Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/dEZBKDH4NpJ7CvL0QqK3d9e7HyU.roa
File:                     dEZBKDH4NpJ7CvL0QqK3d9e7HyU.roa (raw, json)
Hash identifier:          NyhLYweSepNgskIkKuy/DukSLuaroBvyEjHZCYcIbaU=
Subject key identifier:   74:46:41:28:31:F8:36:92:7B:0A:F2:F4:42:A2:B7:77:D7:BB:1F:25
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       018CC56EF02312EFBF6F33C4D294DE66691A
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/dEZBKDH4NpJ7CvL0QqK3d9e7HyU.roa
Signing time:             Mon 01 Jan 2024 14:30:31 +0000
ROA not before:           Mon 01 Jan 2024 14:30:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6830
IP address blocks:        87.246.16.0/21 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 May 2024 11:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:f0:23:12:ef:bf:6f:33:c4:d2:94:de:66:69:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Jan  1 14:30:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7446412831f836927b0af2f442a2b777d7bb1f25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ec:f0:97:4f:36:2b:fc:28:c5:13:61:26:44:
                    45:43:ce:f9:95:5f:3c:c1:ca:66:57:17:59:31:c2:
                    e3:74:09:0a:b2:62:c3:c0:41:b6:b7:9d:54:82:93:
                    6c:e4:66:65:70:38:45:d2:0f:35:3b:ee:78:fa:2b:
                    10:bf:6c:d0:20:36:64:2b:e4:04:bc:c2:2b:c8:dd:
                    1e:d0:8e:d2:06:72:53:e6:9f:58:02:9c:28:73:73:
                    42:33:8d:c8:60:1c:b1:ff:87:82:be:2e:ef:d7:10:
                    fe:9c:f3:b9:ad:b4:bf:ed:4f:bf:8b:84:b7:60:71:
                    1a:fd:16:d5:4e:7a:87:7a:ba:af:39:9a:90:d0:8b:
                    d7:9b:fc:cd:04:b5:a3:2b:94:80:16:86:e8:d8:a0:
                    8f:fb:55:6f:19:4c:73:f0:f5:48:dc:9c:75:38:8a:
                    cf:8e:7a:3a:53:5c:9e:87:8b:bb:2e:3e:80:70:f4:
                    b5:cb:9f:6f:bd:98:e1:b4:aa:91:12:a0:21:b4:32:
                    68:02:5f:11:1d:76:68:24:20:98:62:bd:c6:d2:cb:
                    ff:1a:30:57:22:08:ad:0a:58:d4:2a:ef:10:a6:b3:
                    11:ea:1b:cd:e9:07:ce:5b:cd:cd:8c:23:d6:2f:e5:
                    47:ee:b7:37:7e:f4:9c:3f:3d:5a:2c:f9:8d:3b:a4:
                    c3:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:46:41:28:31:F8:36:92:7B:0A:F2:F4:42:A2:B7:77:D7:BB:1F:25
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/dEZBKDH4NpJ7CvL0QqK3d9e7HyU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.246.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         94:80:cf:b7:09:98:0b:16:8a:8e:ea:b9:b7:39:4c:ce:2a:38:
         85:2f:56:65:5b:1e:35:1b:29:c3:a7:f2:91:38:73:95:93:45:
         50:8b:63:9d:7f:10:8e:7f:cd:4a:b4:c1:96:99:27:fd:90:0f:
         bd:ea:08:26:60:a6:85:2a:1f:1f:e4:68:db:60:f5:26:42:6a:
         00:fb:5a:01:59:ae:75:16:3e:02:88:e1:ad:97:fe:9a:1b:3a:
         2f:89:b5:ba:22:21:44:b7:fa:bb:bf:99:66:ae:0e:d0:ba:7e:
         27:63:d6:48:9a:43:f9:87:9c:d5:de:8f:a8:3e:7c:fc:39:fb:
         00:61:30:bd:2a:c1:fc:8f:bd:bc:18:4c:31:3d:62:ea:19:be:
         12:39:71:db:51:9a:35:bc:26:f5:9c:af:58:33:9a:b4:43:76:
         1f:6c:e2:b8:2e:30:03:1f:04:10:83:d8:a7:d4:ca:a0:c6:03:
         05:99:cd:35:1b:9a:00:33:aa:b0:8c:48:28:d4:1c:50:e8:1e:
         59:48:7a:cd:a9:c1:47:47:b3:19:e3:77:b9:87:e0:a2:8d:cb:
         97:97:f9:85:68:d8:f8:3e:4c:b5:0b:6d:5e:3e:94:18:95:8a:
         87:85:c2:a0:5f:aa:e5:06:97:17:d6:81:96:56:22:53:63:67:
         1e:8b:ca:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvAjEu+/bzPE0pTeZmkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ2NDEyODMxZjgzNjkyN2IwYWYyZjQ0MmEyYjc3N2Q3YmIxZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOzwl082K/woxRNhJkRFQ875lV88
wcpmVxdZMcLjdAkKsmLDwEG2t51UgpNs5GZlcDhF0g81O+54+isQv2zQIDZkK+QE
vMIryN0e0I7SBnJT5p9YApwoc3NCM43IYByx/4eCvi7v1xD+nPO5rbS/7U+/i4S3
YHEa/RbVTnqHerqvOZqQ0IvXm/zNBLWjK5SAFobo2KCP+1VvGUxz8PVI3Jx1OIrP
jno6U1yeh4u7Lj6AcPS1y59vvZjhtKqREqAhtDJoAl8RHXZoJCCYYr3G0sv/GjBX
IgitCljUKu8QprMR6hvN6QfOW83NjCPWL+VH7rc3fvScPz1aLPmNO6TDowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRGQSgx+DaSewry9EKit3fXux8lMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvZEVaQktESDROcEo3Q3ZMMFFxSzNkOWU3SHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV/YQMA0G
CSqGSIb3DQEBCwUAA4IBAQCUgM+3CZgLFoqO6rm3OUzOKjiFL1ZlWx41GynDp/KR
OHOVk0VQi2OdfxCOf81KtMGWmSf9kA+96ggmYKaFKh8f5GjbYPUmQmoA+1oBWa51
Fj4CiOGtl/6aGzovibW6IiFEt/q7v5lmrg7Qun4nY9ZImkP5h5zV3o+oPnz8OfsA
YTC9KsH8j728GEwxPWLqGb4SOXHbUZo1vCb1nK9YM5q0Q3YfbOK4LjADHwQQg9in
1MqgxgMFmc01G5oAM6qwjEgo1BxQ6B5ZSHrNqcFHR7MZ43e5h+CijcuXl/mFaNj4
Pky1C21ePpQYlYqHhcKgX6rlBpcX1oGWViJTY2cei8p3
-----END CERTIFICATE-----
Generated at Tue Apr 30 17:53:20 2024 by rpki-client on console-fra.rpki-client.org