF:FF
Certificate issuer:       /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial:       0191272FDCBFB7BF9C2F8EE305B2CF8AD97E
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fPU9lcrebTQARYlqEE8XbKXDr_8.roa
Signing time:             Tue 06 Aug 2024 10:15:33 +0000
ROA not before:           Tue 06 Aug 2024 10:15:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44220
IP address blocks:        89.45.46.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:27:2f:dc:bf:b7:bf:9c:2f:8e:e3:05:b2:cf:8a:d9:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
        Validity
            Not Before: Aug  6 10:15:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7cf53d95cade6d340045896a104f176ca5c3afff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:72:1f:3c:7c:98:a2:5c:1c:62:8e:08:66:37:
                    e6:5e:8d:c7:90:4d:e7:73:fa:5a:ee:c6:50:5a:b0:
                    89:54:c0:3a:44:5a:17:1d:b9:53:da:41:17:4a:01:
                    0a:da:38:9e:8b:3b:ab:6d:1a:1c:52:77:68:15:28:
                    39:ce:bc:54:20:f2:47:76:b0:28:eb:60:3e:83:a8:
                    d2:7f:42:18:d5:37:23:3a:9a:84:10:30:b2:a6:97:
                    b8:fc:89:0e:ef:21:9d:b2:19:18:f2:74:f3:ff:5d:
                    c8:48:8e:0f:9f:8c:ca:6b:00:18:93:e1:19:c7:a7:
                    06:5c:4c:9c:d9:54:92:bf:05:40:57:2f:09:31:60:
                    8b:f1:da:86:0a:f7:d9:b5:5b:e0:26:bd:aa:56:18:
                    1d:d5:bc:68:84:92:d6:00:ce:06:01:aa:e5:20:ce:
                    0e:67:66:e7:5d:5e:9e:cd:1f:f9:20:c9:f8:72:3a:
                    b3:81:ff:60:69:21:97:5a:29:89:49:71:89:33:84:
                    ea:66:8a:c2:8a:9e:5b:b8:db:a4:85:c7:ea:74:1c:
                    21:fd:7a:e6:6d:ae:a0:57:84:c2:73:1e:3d:f5:51:
                    5c:93:80:b8:b2:13:48:79:37:4d:4e:53:b3:f5:89:
                    13:23:b3:a3:c8:aa:cf:22:8d:34:6f:42:b3:c2:fb:
                    c3:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F5:3D:95:CA:DE:6D:34:00:45:89:6A:10:4F:17:6C:A5:C3:AF:FF
            X509v3 Authority Key Identifier:
                keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fPU9lcrebTQARYlqEE8XbKXDr_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.45.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:74:c4:9e:6f:4b:f5:5d:fb:7b:ec:74:33:f9:f1:66:b7:66:
         62:2d:71:94:84:6a:3e:92:5f:72:b6:24:bb:5a:45:19:47:76:
         92:d3:02:74:12:93:2d:69:1e:86:3d:92:2b:73:df:8d:86:92:
         1b:70:b5:60:66:57:c2:26:c3:63:0d:b6:de:15:37:db:fc:2d:
         7b:a2:78:fe:00:8b:ec:94:32:85:4c:d9:ce:7f:21:2f:b5:13:
         3f:f0:64:9d:91:7f:40:86:45:45:2a:f7:cc:6c:cd:82:e0:f9:
         2b:67:53:04:13:b8:63:99:8e:73:17:ef:b8:5d:6e:2e:49:f6:
         10:6f:ec:76:fa:8b:d7:0b:f8:da:21:e5:eb:79:be:30:ec:3c:
         9c:72:c3:dc:dd:da:7f:55:2e:e1:23:88:8e:dd:cb:1b:3c:06:
         a8:9a:19:15:f3:67:7d:bb:e0:c1:32:ef:b7:a0:22:48:cc:b2:
         9e:36:d2:04:f3:5a:70:51:eb:fb:e6:22:71:86:83:73:37:4a:
         d8:14:ac:0c:00:d0:a4:b1:a1:e1:ff:77:52:29:62:ae:49:be:
         b2:c8:13:d0:5d:06:00:62:e1:35:cb:2d:3e:e9:cb:f7:53:3d:
         57:30:aa:21:c1:5b:d3:b5:6d:b4:e6:90:47:3c:26:fb:43:a5:
         0c:c7:90:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEnL9y/t7+cL47jBbLPitl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwODA2MTAxNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y1M2Q5NWNhZGU2ZDM0MDA0NTg5NmExMDRmMTc2Y2E1YzNhZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XIfPHyYolwcYo4IZjfmXo3HkE3n
c/pa7sZQWrCJVMA6RFoXHblT2kEXSgEK2jieizurbRocUndoFSg5zrxUIPJHdrAo
62A+g6jSf0IY1TcjOpqEEDCyppe4/IkO7yGdshkY8nTz/13ISI4Pn4zKawAYk+EZ
x6cGXEyc2VSSvwVAVy8JMWCL8dqGCvfZtVvgJr2qVhgd1bxohJLWAM4GAarlIM4O
Z2bnXV6ezR/5IMn4cjqzgf9gaSGXWimJSXGJM4TqZorCip5buNukhcfqdBwh/Xrm
ba6gV4TCcx499VFck4C4shNIeTdNTlOz9YkTI7OjyKrPIo00b0KzwvvDFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHz1PZXK3m00AEWJahBPF2ylw6//MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvZlBVOWxjcmViVFFBUllscUVFOFhiS1hEcl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS0uMA0G
CSqGSIb3DQEBCwUAA4IBAQCEdMSeb0v1Xft77HQz+fFmt2ZiLXGUhGo+kl9ytiS7
WkUZR3aS0wJ0EpMtaR6GPZIrc9+NhpIbcLVgZlfCJsNjDbbeFTfb/C17onj+AIvs
lDKFTNnOfyEvtRM/8GSdkX9AhkVFKvfMbM2C4PkrZ1MEE7hjmY5zF++4XW4uSfYQ
b+x2+ovXC/jaIeXreb4w7DyccsPc3dp/VS7hI4iO3csbPAaomhkV82d9u+DBMu+3
oCJIzLKeNtIE81pwUev75iJxhoNzN0rYFKwMANCksaHh/3dSKWKuSb6yyBPQXQYA
YuE1yy0+6cv3Uz1XMKohwVvTtW205pBHPCb7Q6UMx5Bf
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:19 2024 by rpki-client on console-fra.rpki-client.org