Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/27kVQyv1aEf-uG2LWs-FHEUJGrU.roa
File: 27kVQyv1aEf-uG2LWs-FHEUJGrU.roa (raw, json)
Hash identifier: nhpZ9Br9wHS33wypH0tiNDh5EfZECLTM5ZlEXVn/S00=
Subject key identifier: DB:B9:15:43:2B:F5:68:47:FE:B8:6D:8B:5A:CF:85:1C:45:09:1A:B5
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 01906F02E3ECA5BB835AC1FF07148E9A366F
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/27kVQyv1aEf-uG2LWs-FHEUJGrU.roa
Signing time: Mon 01 Jul 2024 15:56:18 +0000
ROA not before: Mon 01 Jul 2024 15:56:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 176.117.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6f:02:e3:ec:a5:bb:83:5a:c1:ff:07:14:8e:9a:36:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jul 1 15:56:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbb915432bf56847feb86d8b5acf851c45091ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a6:ce:d5:81:f5:e0:7b:d4:57:bd:17:de:19:
7e:59:fb:a5:a5:de:e5:20:0f:ef:c6:54:66:c0:0c:
c2:00:83:b7:b6:cd:a1:9c:bc:4f:9b:72:da:e1:1f:
41:3a:1c:18:71:5f:3a:34:b8:b0:66:9c:cc:69:e4:
79:fa:b5:f2:0e:2a:97:0e:fa:d0:f6:5a:5f:6b:3e:
09:7b:a5:f8:13:44:69:b5:b5:8c:c2:09:f0:ca:4f:
c6:d4:77:53:68:ea:c9:ad:01:bc:75:f6:f7:5c:b8:
08:1b:68:d8:b4:39:c8:56:49:f6:7c:49:e4:4d:f8:
12:43:28:a9:ba:b6:b3:03:a9:a5:05:8c:11:32:68:
b0:1f:23:82:3d:a4:01:17:54:38:48:dc:5c:d0:f4:
e2:a2:4a:98:25:3b:34:6a:d2:38:ff:c5:89:aa:87:
fe:01:f9:54:52:a3:d7:09:40:14:58:cd:1e:f7:ca:
49:64:40:fc:53:d3:9f:61:e7:ff:15:f9:75:17:5b:
00:83:94:f3:e9:25:c1:14:89:f8:f0:ad:d6:8a:9e:
61:66:4a:c3:25:a7:ae:e7:f7:c2:85:39:ee:01:73:
ed:a9:6e:71:14:ee:bf:1a:b7:b3:3b:16:b8:f2:53:
b8:06:65:62:e9:09:34:6e:20:3a:fe:73:aa:91:cc:
47:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B9:15:43:2B:F5:68:47:FE:B8:6D:8B:5A:CF:85:1C:45:09:1A:B5
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/27kVQyv1aEf-uG2LWs-FHEUJGrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.88.0/22
Signature Algorithm: sha256WithRSAEncryption
08:8a:c4:db:91:e9:42:9c:d1:3f:78:11:e7:fd:ba:c9:76:ca:
1a:5e:ad:d6:25:4c:b3:8d:07:94:ff:c0:7d:73:a6:46:18:7e:
e2:4f:fe:85:b4:50:ea:d6:2b:04:2c:6b:12:a2:72:bc:46:d1:
82:02:7f:0f:d5:aa:5f:46:80:9e:4c:9f:1b:82:dc:a4:68:e9:
20:73:13:a2:de:e3:ad:c9:b4:64:dd:3a:d3:9e:27:47:c8:80:
5c:a4:8f:92:db:38:a2:59:e9:bb:36:a6:be:e0:91:39:73:a5:
4d:1b:fd:e8:0d:86:43:41:27:64:87:f2:be:2f:57:60:fc:d4:
cb:6c:f1:87:d7:e5:59:11:51:4a:0f:07:d5:70:22:28:f9:e9:
2a:2a:ec:96:63:51:e4:be:16:3e:9b:0e:23:5e:9d:e3:70:e3:
54:5e:f6:e0:1a:4e:4b:b5:7b:d5:9e:f0:b8:77:7a:79:87:e5:
f4:42:ab:4a:71:04:ac:f7:e0:c9:55:0a:fb:c8:e7:69:c8:9b:
23:67:2d:6e:0c:da:e3:37:9b:68:e7:70:d3:c6:e0:48:fe:55:
d9:b2:00:da:d6:8e:98:3e:07:bc:63:57:d6:64:21:98:8e:7d:
46:1f:de:09:53:58:88:6e:72:5d:0a:64:f6:3b:a4:34:62:d2:
e4:8e:fe:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBvAuPspbuDWsH/BxSOmjZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwNzAxMTU1NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmI5MTU0MzJiZjU2ODQ3ZmViODZkOGI1YWNmODUxYzQ1MDkxYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqbO1YH14HvUV70X3hl+Wfulpd7l
IA/vxlRmwAzCAIO3ts2hnLxPm3La4R9BOhwYcV86NLiwZpzMaeR5+rXyDiqXDvrQ
9lpfaz4Je6X4E0RptbWMwgnwyk/G1HdTaOrJrQG8dfb3XLgIG2jYtDnIVkn2fEnk
TfgSQyipurazA6mlBYwRMmiwHyOCPaQBF1Q4SNxc0PTiokqYJTs0atI4/8WJqof+
AflUUqPXCUAUWM0e98pJZED8U9OfYef/Ffl1F1sAg5Tz6SXBFIn48K3Wip5hZkrD
Jaeu5/fChTnuAXPtqW5xFO6/GrezOxa48lO4BmVi6Qk0biA6/nOqkcxHOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNu5FUMr9WhH/rhti1rPhRxFCRq1MB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvMjdrVlF5djFhRWYtdUcyTFdzLUZIRVVKR3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHVYMA0G
CSqGSIb3DQEBCwUAA4IBAQAIisTbkelCnNE/eBHn/brJdsoaXq3WJUyzjQeU/8B9
c6ZGGH7iT/6FtFDq1isELGsSonK8RtGCAn8P1apfRoCeTJ8bgtykaOkgcxOi3uOt
ybRk3TrTnidHyIBcpI+S2ziiWem7Nqa+4JE5c6VNG/3oDYZDQSdkh/K+L1dg/NTL
bPGH1+VZEVFKDwfVcCIo+ekqKuyWY1HkvhY+mw4jXp3jcONUXvbgGk5LtXvVnvC4
d3p5h+X0QqtKcQSs9+DJVQr7yOdpyJsjZy1uDNrjN5to53DTxuBI/lXZsgDa1o6Y
Pge8Y1fWZCGYjn1GH94JU1iIbnJdCmT2O6Q0YtLkjv4T
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:20 2025 by rpki-client