Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/1d2823-3474-4d85-95e9-acf093226b07/1/JipopfOciT3GYrQsft87MlXvAWg.roa
File:                     JipopfOciT3GYrQsft87MlXvAWg.roa (raw, json)
Hash identifier:          RA/rpLTqKtDr/An/uCHps2rEeAKy0oW3ZvrlfCaCETQ=
Subject key identifier:   26:2A:68:A5:F3:9C:89:3D:C6:62:B4:2C:7E:DF:3B:32:55:EF:01:68
Certificate issuer:       /CN=fc9a7b7a2c28a0b3c0e0a588c3c892e52a59f0e6
Certificate serial:       018CC5DC959ACCA9DB4A874AF5F90C9B6536
Authority key identifier: FC:9A:7B:7A:2C:28:A0:B3:C0:E0:A5:88:C3:C8:92:E5:2A:59:F0:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Jp7eiwooLPA4KWIw8iS5SpZ8OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/1d2823-3474-4d85-95e9-acf093226b07/1/JipopfOciT3GYrQsft87MlXvAWg.roa
Signing time:             Mon 01 Jan 2024 16:30:16 +0000
ROA not before:           Mon 01 Jan 2024 16:30:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     26125
IP address blocks:        193.27.47.0/24 maxlen: 25

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/1d2823-3474-4d85-95e9-acf093226b07/1/_Jp7eiwooLPA4KWIw8iS5SpZ8OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/1d2823-3474-4d85-95e9-acf093226b07/1/_Jp7eiwooLPA4KWIw8iS5SpZ8OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_Jp7eiwooLPA4KWIw8iS5SpZ8OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:95:9a:cc:a9:db:4a:87:4a:f5:f9:0c:9b:65:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc9a7b7a2c28a0b3c0e0a588c3c892e52a59f0e6
        Validity
            Not Before: Jan  1 16:30:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=262a68a5f39c893dc662b42c7edf3b3255ef0168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a6:c9:18:5f:d4:35:82:e8:76:a4:e4:45:fe:
                    75:e6:fe:9a:2a:30:4d:fc:58:d3:87:56:3a:64:d7:
                    de:9b:28:a7:ef:f9:40:eb:11:bd:bb:70:33:5e:36:
                    24:66:47:0d:9d:ba:84:23:f5:97:4b:18:c0:d5:51:
                    20:88:d4:4e:b8:78:20:0a:e9:14:0c:e3:22:1b:9a:
                    ad:c0:0b:06:41:76:60:44:a6:d5:c3:97:35:56:6d:
                    fe:5a:84:83:63:6e:4f:00:a4:ac:fc:10:c5:72:39:
                    c7:ef:e9:f7:28:62:62:6b:55:9d:8f:82:a6:0b:a0:
                    2e:db:21:28:88:2e:09:8b:44:33:80:b0:5d:d9:91:
                    2b:48:48:b0:49:ab:69:b4:d2:46:ac:3c:be:58:25:
                    51:92:b3:58:11:f6:bd:46:ca:86:fb:29:be:07:fb:
                    53:5f:d9:18:2e:71:75:c1:b0:2a:aa:46:1c:af:d9:
                    5a:ce:10:3e:b5:c7:16:c3:22:57:2a:32:0e:12:6b:
                    79:b8:f7:81:75:bb:d7:6d:cf:22:d8:9d:19:ce:65:
                    2b:f4:08:00:e5:45:24:c5:e3:77:8b:bd:09:3c:13:
                    a3:ca:2a:e6:7b:ba:a8:d2:7e:3f:fb:88:6d:05:01:
                    fa:77:8f:fc:69:7d:a9:44:42:3a:b4:24:e7:9d:47:
                    a9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:2A:68:A5:F3:9C:89:3D:C6:62:B4:2C:7E:DF:3B:32:55:EF:01:68
            X509v3 Authority Key Identifier:
                keyid:FC:9A:7B:7A:2C:28:A0:B3:C0:E0:A5:88:C3:C8:92:E5:2A:59:F0:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Jp7eiwooLPA4KWIw8iS5SpZ8OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1d2823-3474-4d85-95e9-acf093226b07/1/JipopfOciT3GYrQsft87MlXvAWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1d2823-3474-4d85-95e9-acf093226b07/1/_Jp7eiwooLPA4KWIw8iS5SpZ8OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.27.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:76:d5:b6:63:49:37:fc:e8:43:fa:63:9b:fc:4a:95:e0:c0:
         70:5f:f3:be:c7:79:76:26:10:51:2c:f5:df:5d:6c:fe:3f:b1:
         cd:6a:23:01:e8:b8:5f:2c:51:e8:54:8d:2f:db:d2:89:eb:a1:
         2c:8f:33:de:d6:2b:b5:2d:9d:c6:20:e6:e2:50:15:25:da:07:
         a4:fe:9d:d2:7c:02:0f:e8:4b:c4:26:36:64:27:5e:57:65:57:
         61:da:86:f7:a1:2a:01:4f:1e:ff:d3:7a:6a:c3:70:bf:1b:89:
         b2:6b:5b:d0:04:d7:f6:3b:2d:4d:08:fd:12:d0:af:bc:97:c6:
         53:c8:61:09:6f:f2:bd:5e:c2:46:8b:54:d9:f1:75:34:69:8d:
         c1:d1:cd:6e:c8:7e:67:13:31:33:c5:3f:7a:45:79:38:e6:80:
         6c:f4:e2:6d:46:49:7a:29:3a:b7:4a:9a:63:8d:fc:3f:f4:b2:
         33:29:78:cc:71:d9:bc:b2:a2:2b:6a:ee:87:4c:b8:53:43:cb:
         11:5c:a4:d2:75:a2:28:e8:db:5b:1d:9d:54:bb:3f:59:75:73:
         87:70:7d:95:b8:ac:70:61:91:41:97:5e:93:bc:2d:46:e2:a5:
         99:92:06:b7:42:43:e7:b2:bf:fc:e8:16:24:81:e1:09:0d:55:
         3f:a9:e6:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3JWazKnbSodK9fkMm2U2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOWE3YjdhMmMyOGEwYjNjMGUwYTU4OGMzYzg5MmU1MmE1
OWYwZTYwHhcNMjQwMTAxMTYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjJhNjhhNWYzOWM4OTNkYzY2MmI0MmM3ZWRmM2IzMjU1ZWYwMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6bJGF/UNYLodqTkRf515v6aKjBN
/FjTh1Y6ZNfemyin7/lA6xG9u3AzXjYkZkcNnbqEI/WXSxjA1VEgiNROuHggCukU
DOMiG5qtwAsGQXZgRKbVw5c1Vm3+WoSDY25PAKSs/BDFcjnH7+n3KGJia1Wdj4Km
C6Au2yEoiC4Ji0QzgLBd2ZErSEiwSatptNJGrDy+WCVRkrNYEfa9RsqG+ym+B/tT
X9kYLnF1wbAqqkYcr9lazhA+tccWwyJXKjIOEmt5uPeBdbvXbc8i2J0ZzmUr9AgA
5UUkxeN3i70JPBOjyirme7qo0n4/+4htBQH6d4/8aX2pREI6tCTnnUepFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCYqaKXznIk9xmK0LH7fOzJV7wFoMB8GA1UdIwQY
MBaAFPyae3osKKCzwOCliMPIkuUqWfDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pwN2Vpd29vTFBBNEtXSXc4aVM1U3BaOE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xZDI4MjMtMzQ3NC00ZDg1LTk1ZTkt
YWNmMDkzMjI2YjA3LzEvSmlwb3BmT2NpVDNHWXJRc2Z0ODdNbFh2QVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xZDI4MjMtMzQ3NC00ZDg1LTk1ZTktYWNmMDkzMjI2YjA3
LzEvX0pwN2Vpd29vTFBBNEtXSXc4aVM1U3BaOE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRsvMA0G
CSqGSIb3DQEBCwUAA4IBAQBJdtW2Y0k3/OhD+mOb/EqV4MBwX/O+x3l2JhBRLPXf
XWz+P7HNaiMB6LhfLFHoVI0v29KJ66EsjzPe1iu1LZ3GIObiUBUl2gek/p3SfAIP
6EvEJjZkJ15XZVdh2ob3oSoBTx7/03pqw3C/G4mya1vQBNf2Oy1NCP0S0K+8l8ZT
yGEJb/K9XsJGi1TZ8XU0aY3B0c1uyH5nEzEzxT96RXk45oBs9OJtRkl6KTq3Sppj
jfw/9LIzKXjMcdm8sqIrau6HTLhTQ8sRXKTSdaIo6NtbHZ1Uuz9ZdXOHcH2VuKxw
YZFBl16TvC1G4qWZkga3QkPnsr/86BYkgeEJDVU/qebf
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:58:59 2024 by rpki-client on console-fra.rpki-client.org