Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/c8jOFNg8Elo0JNtknzuf2lKjUsk.roa
File:                     c8jOFNg8Elo0JNtknzuf2lKjUsk.roa (raw, json)
Hash identifier:          /b6bj7Vlc9xE1L8scwMAvfDOL0JocU3rACRscyhFq1U=
Subject key identifier:   73:C8:CE:14:D8:3C:12:5A:34:24:DB:64:9F:3B:9F:DA:52:A3:52:C9
Certificate issuer:       /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial:       01918F2AA6CECF52319F7A1C34550D4E58BB
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/c8jOFNg8Elo0JNtknzuf2lKjUsk.roa
Signing time:             Mon 26 Aug 2024 14:50:22 +0000
ROA not before:           Mon 26 Aug 2024 14:50:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214306
IP address blocks:        80.64.25.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 05:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:8f:2a:a6:ce:cf:52:31:9f:7a:1c:34:55:0d:4e:58:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
        Validity
            Not Before: Aug 26 14:50:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=73c8ce14d83c125a3424db649f3b9fda52a352c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e2:ac:72:ef:ae:a9:5c:94:29:ae:16:bf:97:
                    dc:43:30:16:ee:96:0f:ec:38:98:1d:e3:17:e1:9a:
                    5c:4c:ce:6b:57:b9:5c:d0:81:cb:9c:13:cc:01:8f:
                    f7:2d:9d:96:30:bf:e0:4a:bf:06:9a:9f:da:2e:42:
                    ca:38:de:4b:0d:0b:e0:17:30:5d:83:00:fd:c3:69:
                    81:bd:d4:3e:78:4c:e3:d4:f0:4c:1a:87:fe:59:a3:
                    c8:f5:9a:bf:fa:d1:42:3b:6a:a1:b7:7d:5a:f4:ea:
                    6f:72:07:72:7b:14:df:23:70:fb:3f:8d:29:49:7c:
                    9a:37:70:90:dc:6c:d4:87:52:d1:f8:4e:2c:12:bd:
                    a4:fd:a6:ff:ba:83:0e:69:bd:48:b2:a6:0e:49:87:
                    eb:62:89:54:ec:d2:d4:64:a7:65:7e:84:5e:16:7b:
                    f4:53:6a:d1:57:33:1c:9c:97:13:6d:fa:52:ad:88:
                    ff:83:e0:75:a5:8a:23:7d:04:b0:0a:50:b4:65:0b:
                    9f:89:ed:1d:77:a3:87:c3:94:5a:38:86:0c:99:d8:
                    40:b2:f7:71:96:37:20:8b:a7:cc:49:c7:3f:f0:db:
                    a5:49:1b:3d:bc:33:cd:c8:67:d7:b1:e1:69:fb:d6:
                    4d:d5:a7:4f:58:e0:39:29:21:be:d5:da:75:9a:22:
                    98:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C8:CE:14:D8:3C:12:5A:34:24:DB:64:9F:3B:9F:DA:52:A3:52:C9
            X509v3 Authority Key Identifier:
                keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/c8jOFNg8Elo0JNtknzuf2lKjUsk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.64.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:6e:c5:d1:59:bb:09:e7:51:c9:cb:c3:1d:f4:c6:de:b2:58:
         e5:2c:78:df:d4:72:85:88:4e:26:b9:df:b3:e8:9c:26:d0:08:
         ba:fd:07:5b:d3:8b:7d:8b:45:6e:c1:8f:d7:7d:05:bf:ae:2c:
         7e:d1:bc:05:5d:bc:b4:63:eb:d3:6a:5d:d8:b5:a9:47:d8:0b:
         ed:86:d0:87:9b:89:4c:10:70:0e:1b:ce:8e:25:b6:77:ba:97:
         f9:51:c9:12:6a:1c:88:82:8d:1d:2d:39:25:7c:e4:99:9a:32:
         e5:6a:fc:86:e9:51:4f:ea:aa:f2:71:50:bc:34:b9:92:c7:ed:
         08:c8:f9:81:7a:c6:72:7d:d2:b2:08:84:27:e3:13:27:1f:bb:
         9a:f7:44:62:38:78:d2:04:d9:23:5a:cf:09:a7:30:85:0e:dd:
         09:04:ee:ac:76:ab:25:9d:95:9e:7d:ee:28:12:e1:d1:18:4e:
         1b:c8:55:25:bd:17:62:79:17:f6:b7:7f:6b:d1:6a:cf:da:cc:
         13:0f:58:e7:f0:f8:de:b3:4a:56:fc:56:97:43:82:55:31:ef:
         29:91:e0:54:5d:df:88:f4:88:a4:17:a9:2d:d2:a4:76:1a:b6:
         06:b5:39:b2:f0:a4:24:93:a3:8d:cd:ba:08:9d:49:56:bd:b1:
         94:1d:c5:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGPKqbOz1Ixn3ocNFUNTli7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwODI2MTQ1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M4Y2UxNGQ4M2MxMjVhMzQyNGRiNjQ5ZjNiOWZkYTUyYTM1MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeKscu+uqVyUKa4Wv5fcQzAW7pYP
7DiYHeMX4ZpcTM5rV7lc0IHLnBPMAY/3LZ2WML/gSr8Gmp/aLkLKON5LDQvgFzBd
gwD9w2mBvdQ+eEzj1PBMGof+WaPI9Zq/+tFCO2qht31a9OpvcgdyexTfI3D7P40p
SXyaN3CQ3GzUh1LR+E4sEr2k/ab/uoMOab1IsqYOSYfrYolU7NLUZKdlfoReFnv0
U2rRVzMcnJcTbfpSrYj/g+B1pYojfQSwClC0ZQufie0dd6OHw5RaOIYMmdhAsvdx
ljcgi6fMScc/8NulSRs9vDPNyGfXseFp+9ZN1adPWOA5KSG+1dp1miKYdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHPIzhTYPBJaNCTbZJ87n9pSo1LJMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvYzhqT0ZOZzhFbG8wSk50a256dWYybEtqVXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEAZMA0G
CSqGSIb3DQEBCwUAA4IBAQA/bsXRWbsJ51HJy8Md9MbesljlLHjf1HKFiE4mud+z
6Jwm0Ai6/Qdb04t9i0VuwY/XfQW/rix+0bwFXby0Y+vTal3YtalH2AvthtCHm4lM
EHAOG86OJbZ3upf5UckSahyIgo0dLTklfOSZmjLlavyG6VFP6qrycVC8NLmSx+0I
yPmBesZyfdKyCIQn4xMnH7ua90RiOHjSBNkjWs8JpzCFDt0JBO6sdqslnZWefe4o
EuHRGE4byFUlvRdieRf2t39r0WrP2swTD1jn8Pjes0pW/FaXQ4JVMe8pkeBUXd+I
9IikF6kt0qR2GrYGtTmy8KQkk6ONzboInUlWvbGUHcUk
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:58 2024 by rpki-client on console-fra.rpki-client.org