Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gwOV0SEg9rk2hW7dLGEVlKA__uM.roa
File: gwOV0SEg9rk2hW7dLGEVlKA__uM.roa (raw, json)
Hash identifier: Eha88xkgvHphSYqAiNPQ5oggw36DoXXnY5qqa6DZ5zI=
Subject key identifier: 83:03:95:D1:21:20:F6:B9:36:85:6E:DD:2C:61:15:94:A0:3F:FE:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194412B87C73A797DA17B2A44602C72777C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gwOV0SEg9rk2hW7dLGEVlKA__uM.roa
Signing time: Tue 07 Jan 2025 14:29:19 +0000
ROA not before: Tue 07 Jan 2025 14:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214798
IP address blocks: 194.135.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:2b:87:c7:3a:79:7d:a1:7b:2a:44:60:2c:72:77:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 7 14:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=830395d12120f6b936856edd2c611594a03ffee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7e:b2:65:1c:a7:48:1f:b5:d3:74:2c:d9:4a:
c1:97:19:67:38:db:c2:88:e6:99:09:c3:2f:3e:3d:
83:d1:e5:0b:b5:c5:de:65:4d:34:92:21:42:a2:1e:
ab:98:88:58:de:95:5e:2d:08:46:d3:11:9f:67:9b:
0c:26:b6:7c:85:b6:7f:3f:68:31:a5:5b:1c:d5:48:
c1:78:7a:ca:23:63:30:b6:cc:7f:93:21:19:3f:6d:
35:d9:ec:85:1d:a2:7f:5d:f3:f7:20:95:32:29:43:
cc:9c:e9:68:87:5e:a9:97:db:b3:3f:91:2f:eb:d6:
8f:ce:1d:dc:82:f5:3d:98:e4:8c:5c:e4:31:62:1f:
f3:dc:b5:64:bf:b5:2a:ed:e8:c4:a7:0d:70:8d:97:
72:61:78:35:4e:87:1d:3c:d5:f0:20:8c:08:6e:00:
05:a1:56:81:e9:fc:a4:d7:a9:47:58:56:03:76:0e:
ee:99:e7:b7:a0:a9:17:39:6e:6d:6d:51:5d:d5:b3:
cf:7a:57:6b:8a:0d:ab:04:2f:51:dc:0c:24:0d:34:
5e:04:f2:23:23:70:0c:4f:13:14:d9:86:b7:97:20:
48:40:8a:8e:4a:a8:64:26:6c:cf:35:76:13:7e:ee:
3a:e2:ac:e6:6a:11:2d:8f:7d:d9:b3:2d:c0:03:d8:
ad:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:03:95:D1:21:20:F6:B9:36:85:6E:DD:2C:61:15:94:A0:3F:FE:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gwOV0SEg9rk2hW7dLGEVlKA__uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.46.0/24
Signature Algorithm: sha256WithRSAEncryption
22:29:19:7b:70:aa:96:9c:45:b7:7f:ee:5e:42:00:e4:5f:db:
fd:2e:e5:be:61:0f:d3:bd:d9:49:99:30:91:ec:97:cc:05:df:
f4:fe:3a:98:69:d5:ab:72:61:04:69:9d:c1:19:e1:5b:c6:c2:
95:07:13:cd:6c:53:4c:1b:07:2c:3a:35:1a:01:29:ea:f6:5b:
91:7e:92:9e:89:0c:5e:96:32:6e:b3:c4:b2:0d:a3:ec:9b:08:
fc:37:e4:12:b7:2f:b4:a5:31:80:38:ac:5f:30:18:ca:57:b2:
8c:7c:65:cb:dd:35:0e:66:d1:3c:ed:61:34:2f:18:f6:a5:b8:
f5:5e:dd:8b:a2:ec:01:95:c0:fb:af:4d:33:69:d1:22:18:53:
50:d1:03:2b:86:77:f9:17:c3:c1:61:d0:6d:4f:3d:96:7e:77:
fb:0c:4e:e3:eb:0c:6c:fe:95:3a:c4:80:e6:15:2d:86:a1:98:
a8:39:7b:5c:05:1b:b6:da:05:c9:92:e3:65:a4:60:a7:67:da:
7e:b1:e6:de:52:df:1b:d1:d2:4f:ec:49:9e:ea:5a:91:ae:25:
0a:f2:d5:f9:9e:13:98:15:66:a5:f6:02:5d:38:4c:e2:01:3c:
51:8b:3c:07:79:38:85:37:37:20:de:0e:81:46:1a:e0:0b:c0:
97:e8:17:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRBK4fHOnl9oXsqRGAscnd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTA3MTQyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAzOTVkMTIxMjBmNmI5MzY4NTZlZGQyYzYxMTU5NGEwM2ZmZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H6yZRynSB+103Qs2UrBlxlnONvC
iOaZCcMvPj2D0eULtcXeZU00kiFCoh6rmIhY3pVeLQhG0xGfZ5sMJrZ8hbZ/P2gx
pVsc1UjBeHrKI2Mwtsx/kyEZP2012eyFHaJ/XfP3IJUyKUPMnOloh16pl9uzP5Ev
69aPzh3cgvU9mOSMXOQxYh/z3LVkv7Uq7ejEpw1wjZdyYXg1TocdPNXwIIwIbgAF
oVaB6fyk16lHWFYDdg7umee3oKkXOW5tbVFd1bPPeldrig2rBC9R3AwkDTReBPIj
I3AMTxMU2Ya3lyBIQIqOSqhkJmzPNXYTfu464qzmahEtj33Zsy3AA9itbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMDldEhIPa5NoVu3SxhFZSgP/7jMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ3dPVjBTRWc5cmsyaFc3ZExHRVZsS0FfX3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwocuMA0G
CSqGSIb3DQEBCwUAA4IBAQAiKRl7cKqWnEW3f+5eQgDkX9v9LuW+YQ/TvdlJmTCR
7JfMBd/0/jqYadWrcmEEaZ3BGeFbxsKVBxPNbFNMGwcsOjUaASnq9luRfpKeiQxe
ljJus8SyDaPsmwj8N+QSty+0pTGAOKxfMBjKV7KMfGXL3TUOZtE87WE0Lxj2pbj1
Xt2LouwBlcD7r00zadEiGFNQ0QMrhnf5F8PBYdBtTz2Wfnf7DE7j6wxs/pU6xIDm
FS2GoZioOXtcBRu22gXJkuNlpGCnZ9p+sebeUt8b0dJP7Eme6lqRriUK8tX5nhOY
FWal9gJdOEziATxRizwHeTiFNzcg3g6BRhrgC8CX6Bec
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:39:09 2025 by rpki-client