Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/j2M35p28kfSnkuoJTe1JphP45zs.roa
File:                     j2M35p28kfSnkuoJTe1JphP45zs.roa (raw, json)
Hash identifier:          iRJUCuRuI5L01L+QW6Nj6E1OMo66571pfxBbF9sVPZ4=
Subject key identifier:   8F:63:37:E6:9D:BC:91:F4:A7:92:EA:09:4D:ED:49:A6:13:F8:E7:3B
Certificate issuer:       /CN=b7cc2da2bdb97be912a2d942ebe7eafa4651e885
Certificate serial:       018CC5DC8B7BB161C7BE62DF907F07D24239
Authority key identifier: B7:CC:2D:A2:BD:B9:7B:E9:12:A2:D9:42:EB:E7:EA:FA:46:51:E8:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/j2M35p28kfSnkuoJTe1JphP45zs.roa
Signing time:             Mon 01 Jan 2024 16:30:14 +0000
ROA not before:           Mon 01 Jan 2024 16:30:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44314
IP address blocks:        185.83.55.0/24 maxlen: 24
                          185.83.54.0/24 maxlen: 24
                          185.83.54.0/23 maxlen: 23
                          185.83.52.0/22 maxlen: 22
                          185.83.52.0/23 maxlen: 23
                          185.83.52.0/24 maxlen: 24
                          185.83.53.0/24 maxlen: 24
                          79.170.176.0/21 maxlen: 21
                          79.170.176.0/22 maxlen: 22
                          79.170.178.0/23 maxlen: 23
                          79.170.178.0/24 maxlen: 24
                          79.170.176.0/24 maxlen: 24
                          79.170.176.0/23 maxlen: 23
                          79.170.177.0/24 maxlen: 24
                          79.170.179.0/24 maxlen: 24
                          79.170.183.0/24 maxlen: 24
                          79.170.180.0/22 maxlen: 22
                          79.170.181.0/24 maxlen: 24
                          79.170.182.0/23 maxlen: 23
                          79.170.182.0/24 maxlen: 24
                          79.170.180.0/24 maxlen: 24
                          79.170.180.0/23 maxlen: 23
                          2a01:4e8:c0c0::/48 maxlen: 48
                          2a01:4e8:3a4d::/48 maxlen: 48
                          2a01:4e8:cda8::/48 maxlen: 48
                          2a01:4ef::/32 maxlen: 32
                          2a01:4ec::/32 maxlen: 32
                          2a01:4ed::/32 maxlen: 32
                          2a01:4e8::/31 maxlen: 31
                          2a01:4ea::/32 maxlen: 32
                          2a01:4e8:c22c::/48 maxlen: 48
                          2a01:4ec::/30 maxlen: 30
                          2a01:4ec::/31 maxlen: 31
                          2a01:4e8::/32 maxlen: 32
                          2a01:4e8:8000::/33 maxlen: 33
                          2a01:4e8::/33 maxlen: 33
                          2a01:4e8::/34 maxlen: 34
                          2a01:4e8:4000::/34 maxlen: 34
                          2a01:4e8:8000::/34 maxlen: 34
                          2a01:4e8:c000::/34 maxlen: 34
                          2a01:4ee::/31 maxlen: 31
                          2a01:4e8:feed::/48 maxlen: 48
                          2a01:4ea::/31 maxlen: 31
                          2a01:4e8:cafe::/48 maxlen: 48
                          2a01:4e9::/32 maxlen: 32
                          2a01:4eb::/32 maxlen: 32
                          2a01:4e8::/29 maxlen: 29
                          2a01:4e8:ffff::/48 maxlen: 48
                          2a01:4e8::/30 maxlen: 30
                          2a01:4e8:f1d::/48 maxlen: 48
                          2a01:4ee::/32 maxlen: 32
                          2a01:4e8:cccc::/48 maxlen: 48
                          2a01:4e8:127::/48 maxlen: 48
                          2a01:4e8:182::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:8b:7b:b1:61:c7:be:62:df:90:7f:07:d2:42:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7cc2da2bdb97be912a2d942ebe7eafa4651e885
        Validity
            Not Before: Jan  1 16:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f6337e69dbc91f4a792ea094ded49a613f8e73b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4c:78:c0:30:31:ff:d7:0a:8d:36:cb:b6:a4:
                    74:74:0a:9e:c5:c7:b1:f5:74:82:91:71:79:ba:4c:
                    cf:45:5d:57:52:69:9b:73:e1:17:6d:e9:6c:ad:d2:
                    48:7c:c6:48:7d:7b:bb:09:5e:df:36:85:9e:7f:3b:
                    8b:ea:cc:7a:cf:57:e6:6c:a6:ee:59:64:94:ee:b0:
                    4b:e0:23:3b:91:49:4a:bc:11:68:9f:a7:a1:e0:61:
                    3b:1b:4e:89:64:fa:b1:b8:cb:54:87:e9:2f:a0:df:
                    e3:76:23:f3:e2:94:6f:3c:fa:94:5b:8c:f8:a4:9f:
                    f7:f2:bc:95:60:66:d9:f9:71:87:a9:f3:9a:82:7e:
                    f8:13:7a:75:6c:f3:80:98:e2:7d:ab:b1:25:ab:d0:
                    b3:90:27:17:d6:12:95:06:ea:48:8a:98:5a:ab:2f:
                    4c:b0:0a:b6:c2:cb:84:73:42:5c:33:51:97:0b:9f:
                    db:8f:b7:fd:61:8b:02:e5:66:3d:c6:ca:74:79:3d:
                    8d:cf:17:d1:f1:52:e5:98:e0:e1:59:3e:67:c2:e7:
                    89:70:c2:a9:1f:e3:0b:ca:67:e5:83:bb:a1:b0:e3:
                    3a:15:f8:e4:fe:18:d4:65:4f:cd:f1:9f:7f:89:13:
                    a4:6e:88:5b:a2:c9:29:a8:59:68:1f:67:21:fe:8f:
                    cf:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:63:37:E6:9D:BC:91:F4:A7:92:EA:09:4D:ED:49:A6:13:F8:E7:3B
            X509v3 Authority Key Identifier:
                keyid:B7:CC:2D:A2:BD:B9:7B:E9:12:A2:D9:42:EB:E7:EA:FA:46:51:E8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/j2M35p28kfSnkuoJTe1JphP45zs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.170.176.0/21
                  185.83.52.0/22
                IPv6:
                  2a01:4e8::/29

    Signature Algorithm: sha256WithRSAEncryption
         a6:0f:fd:62:50:01:7e:4a:eb:34:af:a5:78:bf:d1:3a:49:12:
         aa:98:ec:aa:37:f9:77:71:9e:98:cd:ab:fb:b5:4f:cf:20:7c:
         f6:e4:ec:0e:11:ce:31:47:e4:a5:e4:3b:4c:4b:a8:b4:1f:09:
         82:31:5e:3c:11:a0:9d:c7:9b:c4:56:cf:8b:7c:c5:e9:d8:82:
         14:83:a3:0c:1f:f3:d2:f2:b0:a7:c4:4d:e7:8b:ee:bd:57:97:
         d9:4d:d5:f1:c1:fb:6a:ec:e6:e5:91:ce:d2:61:29:9e:f7:1d:
         5f:27:ef:9c:de:a1:a4:45:3a:0c:5e:7f:46:71:cb:57:78:b5:
         a6:f7:f2:b5:53:67:23:3c:de:a3:da:40:2d:e9:ca:e5:f9:10:
         7c:ad:44:59:42:95:c3:05:c5:53:dc:8d:b4:31:9b:8b:c7:5a:
         4e:22:2c:2f:79:47:d5:ca:cf:d6:b0:93:57:80:26:e7:40:90:
         c6:04:b7:5b:44:78:9b:b3:63:1d:f8:19:1c:5d:fe:65:52:fd:
         f0:36:e0:78:9e:fe:62:f7:c9:f7:1c:6f:9a:1e:0b:6d:30:aa:
         0f:b6:ad:9a:9f:69:fb:23:4b:99:99:1c:0b:7d:49:85:be:7a:
         6f:0d:a2:71:6b:59:ea:5c:6e:2d:be:05:55:74:a8:bd:26:89:
         8b:6f:cb:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3It7sWHHvmLfkH8H0kI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Y2MyZGEyYmRiOTdiZTkxMmEyZDk0MmViZTdlYWZhNDY1
MWU4ODUwHhcNMjQwMTAxMTYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjYzMzdlNjlkYmM5MWY0YTc5MmVhMDk0ZGVkNDlhNjEzZjhlNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkx4wDAx/9cKjTbLtqR0dAqexcex
9XSCkXF5ukzPRV1XUmmbc+EXbelsrdJIfMZIfXu7CV7fNoWefzuL6sx6z1fmbKbu
WWSU7rBL4CM7kUlKvBFon6eh4GE7G06JZPqxuMtUh+kvoN/jdiPz4pRvPPqUW4z4
pJ/38ryVYGbZ+XGHqfOagn74E3p1bPOAmOJ9q7Elq9CzkCcX1hKVBupIiphaqy9M
sAq2wsuEc0JcM1GXC5/bj7f9YYsC5WY9xsp0eT2NzxfR8VLlmODhWT5nwueJcMKp
H+MLymflg7uhsOM6Ffjk/hjUZU/N8Z9/iROkbohboskpqFloH2ch/o/PpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI9jN+advJH0p5LqCU3tSaYT+Oc7MB8GA1UdIwQY
MBaAFLfMLaK9uXvpEqLZQuvn6vpGUeiFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDh3dG9yMjVlLWtTb3RsQzYtZnEta1pSNklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lZTZjNmEtZmI1NS00ZGM4LTlkY2Yt
MjJlN2EzN2U4ZTM4LzEvajJNMzVwMjhrZlNua3VvSlRlMUpwaFA0NXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lZTZjNmEtZmI1NS00ZGM4LTlkY2YtMjJlN2EzN2U4ZTM4
LzEvdDh3dG9yMjVlLWtTb3RsQzYtZnEta1pSNklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6qwAwQC
uVM0MA0EAgACMAcDBQMqAQToMA0GCSqGSIb3DQEBCwUAA4IBAQCmD/1iUAF+Sus0
r6V4v9E6SRKqmOyqN/l3cZ6Yzav7tU/PIHz25OwOEc4xR+Sl5DtMS6i0HwmCMV48
EaCdx5vEVs+LfMXp2IIUg6MMH/PS8rCnxE3ni+69V5fZTdXxwftq7Oblkc7SYSme
9x1fJ++c3qGkRToMXn9GcctXeLWm9/K1U2cjPN6j2kAt6crl+RB8rURZQpXDBcVT
3I20MZuLx1pOIiwveUfVys/WsJNXgCbnQJDGBLdbRHibs2Md+BkcXf5lUv3wNuB4
nv5i98n3HG+aHgttMKoPtq2an2n7I0uZmRwLfUmFvnpvDaJxa1nqXG4tvgVVdKi9
JomLb8uu
-----END CERTIFICATE-----
Generated at Mon Jun 17 10:20:40 2024 by rpki-client on console-ams.rpki-client.org