Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/1-UiJBwgxP3H51-D679DoyuvwJI8.roa
File: 1-UiJBwgxP3H51-D679DoyuvwJI8.roa (raw, json)
Hash identifier: vSwIv5AmTSo0e6G95zTDtBE4svgsZbIHtKQ2C2zRbeE=
Subject key identifier: F9:48:89:07:08:31:3F:71:F9:D7:E0:FA:EF:D0:E8:CA:EB:F0:24:8F
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 07451B84
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/1-UiJBwgxP3H51-D679DoyuvwJI8.roa
Signing time: Thu 28 Apr 2022 17:50:56 +0000
ROA not before: Thu 28 Apr 2022 17:50:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35711
IP address blocks: 193.203.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121969540 (0x7451b84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Apr 28 17:50:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f948890708313f71f9d7e0faefd0e8caebf0248f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:59:f9:05:6e:0a:89:b4:a6:fa:38:ef:bb:95:
66:74:d6:7f:ae:82:3b:43:c9:35:40:b3:03:b3:77:
6e:ea:b8:b1:1b:37:5f:ba:ac:06:11:57:d8:e4:30:
5f:5e:0d:ba:65:0f:1a:ec:f6:0b:fb:71:d4:98:68:
08:4b:0a:43:23:28:e3:d6:31:90:d3:05:eb:e5:4c:
91:d7:fd:57:d3:96:b6:de:b1:89:67:25:4a:c6:37:
a6:c3:81:41:1a:83:be:7b:0c:c1:30:f4:58:49:94:
42:08:76:3c:29:dd:18:d1:f6:80:2e:f5:50:6e:3d:
10:a9:43:16:62:9e:fb:89:d5:93:ba:b6:ec:07:dd:
98:77:3b:9f:6d:a8:87:b1:3e:ae:03:2c:17:37:48:
fc:eb:eb:d4:a7:9b:76:aa:d3:5f:2c:3f:f9:32:64:
39:5c:67:db:ba:1b:b6:f4:3b:9b:7d:fb:f6:42:35:
e8:ba:dd:4b:0f:ab:b5:a8:67:17:ab:18:b7:d8:aa:
56:7c:f0:a7:64:ed:c9:dc:6b:82:59:7f:d1:6b:92:
ee:d0:42:7b:85:83:cd:70:ea:65:92:ef:8a:f9:71:
97:ca:c3:2f:f4:0e:29:ed:8b:c6:de:79:fd:3b:03:
e5:6d:9c:65:7b:62:36:b8:45:a1:aa:f1:2f:17:3c:
c3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:48:89:07:08:31:3F:71:F9:D7:E0:FA:EF:D0:E8:CA:EB:F0:24:8F
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/1-UiJBwgxP3H51-D679DoyuvwJI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.39.0/24
Signature Algorithm: sha256WithRSAEncryption
39:d4:e2:70:38:d6:63:96:d0:32:2f:5a:0b:e3:68:07:fd:85:
fe:cf:ff:ae:82:12:80:8d:ea:69:a8:0b:61:f1:0b:d2:f3:cd:
63:ae:d3:08:6f:16:cb:e2:76:e3:de:3b:b4:7e:bd:ed:f1:05:
72:44:ee:56:84:0e:54:2e:7f:90:db:6a:97:87:50:d4:de:f8:
85:c2:77:ca:ba:89:90:0b:f6:67:ca:91:1e:43:cd:2b:7a:ef:
7b:d6:01:bc:f5:21:4e:15:e2:55:fa:6f:c5:4b:7c:34:b0:93:
28:2a:bc:41:23:32:7b:c6:71:8b:fe:e0:cc:59:75:fb:55:2e:
1c:16:a3:78:9a:86:ac:a9:de:4e:92:9c:c7:44:b8:11:33:be:
de:8d:46:ce:8f:24:06:eb:93:6a:67:c3:d6:cd:9f:1e:af:d0:
af:eb:14:59:82:33:62:dd:1f:86:4d:b9:b3:6f:0f:13:6b:e9:
5f:f6:3b:7c:31:c8:de:13:3e:67:8e:e0:d4:ae:9f:24:11:62:
3c:a3:4f:10:02:e7:5c:98:a2:70:6e:a2:86:4f:2d:4d:83:15:
b7:1b:b3:b5:9c:1f:35:9d:e0:a8:df:eb:07:4f:a9:69:e3:05:
85:06:d7:72:c0:fb:23:39:34:5f:0e:f1:62:81:2d:2a:3b:ad:
ae:ba:8b:68
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEB0UbhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDUyMTEyOGNmNjM0YWE2YWZhN2VmNTJkNTMxZjNmY2Q1NTYyOGY5MB4XDTIyMDQy
ODE3NTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk0ODg5MDcwODMx
M2Y3MWY5ZDdlMGZhZWZkMGU4Y2FlYmYwMjQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxZ+QVuCom0pvo477uVZnTWf66CO0PJNUCzA7N3buq4sRs3
X7qsBhFX2OQwX14NumUPGuz2C/tx1JhoCEsKQyMo49YxkNMF6+VMkdf9V9OWtt6x
iWclSsY3psOBQRqDvnsMwTD0WEmUQgh2PCndGNH2gC71UG49EKlDFmKe+4nVk7q2
7AfdmHc7n22oh7E+rgMsFzdI/Ovr1KebdqrTXyw/+TJkOVxn27obtvQ7m3379kI1
6LrdSw+rtahnF6sYt9iqVnzwp2Ttydxrgll/0WuS7tBCe4WDzXDqZZLvivlxl8rD
L/QOKe2Lxt55/TsD5W2cZXtiNrhFoarxLxc8w6MCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT5SIkHCDE/cfnX4Prv0OjK6/AkjzAfBgNVHSMEGDAWgBTwUhEoz2NKpq+n
71LVMfP81VYo+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhGSVJLTTlqU3FhdnAtOVMxVEh6X05WV0tQay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8x
LzEtVWlKQndneFAzSDUxLUQ2NzlEb3l1dndKSTgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ji
L2I0YjE1MC1kYmI4LTQ2NWYtODE1NS1lNDQxOWI2NDIxMmUvMS84RklSS005alNx
YXZwLTlTMVRIel9OVldLUGsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADByycwDQYJKoZIhvcNAQELBQAD
ggEBADnU4nA41mOW0DIvWgvjaAf9hf7P/66CEoCN6mmoC2HxC9LzzWOu0whvFsvi
duPeO7R+ve3xBXJE7laEDlQuf5DbapeHUNTe+IXCd8q6iZAL9mfKkR5DzSt673vW
Abz1IU4V4lX6b8VLfDSwkygqvEEjMnvGcYv+4MxZdftVLhwWo3iahqyp3k6SnMdE
uBEzvt6NRs6PJAbrk2pnw9bNnx6v0K/rFFmCM2LdH4ZNubNvDxNr6V/2O3wxyN4T
PmeO4NSunyQRYjyjTxAC51yYonBuooZPLU2DFbcbs7WcHzWd4Kjf6wdPqWnjBYUG
13LA+yM5NF8O8WKBLSo7ra66i2g=
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:18:40 2025 by rpki-client