Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/TZChH8ji5FPyFNaLKf-mtJg__RE.roa
File: TZChH8ji5FPyFNaLKf-mtJg__RE.roa (raw, json)
Hash identifier: qL1A2TDzg4z8qw1KI/L8ISEaqf+f/9KQeGahE4tyuuE=
Subject key identifier: 4D:90:A1:1F:C8:E2:E4:53:F2:14:D6:8B:29:FF:A6:B4:98:3F:FD:11
Certificate issuer: /CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Certificate serial: F1519B
Authority key identifier: BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/TZChH8ji5FPyFNaLKf-mtJg__RE.roa
Signing time: Mon 07 Mar 2022 10:25:51 +0000
ROA not before: Mon 07 Mar 2022 10:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 193.42.214.0/24 maxlen: 24
193.42.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15815067 (0xf1519b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Validity
Not Before: Mar 7 10:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d90a11fc8e2e453f214d68b29ffa6b4983ffd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:81:df:56:8b:fe:15:c8:f8:cc:64:75:a4:b7:
3c:94:63:90:41:56:23:7b:e7:ae:8b:10:25:22:08:
00:04:1e:0e:90:66:80:25:76:15:82:f9:71:44:89:
70:48:c0:51:d3:58:12:02:29:bc:5c:ed:7f:38:dd:
df:4e:cb:eb:6f:f6:b1:cf:bd:d7:81:30:c5:8a:c6:
30:18:97:b8:df:f2:f4:13:2e:53:a6:64:89:3e:f4:
a1:4b:96:0b:84:db:f9:d2:c8:f0:d8:2e:84:05:f3:
a0:b2:56:df:fe:bc:27:af:e3:8d:be:ff:ce:7e:f9:
b2:fe:77:f5:4d:3f:e2:e0:13:b7:c6:ad:e7:3e:b5:
0a:61:52:81:4e:ed:32:fa:1b:47:eb:7e:7f:f5:26:
31:97:bd:9d:35:30:97:a0:58:95:b9:bf:ef:08:5e:
88:47:03:7f:3d:eb:6c:7d:20:34:33:71:20:4a:20:
70:06:f2:3f:ed:78:07:87:c2:ae:84:34:af:f0:44:
85:54:52:f2:f8:13:3c:0b:68:49:f2:79:fb:77:88:
a6:23:bb:7d:8a:4f:e3:90:73:6f:1b:85:6d:b3:d9:
20:96:07:1c:c0:de:4e:38:87:8b:7b:94:b1:83:06:
42:30:58:f5:4c:af:30:45:0e:10:f9:cd:10:32:1f:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:90:A1:1F:C8:E2:E4:53:F2:14:D6:8B:29:FF:A6:B4:98:3F:FD:11
X509v3 Authority Key Identifier:
keyid:BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/TZChH8ji5FPyFNaLKf-mtJg__RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/vkCzwr54Ndeze1gmEC-HRqUZnUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.214.0/24
193.42.217.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:89:ea:1a:a5:18:0b:69:56:79:3c:27:37:4e:db:7a:0e:19:
5a:ee:36:e2:f6:c3:ab:47:94:3a:2d:7c:fd:03:ab:8c:b6:41:
22:1f:9d:67:c2:a4:d4:4c:d9:3c:cf:3b:a1:df:1f:dd:85:a6:
71:d9:e5:5b:34:ad:0b:ce:85:ea:f2:6a:5f:15:b2:d9:89:aa:
c6:e8:4f:7e:7c:4d:c5:c3:1a:68:c2:85:91:65:3b:5f:b3:42:
06:fd:63:79:a9:97:2f:52:7a:a9:38:ee:86:17:4e:29:04:ba:
e3:17:3c:bd:c8:c9:56:f0:da:cb:07:0d:e2:f4:44:b9:70:33:
97:55:c0:62:4c:eb:22:0a:54:fe:a1:9c:59:98:b0:d6:e0:bd:
8e:f8:20:3c:60:f6:c5:9f:d4:c6:a0:32:28:93:17:07:90:00:
94:19:30:f7:48:f8:b5:13:11:19:a4:3e:9d:4a:b3:92:c2:33:
e1:e3:1f:14:ee:b2:d5:d5:eb:d1:50:7c:e7:ab:f9:8a:cd:17:
f9:06:22:6c:48:41:02:16:ad:f3:96:e6:c2:5b:9a:86:e9:a0:
94:20:68:4b:e8:b8:0e:74:44:18:8c:5f:56:13:0d:7e:62:8f:
db:bc:24:c5:a7:1c:1b:29:04:89:a1:1b:af:27:83:aa:ef:90:
ac:85:f3:ef
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAPFRmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQwYjNjMmJlNzgzNWQ3YjM3YjU4MjYxMDJmODc0NmE1MTk5ZDQ5MB4XDTIyMDMw
NzEwMjU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ5MGExMWZjOGUy
ZTQ1M2YyMTRkNjhiMjlmZmE2YjQ5ODNmZmQxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuB31aL/hXI+MxkdaS3PJRjkEFWI3vnrosQJSIIAAQeDpBm
gCV2FYL5cUSJcEjAUdNYEgIpvFztfzjd307L62/2sc+914EwxYrGMBiXuN/y9BMu
U6ZkiT70oUuWC4Tb+dLI8NguhAXzoLJW3/68J6/jjb7/zn75sv539U0/4uATt8at
5z61CmFSgU7tMvobR+t+f/UmMZe9nTUwl6BYlbm/7wheiEcDfz3rbH0gNDNxIEog
cAbyP+14B4fCroQ0r/BEhVRS8vgTPAtoSfJ5+3eIpiO7fYpP45BzbxuFbbPZIJYH
HMDeTjiHi3uUsYMGQjBY9UyvMEUOEPnNEDIfXnkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRNkKEfyOLkU/IU1osp/6a0mD/9ETAfBgNVHSMEGDAWgBS+QLPCvng117N7
WCYQL4dGpRmdSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrQ3p3cjU0TmRlemUxZ21FQy1IUnFVWm5Vay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8x
L1RaQ2hIOGppNUZQeUZOYUxLZi1tdEpnX19SRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8xL3ZrQ3p3cjU0TmRl
emUxZ21FQy1IUnFVWm5Vay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEq1gMEAMEq2TANBgkqhkiG9w0B
AQsFAAOCAQEAw4nqGqUYC2lWeTwnN07beg4ZWu424vbDq0eUOi18/QOrjLZBIh+d
Z8Kk1EzZPM87od8f3YWmcdnlWzStC86F6vJqXxWy2YmqxuhPfnxNxcMaaMKFkWU7
X7NCBv1jeamXL1J6qTjuhhdOKQS64xc8vcjJVvDaywcN4vREuXAzl1XAYkzrIgpU
/qGcWZiw1uC9jvggPGD2xZ/UxqAyKJMXB5AAlBkw90j4tRMRGaQ+nUqzksIz4eMf
FO6y1dXr0VB856v5is0X+QYibEhBAhat85bmwluahumglCBoS+i4DnREGIxfVhMN
fmKP27wkxaccGykEiaEbryeDqu+QrIXz7w==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:52:38 2025 by rpki-client