Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/PdkjpXcWZYbnsM3iDjtIRH9Cg0U.roa
File:                     PdkjpXcWZYbnsM3iDjtIRH9Cg0U.roa (raw, json)
Hash identifier:          Q2kGrR+ZaGVSKGx0lKV8z8tuTDiqnAJu20ixYWH7jOI=
Subject key identifier:   3D:D9:23:A5:77:16:65:86:E7:B0:CD:E2:0E:3B:48:44:7F:42:83:45
Certificate issuer:       /CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
Certificate serial:       018CC79404ADE263AD7C5067209A08059529
Authority key identifier: E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/PdkjpXcWZYbnsM3iDjtIRH9Cg0U.roa
Signing time:             Tue 02 Jan 2024 00:30:15 +0000
ROA not before:           Tue 02 Jan 2024 00:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        217.198.72.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Apr 2024 05:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:04:ad:e2:63:ad:7c:50:67:20:9a:08:05:95:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
        Validity
            Not Before: Jan  2 00:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3dd923a577166586e7b0cde20e3b48447f428345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:35:49:09:a7:b4:0a:54:a9:a5:f7:13:95:64:
                    5b:f4:89:07:6c:86:c5:30:2e:5d:06:b6:c3:6a:af:
                    92:76:74:08:14:b3:4e:d2:aa:3f:31:bb:d4:0c:85:
                    c7:9c:ab:da:04:e9:31:78:e5:0a:52:f7:d0:83:2d:
                    0d:7e:5a:4b:2f:96:91:6a:7e:7a:45:9e:ae:f3:3d:
                    0c:a4:f0:1a:47:fe:c6:1a:14:7d:82:bb:5b:c9:de:
                    5d:4e:5b:94:7e:eb:24:d7:98:ac:61:40:c8:11:4d:
                    f3:4e:ca:37:05:de:98:c1:b0:57:16:7f:d5:ff:4d:
                    ef:e9:44:ac:f6:c1:dc:70:5b:75:14:4b:5e:22:db:
                    dc:20:04:f3:2d:33:b5:a2:ef:b7:7e:0f:a6:6e:02:
                    f2:f3:7f:01:de:a1:61:c2:48:7a:50:b2:96:d9:5d:
                    d8:5d:39:c0:1a:aa:a3:4e:e2:70:1c:15:d7:9b:ce:
                    16:79:20:4a:30:a3:02:92:86:f3:5d:f6:15:d5:13:
                    8a:da:b5:96:c1:fe:23:5a:9a:55:58:1d:2e:d9:6b:
                    a0:fd:5d:27:a9:13:25:2d:0b:c7:2b:43:ec:8c:a3:
                    9a:2a:c2:ab:5c:43:6e:87:7a:ae:d3:ce:ec:2e:60:
                    56:d9:c7:40:af:55:7e:b5:b9:e0:64:a3:25:ad:0d:
                    c4:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:D9:23:A5:77:16:65:86:E7:B0:CD:E2:0E:3B:48:44:7F:42:83:45
            X509v3 Authority Key Identifier:
                keyid:E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/PdkjpXcWZYbnsM3iDjtIRH9Cg0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.198.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a3:be:ff:17:aa:e8:a5:c8:41:b6:aa:f2:4d:ff:52:5e:8b:8b:
         37:d7:25:93:df:2b:11:74:a0:48:85:93:65:8d:cf:e3:e2:a5:
         54:df:30:92:62:e8:7a:6c:86:9e:ba:9c:41:91:63:56:28:17:
         ef:1d:bd:a0:43:25:14:e8:68:8a:c4:dc:dc:66:2b:59:a3:8b:
         4a:c3:5e:cb:fa:cc:68:6c:8f:bd:e8:f6:49:d8:c1:1c:65:05:
         28:8c:81:4d:b9:40:0e:97:29:ed:7c:8e:ad:3d:90:f9:c9:35:
         a5:d1:a5:5f:52:66:7d:2e:12:70:1d:f4:15:bd:87:92:f2:be:
         4e:4e:9c:8b:1f:87:cb:b2:47:cb:25:d1:85:b8:1d:f2:3e:be:
         3f:a6:b8:d4:c2:a7:5f:34:73:58:9a:99:c0:97:17:72:2f:a5:
         26:ec:42:55:42:58:e6:21:62:ff:1a:25:fd:ff:f2:33:33:41:
         00:04:87:2f:85:37:11:54:5f:5a:0e:30:79:6c:64:ed:7c:af:
         ca:3c:c4:ef:79:fd:20:ae:a3:5b:64:6e:3b:de:b0:8f:59:b9:
         84:84:76:bd:61:44:c2:7d:84:5f:56:1f:0d:a1:20:a0:c5:6e:
         07:5c:37:15:07:3a:06:70:4d:62:16:2b:f7:ac:2e:a4:19:5b:
         52:5f:aa:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlASt4mOtfFBnIJoIBZUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZjlhOGEyMzk2ODMyNjNlNzU1ZTEyYzk3ZDJkN2E0MzJk
MGIzNzcwHhcNMjQwMTAyMDAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQ5MjNhNTc3MTY2NTg2ZTdiMGNkZTIwZTNiNDg0NDdmNDI4MzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDVJCae0ClSppfcTlWRb9IkHbIbF
MC5dBrbDaq+SdnQIFLNO0qo/MbvUDIXHnKvaBOkxeOUKUvfQgy0NflpLL5aRan56
RZ6u8z0MpPAaR/7GGhR9grtbyd5dTluUfusk15isYUDIEU3zTso3Bd6YwbBXFn/V
/03v6USs9sHccFt1FEteItvcIATzLTO1ou+3fg+mbgLy838B3qFhwkh6ULKW2V3Y
XTnAGqqjTuJwHBXXm84WeSBKMKMCkobzXfYV1ROK2rWWwf4jWppVWB0u2Wug/V0n
qRMlLQvHK0PsjKOaKsKrXENuh3qu087sLmBW2cdAr1V+tbngZKMlrQ3EvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3ZI6V3FmWG57DN4g47SER/QoNFMB8GA1UdIwQY
MBaAFOf5qKI5aDJj51XhLJfS16Qy0LN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9tb29qbG9NbVBuVmVFc2w5TFhwRExRczNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yNTQ4YTQtNzcxNS00MTM0LTgxMzIt
MmJmMGEzYmNjNGYxLzEvUGRranBYY1daWWJuc00zaURqdElSSDlDZzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yNTQ4YTQtNzcxNS00MTM0LTgxMzItMmJmMGEzYmNjNGYx
LzEvNV9tb29qbG9NbVBuVmVFc2w5TFhwRExRczNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2cZIMA0G
CSqGSIb3DQEBCwUAA4IBAQCjvv8XquilyEG2qvJN/1Jei4s31yWT3ysRdKBIhZNl
jc/j4qVU3zCSYuh6bIaeupxBkWNWKBfvHb2gQyUU6GiKxNzcZitZo4tKw17L+sxo
bI+96PZJ2MEcZQUojIFNuUAOlyntfI6tPZD5yTWl0aVfUmZ9LhJwHfQVvYeS8r5O
TpyLH4fLskfLJdGFuB3yPr4/prjUwqdfNHNYmpnAlxdyL6Um7EJVQljmIWL/GiX9
//IzM0EABIcvhTcRVF9aDjB5bGTtfK/KPMTvef0grqNbZG473rCPWbmEhHa9YUTC
fYRfVh8NoSCgxW4HXDcVBzoGcE1iFiv3rC6kGVtSX6qz
-----END CERTIFICATE-----
Generated at Sun Apr 28 11:06:13 2024 by rpki-client on console-ams.rpki-client.org