Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/POJ8tz_X9rh4oanBkJNVONhJlFk.roa
File: POJ8tz_X9rh4oanBkJNVONhJlFk.roa (raw, json)
Hash identifier: GP3BsB9jC/3mQmGx9CNnIJ7w84tOmipJdfpRbiuIEtM=
Subject key identifier: 3C:E2:7C:B7:3F:D7:F6:B8:78:A1:A9:C1:90:93:55:38:D8:49:94:59
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194282505C2D06593853DE164BD6010A838
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/POJ8tz_X9rh4oanBkJNVONhJlFk.roa
Signing time: Thu 02 Jan 2025 17:51:42 +0000
ROA not before: Thu 02 Jan 2025 17:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 193.124.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:05:c2:d0:65:93:85:3d:e1:64:bd:60:10:a8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ce27cb73fd7f6b878a1a9c190935538d8499459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ee:21:93:af:7a:0b:1a:9f:16:3b:42:9f:bb:
2b:81:e7:50:30:b0:15:0a:4e:bf:92:84:6d:35:dc:
1e:6c:96:42:cf:88:b4:a6:d6:fd:72:49:e0:cf:aa:
a3:4b:26:30:ce:45:c2:e8:2c:2b:86:7f:45:7e:66:
73:4f:76:44:7b:93:63:6f:60:4b:c7:80:e9:e8:45:
08:ec:d3:62:69:b5:4c:86:83:eb:af:a8:de:48:66:
ec:c0:7f:35:b5:ee:61:1e:00:23:df:a7:0a:50:b9:
8d:58:21:80:9f:5b:32:16:63:89:93:6c:e1:7f:cc:
bf:1f:4c:99:aa:ea:4d:f0:9c:d1:d8:0b:92:2e:52:
54:9d:4e:d8:67:f4:b3:1e:5e:27:0d:81:fd:8c:92:
74:54:49:36:ae:56:6c:85:25:92:f1:5c:0e:9b:17:
a4:d3:1d:f9:01:d1:79:91:0f:19:f1:97:1d:fd:1a:
b9:c9:e9:5d:d8:66:88:b5:aa:99:95:50:ae:9e:75:
a6:e6:c2:0b:04:4b:21:e8:9b:46:f5:96:88:4f:e8:
0f:e1:78:30:88:b8:8a:da:a5:e7:fa:3c:56:51:dd:
32:71:53:bc:18:ad:77:8b:d7:15:c5:5d:8f:6b:0e:
ec:35:71:2e:da:26:3c:b5:aa:1e:1a:8c:c7:c4:c1:
4f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E2:7C:B7:3F:D7:F6:B8:78:A1:A9:C1:90:93:55:38:D8:49:94:59
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/POJ8tz_X9rh4oanBkJNVONhJlFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.36.0/24
Signature Algorithm: sha256WithRSAEncryption
94:75:55:d6:e1:40:7c:db:6b:39:16:03:68:e0:7d:f7:52:42:
4a:88:49:ad:d4:da:ac:fd:a3:d0:12:62:3a:33:ac:e0:9c:b4:
b0:b6:d5:98:6a:b8:e7:de:51:9f:0e:9c:a5:b6:83:82:ce:7a:
5f:b9:31:ec:9e:17:68:9e:ba:f9:ee:ea:a5:1b:c1:04:28:1e:
46:e5:50:09:08:b2:84:12:ad:25:ed:d0:5c:f1:6a:ed:8c:85:
76:3c:09:7c:8e:4a:f6:4d:28:2e:b9:4a:5f:90:a5:59:0d:c5:
d5:52:69:2b:55:70:95:70:c3:42:75:54:83:34:7a:87:75:03:
2c:39:5e:4e:15:1e:11:64:2c:b7:ec:f1:84:92:90:db:4d:3b:
1e:f3:9f:58:f7:5f:8c:72:b8:ea:54:93:8d:f1:c6:41:0c:82:
4d:ce:2f:68:f4:63:58:ba:cc:e8:8b:a4:ad:73:11:37:67:b5:
29:ba:7a:73:9e:de:2e:0f:45:55:b3:41:ca:04:23:7e:94:fd:
d1:66:89:2a:77:91:e0:37:d8:4c:7a:0b:a7:66:84:2f:cc:54:
8d:3f:f5:db:e7:ce:97:d1:90:4f:36:3e:9f:62:b1:0d:2c:0c:
03:b4:6f:12:ff:ac:9f:70:d7:23:aa:63:7a:f5:4f:e4:6f:94:
34:48:7b:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJQXC0GWThT3hZL1gEKg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2UyN2NiNzNmZDdmNmI4NzhhMWE5YzE5MDkzNTUzOGQ4NDk5NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO4hk696CxqfFjtCn7srgedQMLAV
Ck6/koRtNdwebJZCz4i0ptb9ckngz6qjSyYwzkXC6Cwrhn9FfmZzT3ZEe5Njb2BL
x4Dp6EUI7NNiabVMhoPrr6jeSGbswH81te5hHgAj36cKULmNWCGAn1syFmOJk2zh
f8y/H0yZqupN8JzR2AuSLlJUnU7YZ/SzHl4nDYH9jJJ0VEk2rlZshSWS8VwOmxek
0x35AdF5kQ8Z8Zcd/Rq5yeld2GaItaqZlVCunnWm5sILBEsh6JtG9ZaIT+gP4Xgw
iLiK2qXn+jxWUd0ycVO8GK13i9cVxV2Paw7sNXEu2iY8taoeGozHxMFP7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzifLc/1/a4eKGpwZCTVTjYSZRZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUE9KOHR6X1g5cmg0b2FuQmtKTlZPTmhKbEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXwkMA0G
CSqGSIb3DQEBCwUAA4IBAQCUdVXW4UB822s5FgNo4H33UkJKiEmt1Nqs/aPQEmI6
M6zgnLSwttWYarjn3lGfDpyltoOCznpfuTHsnhdonrr57uqlG8EEKB5G5VAJCLKE
Eq0l7dBc8WrtjIV2PAl8jkr2TSguuUpfkKVZDcXVUmkrVXCVcMNCdVSDNHqHdQMs
OV5OFR4RZCy37PGEkpDbTTse859Y91+McrjqVJON8cZBDIJNzi9o9GNYuszoi6St
cxE3Z7Upunpznt4uD0VVs0HKBCN+lP3RZokqd5HgN9hMegunZoQvzFSNP/Xb586X
0ZBPNj6fYrENLAwDtG8S/6yfcNcjqmN69U/kb5Q0SHuJ
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:15:28 2025 by rpki-client