Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/bM1SIdD5RiywQzJQHXyZ2nXJYQU.roa
File:                     bM1SIdD5RiywQzJQHXyZ2nXJYQU.roa (raw, json)
Hash identifier:          /diheX7SO95do/Rxzn8KM52H1xJUm977Q8HjHndrzOM=
Subject key identifier:   6C:CD:52:21:D0:F9:46:2C:B0:43:32:50:1D:7C:99:DA:75:C9:61:05
Certificate issuer:       /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial:       018CC9BB0088C4F6396483138F8306361B89
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/bM1SIdD5RiywQzJQHXyZ2nXJYQU.roa
Signing time:             Tue 02 Jan 2024 10:32:04 +0000
ROA not before:           Tue 02 Jan 2024 10:32:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8866
IP address blocks:        94.26.40.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 21:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bb:00:88:c4:f6:39:64:83:13:8f:83:06:36:1b:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
        Validity
            Not Before: Jan  2 10:32:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ccd5221d0f9462cb04332501d7c99da75c96105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8c:79:59:0c:dd:ce:43:96:45:b1:0c:81:fb:
                    fa:a5:b1:f7:17:3f:0a:9a:88:42:a8:ac:0d:45:7a:
                    fc:c6:07:5f:3d:f5:13:3c:2d:b0:da:ca:f5:f1:be:
                    7c:fb:cb:93:38:84:a2:22:48:31:88:f8:5e:fb:f4:
                    51:64:57:da:86:f8:30:6a:19:16:f8:87:68:52:4e:
                    25:be:2a:0d:ff:e7:66:de:a0:a1:d4:75:ae:7e:de:
                    e5:04:e8:9c:94:d0:4f:43:38:cb:63:04:42:e0:58:
                    f5:e9:0b:69:3a:ea:cd:31:e4:86:0d:56:b5:9a:5e:
                    34:3c:a3:f4:89:1e:d0:2b:d0:69:69:a8:a8:7a:b5:
                    5d:d9:98:95:97:aa:2f:2f:85:ce:da:3a:8d:30:e2:
                    67:df:0c:41:b8:b7:d8:a9:a9:c3:28:2e:ca:f0:25:
                    cb:ad:4a:2f:8b:df:e9:e2:b4:cd:e7:9a:bd:c3:a4:
                    58:c5:1f:ce:ba:05:d6:b7:8e:34:9f:58:c5:70:a9:
                    0f:29:d6:f2:b3:de:6d:4c:03:a9:d6:7b:f7:18:15:
                    00:80:89:25:83:33:95:c2:69:04:43:0a:54:1f:67:
                    ea:ce:f5:bf:14:da:cc:30:e5:03:52:cc:e7:c3:0b:
                    ba:0a:66:aa:1c:ef:aa:2b:b4:50:d7:8d:de:b1:1a:
                    be:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:CD:52:21:D0:F9:46:2C:B0:43:32:50:1D:7C:99:DA:75:C9:61:05
            X509v3 Authority Key Identifier:
                keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/bM1SIdD5RiywQzJQHXyZ2nXJYQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.26.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:79:cd:f1:46:a5:66:ed:3d:55:f4:06:ac:33:9e:a0:75:88:
         4b:21:59:fd:e7:fe:0c:14:f8:ab:bb:55:65:db:88:bd:bc:b6:
         32:25:4f:5b:ff:9c:ed:81:e8:88:6e:23:39:5d:94:52:44:1f:
         5f:ce:f8:35:82:18:73:4e:6f:a5:d0:2c:88:1b:57:f3:0f:ff:
         2e:75:48:db:4e:cb:2d:03:a0:cb:c4:33:94:5c:e6:9c:a5:3c:
         c7:51:88:c2:22:4b:d8:32:2a:65:af:2b:36:ee:c9:9b:d7:fa:
         3c:da:23:b2:a5:2a:37:50:77:49:6f:5e:46:9d:7b:16:aa:2c:
         93:1c:15:1e:97:4a:75:fc:8f:a1:56:1c:ae:c0:b7:1a:fb:9b:
         cc:13:15:e9:d5:d2:49:19:7f:20:79:a9:b8:22:e4:73:61:4e:
         a1:10:67:8d:e8:de:47:c7:92:a5:da:27:50:7e:26:6d:82:dd:
         4f:59:8c:be:da:0e:9a:fb:65:96:39:ff:26:ff:b3:b3:ab:25:
         6d:1c:f1:24:e8:50:ab:9a:e2:db:15:7e:d6:80:f5:1b:9e:9d:
         a4:cd:68:f2:b4:86:ac:28:60:72:39:b0:3d:31:3e:0d:d5:f0:
         21:ce:f6:e8:33:3b:57:20:a5:51:9b:57:84:af:a2:b6:80:a2:
         c9:11:96:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJuwCIxPY5ZIMTj4MGNhuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjQwMTAyMTAzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NkNTIyMWQwZjk0NjJjYjA0MzMyNTAxZDdjOTlkYTc1Yzk2MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjox5WQzdzkOWRbEMgfv6pbH3Fz8K
mohCqKwNRXr8xgdfPfUTPC2w2sr18b58+8uTOISiIkgxiPhe+/RRZFfahvgwahkW
+IdoUk4lvioN/+dm3qCh1HWuft7lBOiclNBPQzjLYwRC4Fj16QtpOurNMeSGDVa1
ml40PKP0iR7QK9BpaaioerVd2ZiVl6ovL4XO2jqNMOJn3wxBuLfYqanDKC7K8CXL
rUovi9/p4rTN55q9w6RYxR/OugXWt440n1jFcKkPKdbys95tTAOp1nv3GBUAgIkl
gzOVwmkEQwpUH2fqzvW/FNrMMOUDUsznwwu6CmaqHO+qK7RQ143esRq+lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzNUiHQ+UYssEMyUB18mdp1yWEFMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvYk0xU0lkRDVSaXl3UXpKUUhYeVoyblhKWVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXhooMA0G
CSqGSIb3DQEBCwUAA4IBAQCyec3xRqVm7T1V9AasM56gdYhLIVn95/4MFPiru1Vl
24i9vLYyJU9b/5ztgeiIbiM5XZRSRB9fzvg1ghhzTm+l0CyIG1fzD/8udUjbTsst
A6DLxDOUXOacpTzHUYjCIkvYMiplrys27smb1/o82iOypSo3UHdJb15GnXsWqiyT
HBUel0p1/I+hVhyuwLca+5vMExXp1dJJGX8geam4IuRzYU6hEGeN6N5Hx5Kl2idQ
fiZtgt1PWYy+2g6a+2WWOf8m/7OzqyVtHPEk6FCrmuLbFX7WgPUbnp2kzWjytIas
KGByObA9MT4N1fAhzvboMztXIKVRm1eEr6K2gKLJEZab
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:07:30 2024 by rpki-client on console-fra.rpki-client.org