Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/RKtoJGWNKPopZrV2dgWHC6JlitU.roa
File: RKtoJGWNKPopZrV2dgWHC6JlitU.roa (raw, json)
Hash identifier: 6NdDjhOrasI7Zb9CEJ7Cun5S1iUCBF280N0231o97yk=
Subject key identifier: 44:AB:68:24:65:8D:28:FA:29:66:B5:76:76:05:87:0B:A2:65:8A:D5
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0197CA0B86BEBF8B2ECED40629724CE0C1C8
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/RKtoJGWNKPopZrV2dgWHC6JlitU.roa
Signing time: Wed 02 Jul 2025 07:30:42 +0000
ROA not before: Wed 02 Jul 2025 07:30:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 94.183.156.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:0b:86:be:bf:8b:2e:ce:d4:06:29:72:4c:e0:c1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jul 2 07:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44ab6824658d28fa2966b5767605870ba2658ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:c4:ea:f4:22:13:76:4a:34:84:de:14:e1:
18:4e:71:b9:61:1b:54:06:f3:4a:9e:0b:d2:be:43:
aa:b2:10:ba:6d:48:2a:de:4f:59:45:04:d7:d5:a6:
8b:6d:ad:fc:d6:56:9f:a1:42:e4:61:4f:82:59:f3:
89:3a:92:ac:c9:72:8a:2a:c5:73:ac:6b:be:d5:45:
08:95:e9:55:76:f1:e4:fd:f0:20:5a:81:c6:94:84:
de:15:1f:7a:6b:1e:a8:6e:5c:39:0f:89:ab:8a:aa:
97:c2:db:c4:67:e8:01:b6:7b:36:52:63:be:4e:8f:
c8:a6:04:85:d0:80:a8:71:55:17:ff:33:c6:6d:13:
06:a3:83:e3:d9:53:b1:43:8f:4f:8a:6b:5b:b0:b2:
20:ca:22:66:b1:d3:34:73:d2:de:cd:38:27:6d:ec:
50:9a:8c:d6:70:be:c6:c5:1d:c3:18:85:e9:15:ad:
af:01:a9:78:22:4f:32:87:ca:10:6c:ad:04:30:51:
ab:9e:16:7f:fc:ae:75:21:da:35:e3:63:76:7e:29:
d0:25:46:9b:79:4a:94:0d:4a:7a:40:b0:b7:25:24:
cd:f8:40:92:fb:2c:52:c4:b1:c3:70:f1:cb:98:82:
06:90:48:cf:59:b6:ae:56:a6:ab:48:0a:eb:a9:02:
18:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AB:68:24:65:8D:28:FA:29:66:B5:76:76:05:87:0B:A2:65:8A:D5
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/RKtoJGWNKPopZrV2dgWHC6JlitU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.156.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ed:af:d3:cc:74:e7:46:b1:85:20:fe:c4:1e:90:67:32:bd:
26:9d:e0:7d:ab:31:20:64:72:a1:09:34:8e:51:65:5c:79:83:
46:51:f9:2b:d8:95:dd:35:2b:db:9e:bc:9a:da:7f:fc:f1:65:
61:7f:bc:fe:3c:53:be:5e:61:5f:66:6a:93:1e:6a:91:1f:8b:
7e:c4:5c:9b:59:89:68:c2:dc:74:74:9e:99:8d:ef:d7:55:bf:
7c:eb:7e:ea:ee:46:cc:7f:dd:f3:39:fd:f4:41:42:c3:fc:d2:
48:b6:13:e4:89:7d:01:bc:dd:e6:ab:bd:79:14:b7:65:fb:b1:
51:87:a4:99:f7:b6:3a:8f:65:54:a1:42:0e:9a:d6:cd:c2:04:
a0:22:b7:2d:19:82:40:9b:89:4e:1d:c1:e6:54:36:89:4a:ea:
f8:52:e3:e8:74:c2:c0:39:19:c9:03:5d:c0:a5:41:9f:72:b8:
86:c2:5a:d0:bf:d5:5d:0f:a9:52:3d:10:59:76:7a:00:77:dd:
f7:25:22:05:9b:57:c1:55:29:05:01:ea:74:73:a9:2b:8f:25:
a5:21:f4:e2:5f:ed:c0:51:0e:02:6d:05:e4:30:0a:55:9d:ad:
15:53:55:aa:45:0e:ca:4b:4d:8a:2a:44:0a:4f:79:96:7c:d5:
79:78:cf:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfKC4a+v4suztQGKXJM4MHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNzAyMDczMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFiNjgyNDY1OGQyOGZhMjk2NmI1NzY3NjA1ODcwYmEyNjU4YWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtADE6vQiE3ZKNITeFOEYTnG5YRtU
BvNKngvSvkOqshC6bUgq3k9ZRQTX1aaLba381lafoULkYU+CWfOJOpKsyXKKKsVz
rGu+1UUIlelVdvHk/fAgWoHGlITeFR96ax6oblw5D4mriqqXwtvEZ+gBtns2UmO+
To/IpgSF0ICocVUX/zPGbRMGo4Pj2VOxQ49PimtbsLIgyiJmsdM0c9LezTgnbexQ
mozWcL7GxR3DGIXpFa2vAal4Ik8yh8oQbK0EMFGrnhZ//K51Ido142N2finQJUab
eUqUDUp6QLC3JSTN+ECS+yxSxLHDcPHLmIIGkEjPWbauVqarSArrqQIY/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESraCRljSj6KWa1dnYFhwuiZYrVMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvUkt0b0pHV05LUG9wWnJWMmRnV0hDNkpsaXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrecMA0G
CSqGSIb3DQEBCwUAA4IBAQBH7a/TzHTnRrGFIP7EHpBnMr0mneB9qzEgZHKhCTSO
UWVceYNGUfkr2JXdNSvbnrya2n/88WVhf7z+PFO+XmFfZmqTHmqRH4t+xFybWYlo
wtx0dJ6Zje/XVb98637q7kbMf93zOf30QULD/NJIthPkiX0BvN3mq715FLdl+7FR
h6SZ97Y6j2VUoUIOmtbNwgSgIrctGYJAm4lOHcHmVDaJSur4UuPodMLAORnJA13A
pUGfcriGwlrQv9VdD6lSPRBZdnoAd933JSIFm1fBVSkFAep0c6krjyWlIfTiX+3A
UQ4CbQXkMApVna0VU1WqRQ7KS02KKkQKT3mWfNV5eM9u
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:22:29 2025 by rpki-client