
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pfeOjsppRtob8zlhigQZ5lYwfOk.roa
File: pfeOjsppRtob8zlhigQZ5lYwfOk.roa (raw, json)
Hash identifier: nu80zgwkII2fZh4+LzdwfennHSI6IBn7/7zTP/uTV8w=
Subject key identifier: A5:F7:8E:8E:CA:69:46:DA:1B:F3:39:61:8A:04:19:E6:56:30:7C:E9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144126A23034B4D1A5A5D97319BF72F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pfeOjsppRtob8zlhigQZ5lYwfOk.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211373
IP address blocks: 81.168.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Feb 2025 12:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:12:6a:23:03:4b:4d:1a:5a:5d:97:31:9b:f7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5f78e8eca6946da1bf339618a0419e656307ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c7:c0:20:ee:7e:70:71:aa:e5:d2:2b:ef:8b:
e8:d6:53:d3:4a:20:e9:a1:b8:a0:4c:4a:93:9e:f2:
c1:0d:46:58:b2:36:31:63:13:c5:2f:20:15:55:3c:
79:e5:a4:c3:cd:02:1a:db:9b:e6:13:15:74:87:2d:
5b:24:3b:af:9c:9e:87:0d:aa:fe:4d:2c:c3:f9:3c:
89:02:ee:ed:1d:f7:14:f3:ff:23:ba:a2:07:89:9c:
88:4b:7e:38:39:ac:a6:a6:b0:dc:f1:64:26:55:4f:
86:d6:ed:88:4b:9f:9b:25:6a:44:95:72:89:ef:40:
6a:36:ac:a9:f6:9b:ec:49:b0:c3:b3:2f:5d:f6:6d:
cc:87:f0:94:4c:77:dc:19:91:b0:e4:28:4a:8e:e9:
02:10:e4:b0:4a:82:7f:36:7e:b4:27:70:74:e3:62:
15:97:80:18:00:30:45:78:05:1f:42:2d:2c:fd:a5:
a4:d3:b0:e0:cc:8e:6e:be:7a:f1:91:47:d3:aa:c3:
95:8a:90:cd:04:89:dc:c6:9f:4e:52:e1:66:0a:a8:
7e:79:3e:6f:d6:78:21:39:7d:a3:f6:62:cf:e9:39:
b2:ea:b1:d5:0a:c5:f9:c8:90:24:2d:f8:e0:8a:59:
9c:e9:77:cf:f7:7f:fa:24:14:a1:82:b0:fc:21:c4:
5d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F7:8E:8E:CA:69:46:DA:1B:F3:39:61:8A:04:19:E6:56:30:7C:E9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pfeOjsppRtob8zlhigQZ5lYwfOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.117.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d8:c0:4b:ae:dd:98:34:6b:34:35:e1:b9:d5:04:6f:67:0a:
05:29:a4:f2:62:58:2b:8b:c0:22:e6:77:ad:54:7f:4d:85:79:
95:f5:21:9d:6a:d2:19:a5:bd:74:73:33:d1:dc:30:7e:9e:71:
41:31:f8:bc:53:da:61:b1:4e:7d:e8:58:e1:f1:6e:84:34:a0:
2d:7d:06:74:7c:76:8b:f9:e7:ab:33:3b:9b:65:99:a8:d0:cf:
7d:b3:4b:20:74:fc:06:04:b8:7a:b4:76:e7:e0:ae:ea:b1:0c:
2b:fa:b0:f6:c6:82:9e:73:8c:64:ed:c2:64:0b:54:3e:e5:87:
2d:71:2a:5e:dd:8c:70:c3:a2:5c:ac:f9:a5:b7:77:dd:be:b6:
e9:9e:53:2d:54:b1:a7:93:b9:23:3d:95:9a:33:6c:fb:9f:68:
ff:bd:12:f5:e1:76:97:6f:52:f3:a9:fa:8a:3a:4e:44:cd:5d:
ed:16:51:e7:a2:d7:49:81:5a:e1:ae:42:0a:9b:76:c0:23:f3:
ed:88:ca:e2:f6:68:1d:fc:f4:21:a5:e9:66:2f:d3:ef:05:41:
93:0f:b4:c1:88:a0:db:f7:f3:95:dc:f6:0f:ff:72:10:28:22:
42:c0:80:21:8b:63:85:34:d7:25:6d:fd:ba:f0:a0:d2:80:31:
4c:0a:8c:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBJqIwNLTRpaXZcxm/cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY3OGU4ZWNhNjk0NmRhMWJmMzM5NjE4YTA0MTllNjU2MzA3Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8fAIO5+cHGq5dIr74vo1lPTSiDp
obigTEqTnvLBDUZYsjYxYxPFLyAVVTx55aTDzQIa25vmExV0hy1bJDuvnJ6HDar+
TSzD+TyJAu7tHfcU8/8juqIHiZyIS344OaymprDc8WQmVU+G1u2IS5+bJWpElXKJ
70BqNqyp9pvsSbDDsy9d9m3Mh/CUTHfcGZGw5ChKjukCEOSwSoJ/Nn60J3B042IV
l4AYADBFeAUfQi0s/aWk07DgzI5uvnrxkUfTqsOVipDNBIncxp9OUuFmCqh+eT5v
1nghOX2j9mLP6Tmy6rHVCsX5yJAkLfjgilmc6XfP93/6JBShgrD8IcRdCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKX3jo7KaUbaG/M5YYoEGeZWMHzpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcGZlT2pzcHBSdG9iOHpsaGlnUVo1bFl3Zk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah1MA0G
CSqGSIb3DQEBCwUAA4IBAQAC2MBLrt2YNGs0NeG51QRvZwoFKaTyYlgri8Ai5net
VH9NhXmV9SGdatIZpb10czPR3DB+nnFBMfi8U9phsU596Fjh8W6ENKAtfQZ0fHaL
+eerMzubZZmo0M99s0sgdPwGBLh6tHbn4K7qsQwr+rD2xoKec4xk7cJkC1Q+5Yct
cSpe3Yxww6JcrPmlt3fdvrbpnlMtVLGnk7kjPZWaM2z7n2j/vRL14XaXb1LzqfqK
Ok5EzV3tFlHnotdJgVrhrkIKm3bAI/PtiMri9mgd/PQhpelmL9PvBUGTD7TBiKDb
9/OV3PYP/3IQKCJCwIAhi2OFNNclbf268KDSgDFMCox2
-----END CERTIFICATE-----
Generated at Thu Feb 13 15:49:36 2025 by rpki-client