Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/a7Ig5gbRNJEN8FOqxBLk9LaFSw0.roa
File: a7Ig5gbRNJEN8FOqxBLk9LaFSw0.roa (raw, json)
Hash identifier: joFDHTc6N6OITAyAieHy7JBmlvTc7HnlpYI3ardX/Pg=
Subject key identifier: 6B:B2:20:E6:06:D1:34:91:0D:F0:53:AA:C4:12:E4:F4:B6:85:4B:0D
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 0181ED7FE1C6F3FABB9D92742D500642F982
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/a7Ig5gbRNJEN8FOqxBLk9LaFSw0.roa
Signing time: Mon 11 Jul 2022 13:43:09 +0000
ROA not before: Mon 11 Jul 2022 13:43:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50969
IP address blocks: 195.211.166.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:7f:e1:c6:f3:fa:bb:9d:92:74:2d:50:06:42:f9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Jul 11 13:43:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bb220e606d134910df053aac412e4f4b6854b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:25:1a:cd:d4:1e:67:7d:9c:d2:1d:8b:cb:54:
64:81:4b:12:5d:3c:5e:2f:a3:3d:87:c7:6d:9f:30:
d1:92:fa:e2:52:2d:10:f5:ce:85:b1:83:28:84:a7:
18:69:8d:c2:30:23:43:de:fb:1e:73:ab:9e:4f:cc:
44:dd:5c:e4:92:fa:3a:ca:de:d9:4d:74:a1:ce:47:
ec:ab:55:88:b0:55:db:09:53:48:05:4c:d9:b1:f6:
98:56:f5:0b:5b:f9:32:c3:27:6e:81:b1:92:d0:03:
cf:f6:39:33:82:eb:76:a2:8a:13:8f:62:e7:a9:f4:
15:5c:25:c8:3b:24:55:20:66:22:d3:ae:f8:58:ef:
8d:f3:7f:7e:f4:51:9c:13:2a:3d:c1:32:e8:6a:bb:
e9:e8:96:1c:05:6f:90:76:ab:9e:b3:59:f0:b4:4f:
73:77:39:19:e0:42:6c:1a:2d:ea:3b:5d:d6:6f:5a:
55:37:ed:16:76:56:67:ca:86:db:40:1b:b5:22:70:
ab:5a:f3:bd:e7:99:e4:56:e2:97:16:27:3d:18:59:
30:59:9a:3f:8d:e0:38:61:9f:80:43:ca:cc:a1:e1:
3d:9b:eb:6c:d1:33:f3:15:17:6f:4d:2a:f3:7d:76:
e6:0b:13:d6:27:36:07:88:42:7f:b8:9e:84:ca:7f:
64:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B2:20:E6:06:D1:34:91:0D:F0:53:AA:C4:12:E4:F4:B6:85:4B:0D
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/a7Ig5gbRNJEN8FOqxBLk9LaFSw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.166.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:5c:33:ea:bd:d7:49:f2:92:fb:f8:a2:c2:b0:01:d9:a2:05:
f7:95:77:10:c8:66:a0:6b:a8:79:24:6f:a5:0e:0e:fc:ff:21:
23:0c:ae:22:24:2f:9d:6c:82:b8:14:8f:d3:d3:a1:f4:00:e1:
17:3e:03:eb:35:ea:7e:91:02:c5:ae:c7:2a:c4:a1:bd:81:89:
f7:55:fe:39:7e:2b:4a:77:f1:a5:cb:07:e5:4e:88:30:0d:8b:
37:e3:73:55:af:f4:e8:51:ec:0a:c5:17:69:e0:02:a6:c2:4a:
ba:39:63:85:49:f5:1e:a4:1e:18:9e:61:2e:c9:07:84:a9:58:
e3:25:d3:b9:ad:28:e7:5c:cf:23:20:ad:cf:8d:86:3c:18:f2:
f1:0b:f6:85:6c:39:89:41:d6:94:65:1b:f6:92:2b:fd:cb:76:
6d:75:b6:52:33:e9:f1:02:1b:2d:64:53:bf:16:8a:4d:36:7b:
d0:e5:1f:71:8a:71:de:92:fc:39:f7:25:c8:cc:3f:d1:b2:98:
aa:d2:66:8f:f0:94:85:b7:69:67:90:ef:1d:6c:db:89:9d:03:
10:8f:29:5a:b1:8f:ef:28:0b:83:c1:00:d1:32:13:7b:c3:de:
f8:7f:7e:f6:7e:e0:98:fa:5f:d3:99:2a:d0:1c:6d:fc:6f:54:
7d:29:63:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHtf+HG8/q7nZJ0LVAGQvmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjIwNzExMTM0MzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmIyMjBlNjA2ZDEzNDkxMGRmMDUzYWFjNDEyZTRmNGI2ODU0YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyUazdQeZ32c0h2Ly1RkgUsSXTxe
L6M9h8dtnzDRkvriUi0Q9c6FsYMohKcYaY3CMCND3vsec6ueT8xE3Vzkkvo6yt7Z
TXShzkfsq1WIsFXbCVNIBUzZsfaYVvULW/kywydugbGS0APP9jkzgut2oooTj2Ln
qfQVXCXIOyRVIGYi0674WO+N839+9FGcEyo9wTLoarvp6JYcBW+Qdques1nwtE9z
dzkZ4EJsGi3qO13Wb1pVN+0WdlZnyobbQBu1InCrWvO955nkVuKXFic9GFkwWZo/
jeA4YZ+AQ8rMoeE9m+ts0TPzFRdvTSrzfXbmCxPWJzYHiEJ/uJ6Eyn9kYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuyIOYG0TSRDfBTqsQS5PS2hUsNMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvYTdJZzVnYlJOSkVOOEZPcXhCTGs5TGFGU3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9OmMA0G
CSqGSIb3DQEBCwUAA4IBAQAuXDPqvddJ8pL7+KLCsAHZogX3lXcQyGaga6h5JG+l
Dg78/yEjDK4iJC+dbIK4FI/T06H0AOEXPgPrNep+kQLFrscqxKG9gYn3Vf45fitK
d/GlywflTogwDYs343NVr/ToUewKxRdp4AKmwkq6OWOFSfUepB4YnmEuyQeEqVjj
JdO5rSjnXM8jIK3PjYY8GPLxC/aFbDmJQdaUZRv2kiv9y3ZtdbZSM+nxAhstZFO/
FopNNnvQ5R9xinHekvw59yXIzD/Rspiq0maP8JSFt2lnkO8dbNuJnQMQjylasY/v
KAuDwQDRMhN7w974f372fuCY+l/TmSrQHG38b1R9KWPQ
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:13:39 2025 by rpki-client