Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/E0KIkX0lFkBMOOvEQLBOCpPwxq4.roa
File:                     E0KIkX0lFkBMOOvEQLBOCpPwxq4.roa (raw, json)
Hash identifier:          pSV0r3xyjtAXSXKZu5h8ELxDwYv3y2G3tIIyjPG5NL4=
Subject key identifier:   13:42:88:91:7D:25:16:40:4C:38:EB:C4:40:B0:4E:0A:93:F0:C6:AE
Certificate issuer:       /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial:       018CC6B9385E1B5AC8CFDAA0174F6DD1CF6F
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/E0KIkX0lFkBMOOvEQLBOCpPwxq4.roa
Signing time:             Mon 01 Jan 2024 20:31:16 +0000
ROA not before:           Mon 01 Jan 2024 20:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49658
IP address blocks:        185.236.236.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:38:5e:1b:5a:c8:cf:da:a0:17:4f:6d:d1:cf:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
        Validity
            Not Before: Jan  1 20:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=134288917d2516404c38ebc440b04e0a93f0c6ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:16:0e:d1:6f:cd:a5:c0:b8:03:5f:56:aa:62:
                    3b:d4:0f:41:60:23:16:47:a3:66:e7:b3:49:6a:3b:
                    17:44:c8:b1:82:96:51:a2:a5:fa:c5:1b:d3:af:e5:
                    b3:7f:5a:46:f6:d5:72:af:34:bc:3d:85:7a:1a:7d:
                    de:4e:49:36:97:50:c7:42:ef:e2:ed:29:4e:4d:6a:
                    98:97:56:a9:5f:a4:f6:6e:6b:71:90:bb:18:c3:2c:
                    44:32:81:86:06:ab:58:54:2c:2f:60:88:11:4e:a4:
                    bf:ab:de:9b:7b:bf:59:63:2d:8c:6d:e7:41:e3:9c:
                    55:7b:47:1a:17:39:7b:91:66:70:1b:ad:ad:6c:3e:
                    f5:ab:83:87:cc:6f:44:16:fb:94:c9:6c:76:23:bd:
                    24:86:7b:f3:62:ac:a2:8a:e0:98:1e:18:eb:64:a7:
                    b6:aa:63:82:25:a3:c5:a0:a0:a9:72:a7:72:33:08:
                    4b:64:e5:5c:90:eb:67:23:d7:2d:bc:d0:d0:5d:3e:
                    8a:a2:66:e0:ce:01:67:34:a9:20:36:95:37:98:f7:
                    61:5c:7a:75:65:4e:6e:c2:9d:25:cf:29:0e:2f:83:
                    ae:ea:ed:4f:12:5d:97:9b:be:4f:b0:b0:2f:1e:be:
                    37:9d:a4:10:53:14:2a:e2:de:56:7a:e1:79:b7:1c:
                    85:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:42:88:91:7D:25:16:40:4C:38:EB:C4:40:B0:4E:0A:93:F0:C6:AE
            X509v3 Authority Key Identifier:
                keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/E0KIkX0lFkBMOOvEQLBOCpPwxq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:ab:44:b0:fb:d9:1c:9e:c7:bf:08:88:4f:07:3b:a1:bd:0f:
         9c:15:10:89:d5:e9:95:d3:5d:fb:d1:45:c0:57:52:17:3e:8c:
         97:a1:68:0c:4f:2d:fd:61:79:af:8f:ff:cb:67:8b:ad:1a:de:
         41:6f:18:80:8f:e5:18:e1:3d:a7:e9:f0:e9:1d:40:07:6d:c9:
         f8:74:d7:d1:18:92:f4:0b:3e:27:25:bd:11:85:da:e6:81:23:
         3e:f1:6b:a2:9f:fa:81:50:36:f0:50:97:a5:4d:f1:78:33:8f:
         c9:2e:aa:6e:71:5f:7e:0f:4b:0b:9e:01:ee:65:7b:8e:56:35:
         44:9c:43:04:54:ae:2a:0f:f2:d4:bc:99:d3:f3:11:8f:19:dd:
         3b:de:00:7e:b8:69:51:15:4d:bc:10:69:12:58:a5:67:c6:8e:
         c6:66:b7:34:45:8a:fc:ec:8d:df:29:a9:98:74:b5:d1:1a:9f:
         a0:5e:90:1a:17:f0:26:d7:3e:b3:99:c7:18:b1:97:90:28:22:
         0a:37:83:3d:e5:35:f0:e4:2b:d0:ad:71:bd:54:47:d1:56:b2:
         e4:dc:a5:62:16:e9:a3:c3:48:b9:41:a1:90:60:2e:42:ca:44:
         83:a0:ea:c8:81:e8:19:66:27:3e:d8:26:bc:74:29:4d:fa:aa:
         db:06:fa:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuTheG1rIz9qgF09t0c9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQyODg5MTdkMjUxNjQwNGMzOGViYzQ0MGIwNGUwYTkzZjBjNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhYO0W/NpcC4A19WqmI71A9BYCMW
R6Nm57NJajsXRMixgpZRoqX6xRvTr+Wzf1pG9tVyrzS8PYV6Gn3eTkk2l1DHQu/i
7SlOTWqYl1apX6T2bmtxkLsYwyxEMoGGBqtYVCwvYIgRTqS/q96be79ZYy2MbedB
45xVe0caFzl7kWZwG62tbD71q4OHzG9EFvuUyWx2I70khnvzYqyiiuCYHhjrZKe2
qmOCJaPFoKCpcqdyMwhLZOVckOtnI9ctvNDQXT6KombgzgFnNKkgNpU3mPdhXHp1
ZU5uwp0lzykOL4Ou6u1PEl2Xm75PsLAvHr43naQQUxQq4t5WeuF5txyFyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNCiJF9JRZATDjrxECwTgqT8MauMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvRTBLSWtYMGxGa0JNT092RVFMQk9DcFB3eHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuezsMA0G
CSqGSIb3DQEBCwUAA4IBAQAeq0Sw+9kcnse/CIhPBzuhvQ+cFRCJ1emV01370UXA
V1IXPoyXoWgMTy39YXmvj//LZ4utGt5BbxiAj+UY4T2n6fDpHUAHbcn4dNfRGJL0
Cz4nJb0RhdrmgSM+8Wuin/qBUDbwUJelTfF4M4/JLqpucV9+D0sLngHuZXuOVjVE
nEMEVK4qD/LUvJnT8xGPGd073gB+uGlRFU28EGkSWKVnxo7GZrc0RYr87I3fKamY
dLXRGp+gXpAaF/Am1z6zmccYsZeQKCIKN4M95TXw5CvQrXG9VEfRVrLk3KViFumj
w0i5QaGQYC5CykSDoOrIgegZZic+2Ca8dClN+qrbBvqt
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:20:01 2024 by rpki-client on console-fra.rpki-client.org