Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/CfRxEHDx563psk174NucDw5uybE.roa
File: CfRxEHDx563psk174NucDw5uybE.roa (raw, json)
Hash identifier: uRSd0bAKPEU907K98oKWZtI9QuP/KrTIvilXwDmgeik=
Subject key identifier: 09:F4:71:10:70:F1:E7:AD:E9:B2:4D:7B:E0:DB:9C:0F:0E:6E:C9:B1
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 01927D49F5CD3C63EC1D7220A110D1B99A04
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/CfRxEHDx563psk174NucDw5uybE.roa
Signing time: Fri 11 Oct 2024 20:34:12 +0000
ROA not before: Fri 11 Oct 2024 20:34:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 185.10.120.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:49:f5:cd:3c:63:ec:1d:72:20:a1:10:d1:b9:9a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Oct 11 20:34:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09f4711070f1e7ade9b24d7be0db9c0f0e6ec9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5f:c4:8c:1e:e1:f4:31:c4:3d:7c:48:e5:68:
f1:93:90:51:47:ea:7b:93:d7:71:6d:68:19:a6:b7:
9a:8c:d7:6a:5f:78:69:cc:51:b0:4f:b5:74:51:26:
e2:a4:36:6d:ed:63:a3:ce:7b:5c:1d:b5:c5:46:44:
5d:21:d9:49:a0:ef:ce:95:82:84:50:36:94:9b:0f:
25:8a:01:52:15:66:54:9c:13:00:d0:c2:0c:b5:7b:
ee:57:a8:ab:be:1f:6c:a2:1a:6c:5d:dd:e2:41:4e:
06:a5:7b:55:85:2b:52:ba:10:ff:b9:63:71:d3:f9:
5b:68:60:84:2b:2f:ba:7d:9e:17:05:4a:69:11:9c:
b7:1a:71:42:2a:32:97:f8:6b:18:e6:69:f7:10:88:
39:89:ff:81:4d:b8:cf:2b:77:a0:7f:4c:f7:4a:4f:
c0:c6:c8:3d:78:b7:db:80:65:00:51:04:c1:a3:cc:
ab:09:35:ea:9c:c8:2a:64:0c:c8:0e:14:df:34:7d:
7d:37:50:ff:2d:f3:95:f7:0b:ff:6f:fd:76:f1:1a:
4a:70:e2:91:82:45:b9:06:78:7f:35:33:9f:4d:61:
81:14:8b:2e:b6:5a:72:c1:59:7b:00:f1:78:3c:60:
92:90:ca:e3:7a:85:dc:7b:31:6a:48:81:ed:72:82:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F4:71:10:70:F1:E7:AD:E9:B2:4D:7B:E0:DB:9C:0F:0E:6E:C9:B1
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/CfRxEHDx563psk174NucDw5uybE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.120.0/23
Signature Algorithm: sha256WithRSAEncryption
21:a8:a1:67:f1:d3:01:96:14:a1:1f:ee:03:c4:5f:4a:56:09:
f6:66:81:ca:26:20:88:44:52:9c:6b:40:c1:1a:44:b4:84:ff:
f8:08:d6:ef:fb:2f:fa:0b:4a:5f:e7:50:ad:1e:2f:e0:44:a5:
0a:1a:cb:07:86:dd:af:6d:50:ea:d3:fc:8b:ba:19:f9:c8:83:
3b:82:41:b4:28:25:9e:ea:d2:a5:87:d0:b3:b4:f4:19:bc:e1:
12:76:19:75:9d:5e:36:8d:b3:ce:25:c1:11:94:49:8e:51:02:
6a:a3:0d:4b:84:5e:99:6c:1d:8f:27:c8:04:51:63:e7:a9:c9:
be:f7:b8:27:5a:b8:e6:43:60:f8:ac:66:c6:58:59:25:05:43:
8d:22:65:bf:6b:20:bd:e4:cf:3f:0f:24:19:de:d1:93:28:8c:
37:81:c2:56:1c:13:b5:94:c7:17:56:bc:08:65:97:5f:82:07:
35:66:de:89:73:ce:47:a2:e1:83:52:34:33:67:c5:5e:57:b8:
23:d4:d2:7c:8d:c6:d3:c1:aa:94:5b:a3:49:0a:1c:f3:a8:36:
6e:dd:a7:21:85:6b:1a:80:64:da:6d:c4:b7:41:ba:48:9a:82:
f3:14:3d:91:be:e5:7f:6b:ca:81:ae:a7:aa:b2:04:0c:c3:a8:
08:43:7b:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ9SfXNPGPsHXIgoRDRuZoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMDExMjAzNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWY0NzExMDcwZjFlN2FkZTliMjRkN2JlMGRiOWMwZjBlNmVjOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF/EjB7h9DHEPXxI5Wjxk5BRR+p7
k9dxbWgZpreajNdqX3hpzFGwT7V0USbipDZt7WOjzntcHbXFRkRdIdlJoO/OlYKE
UDaUmw8ligFSFWZUnBMA0MIMtXvuV6irvh9sohpsXd3iQU4GpXtVhStSuhD/uWNx
0/lbaGCEKy+6fZ4XBUppEZy3GnFCKjKX+GsY5mn3EIg5if+BTbjPK3egf0z3Sk/A
xsg9eLfbgGUAUQTBo8yrCTXqnMgqZAzIDhTfNH19N1D/LfOV9wv/b/128RpKcOKR
gkW5Bnh/NTOfTWGBFIsutlpywVl7APF4PGCSkMrjeoXcezFqSIHtcoJ05wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAn0cRBw8eet6bJNe+DbnA8ObsmxMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvQ2ZSeEVIRHg1NjNwc2sxNzROdWNEdzV1eWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQp4MA0G
CSqGSIb3DQEBCwUAA4IBAQAhqKFn8dMBlhShH+4DxF9KVgn2ZoHKJiCIRFKca0DB
GkS0hP/4CNbv+y/6C0pf51CtHi/gRKUKGssHht2vbVDq0/yLuhn5yIM7gkG0KCWe
6tKlh9CztPQZvOESdhl1nV42jbPOJcERlEmOUQJqow1LhF6ZbB2PJ8gEUWPnqcm+
97gnWrjmQ2D4rGbGWFklBUONImW/ayC95M8/DyQZ3tGTKIw3gcJWHBO1lMcXVrwI
ZZdfggc1Zt6Jc85HouGDUjQzZ8VeV7gj1NJ8jcbTwaqUW6NJChzzqDZu3achhWsa
gGTabcS3QbpImoLzFD2RvuV/a8qBrqeqsgQMw6gIQ3so
-----END CERTIFICATE-----
Generated at Tue Oct 22 23:02:53 2024 by rpki-client on console-ams.rpki-client.org