Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nP5IYwvnpfGQHYqZ7dTlx6N4Kg0.roa
File:                     nP5IYwvnpfGQHYqZ7dTlx6N4Kg0.roa (raw, json)
Hash identifier:          7Vkin7aP2/vQuldLlo5Dd6W8Bmy9WksCKxT4UXfADrU=
Subject key identifier:   9C:FE:48:63:0B:E7:A5:F1:90:1D:8A:99:ED:D4:E5:C7:A3:78:2A:0D
Certificate issuer:       /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial:       018CC94E67DB0DA658A51EABB239B4E2906A
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nP5IYwvnpfGQHYqZ7dTlx6N4Kg0.roa
Signing time:             Tue 02 Jan 2024 08:33:27 +0000
ROA not before:           Tue 02 Jan 2024 08:33:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        149.126.232.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:67:db:0d:a6:58:a5:1e:ab:b2:39:b4:e2:90:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
        Validity
            Not Before: Jan  2 08:33:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9cfe48630be7a5f1901d8a99edd4e5c7a3782a0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:36:92:cd:b6:0b:91:bf:7a:13:02:ad:96:74:
                    db:07:7e:12:1a:36:dd:68:9c:4c:68:b1:50:11:9c:
                    7b:4a:24:00:fd:f1:94:b6:3d:ad:9c:31:b9:2b:3a:
                    50:15:97:ee:dc:03:1c:cc:a5:02:70:56:14:1b:fa:
                    e9:20:a1:70:38:ca:d3:ae:84:18:01:5a:7e:43:f0:
                    a4:d8:7f:57:7c:11:0c:35:b7:3f:0f:5f:a0:21:fd:
                    0a:92:c6:5c:c3:92:01:66:09:3c:5d:ef:c7:78:8f:
                    5b:39:86:1c:bb:cb:71:b2:48:19:d4:18:b4:e5:d3:
                    93:06:60:3c:ba:09:7c:22:6b:27:17:aa:75:d9:1a:
                    be:c8:91:59:a2:4a:cf:90:db:05:ec:4c:7b:23:e1:
                    13:93:7a:7d:e3:9c:6b:95:d5:b7:e9:8f:2a:7d:1d:
                    0c:9a:88:34:c8:7d:e4:c4:55:70:46:f0:62:30:f5:
                    7a:dd:4a:a9:14:ac:3d:05:a2:3a:68:83:91:54:dd:
                    4b:9f:ea:e9:d8:2c:08:41:98:f4:6f:1e:21:5c:0e:
                    cc:fb:47:3a:3f:e0:62:ef:5e:63:45:da:2e:93:bd:
                    a7:0f:97:66:e3:48:e9:bb:6a:dd:19:74:b1:0d:73:
                    8b:37:a9:71:da:c6:15:ce:47:b3:5a:dc:a2:aa:cb:
                    41:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:FE:48:63:0B:E7:A5:F1:90:1D:8A:99:ED:D4:E5:C7:A3:78:2A:0D
            X509v3 Authority Key Identifier:
                keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nP5IYwvnpfGQHYqZ7dTlx6N4Kg0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.126.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         07:37:84:21:b0:47:3c:d8:cf:b0:46:25:a8:df:e1:dc:ab:f5:
         fe:d6:f9:f8:e5:18:5d:e7:2c:f7:03:d8:76:37:51:fd:63:d0:
         e2:3a:7a:75:8a:da:44:de:bc:13:f4:cc:ba:53:fe:76:12:60:
         3a:6e:44:27:5f:e2:2f:35:3d:39:07:20:b7:62:a2:b2:1f:8b:
         28:5f:1d:2f:20:de:59:10:9c:88:d3:60:2d:9a:58:c4:a8:7a:
         8c:b1:a9:11:2f:ff:99:f0:c9:3e:99:1f:57:31:11:75:86:08:
         73:cb:36:c9:fd:c8:a8:07:1e:a9:34:6d:c1:f1:b9:92:77:06:
         06:1e:67:f0:71:2a:ff:76:f4:11:45:a2:9e:4f:a0:25:02:7b:
         a6:fc:3f:68:ba:9b:54:b5:ee:03:9b:b7:69:c4:05:e6:b9:8f:
         c4:50:64:ab:d7:e7:f8:d6:a0:fd:3f:85:b5:61:54:12:cb:08:
         89:ee:83:1c:9c:6c:0f:a5:cd:0c:75:31:10:3f:1b:a5:c1:bc:
         be:da:b7:16:00:8e:3b:29:c7:68:24:61:8c:df:83:ef:31:0e:
         1e:ad:35:1c:41:f1:31:a4:01:c0:8f:c5:88:e7:f8:88:19:2d:
         e4:90:d0:26:b8:82:41:d1:4d:b7:f3:a3:94:19:60:e8:72:23:
         9b:be:6d:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmfbDaZYpR6rsjm04pBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ZlNDg2MzBiZTdhNWYxOTAxZDhhOTllZGQ0ZTVjN2EzNzgyYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDaSzbYLkb96EwKtlnTbB34SGjbd
aJxMaLFQEZx7SiQA/fGUtj2tnDG5KzpQFZfu3AMczKUCcFYUG/rpIKFwOMrTroQY
AVp+Q/Ck2H9XfBEMNbc/D1+gIf0KksZcw5IBZgk8Xe/HeI9bOYYcu8txskgZ1Bi0
5dOTBmA8ugl8ImsnF6p12Rq+yJFZokrPkNsF7Ex7I+ETk3p945xrldW36Y8qfR0M
mog0yH3kxFVwRvBiMPV63UqpFKw9BaI6aIORVN1Ln+rp2CwIQZj0bx4hXA7M+0c6
P+Bi715jRdouk72nD5dm40jpu2rdGXSxDXOLN6lx2sYVzkezWtyiqstBGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJz+SGML56XxkB2Kme3U5cejeCoNMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvblA1SVl3dm5wZkdRSFlxWjdkVGx4Nk40S2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDlX7oMA0G
CSqGSIb3DQEBCwUAA4IBAQAHN4QhsEc82M+wRiWo3+Hcq/X+1vn45Rhd5yz3A9h2
N1H9Y9DiOnp1itpE3rwT9My6U/52EmA6bkQnX+IvNT05ByC3YqKyH4soXx0vIN5Z
EJyI02AtmljEqHqMsakRL/+Z8Mk+mR9XMRF1hghzyzbJ/cioBx6pNG3B8bmSdwYG
HmfwcSr/dvQRRaKeT6AlAnum/D9ouptUte4Dm7dpxAXmuY/EUGSr1+f41qD9P4W1
YVQSywiJ7oMcnGwPpc0MdTEQPxulwby+2rcWAI47KcdoJGGM34PvMQ4erTUcQfEx
pAHAj8WI5/iIGS3kkNAmuIJB0U2386OUGWDociObvm1X
-----END CERTIFICATE-----
Generated at Sat May 4 04:59:56 2024 by rpki-client on console-fra.rpki-client.org