Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/I_SWwVSQdm-3RSrvaUbkCE_F9Pw.roa
File: I_SWwVSQdm-3RSrvaUbkCE_F9Pw.roa (raw, json)
Hash identifier: nZfTrTAjpnyzxTyz10UzE+UHKZOrGeRCwQyOLo1h0Ig=
Subject key identifier: 23:F4:96:C1:54:90:76:6F:B7:45:2A:EF:69:46:E4:08:4F:C5:F4:FC
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 39C3D588
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/I_SWwVSQdm-3RSrvaUbkCE_F9Pw.roa
Signing time: Tue 21 Jun 2022 07:49:45 +0000
ROA not before: Tue 21 Jun 2022 07:49:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43289
IP address blocks: 178.175.128.0/19 maxlen: 24
178.17.160.0/20 maxlen: 24
178.175.160.0/20 maxlen: 24
103.197.148.0/22 maxlen: 24
178.175.176.0/22 maxlen: 24
2a00:1dc0::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 969135496 (0x39c3d588)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jun 21 07:49:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23f496c15490766fb7452aef6946e4084fc5f4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c6:b2:12:f0:33:b0:f5:bd:48:5d:61:07:72:
ea:e2:d0:bc:ba:26:48:c1:86:e7:ea:57:6a:48:bc:
04:74:b9:b5:55:f0:0e:4b:f1:42:bd:89:07:ad:69:
8c:a8:52:4e:92:e1:b6:78:3b:76:f1:70:44:fb:e7:
ca:1b:e8:f1:48:e4:64:62:6c:0e:d9:93:75:9a:e4:
09:53:26:b7:d7:05:19:38:3a:9d:62:d3:af:f7:79:
2e:d8:e3:77:f8:48:f2:9e:7a:3a:7e:a2:fd:7f:72:
7a:b0:b9:d8:6d:09:c5:08:62:41:ad:80:cd:f1:42:
00:40:38:79:40:ef:05:98:e2:94:a8:fa:49:a4:a3:
61:f8:0a:9d:ec:be:f4:46:6e:f0:d1:df:3f:c2:b1:
7f:50:ef:f8:0b:3a:5c:1f:4b:17:35:cb:3f:d0:f6:
11:d8:4a:7b:11:01:20:a1:66:39:4f:b9:76:72:f2:
59:26:40:27:ff:bb:36:0c:9a:c6:ad:f7:89:54:26:
df:cc:f3:95:29:94:21:61:da:7f:d2:07:75:ff:6b:
af:cb:4e:21:22:af:9c:49:11:83:21:31:66:34:69:
66:fe:85:c6:b3:d1:5b:cc:aa:57:e1:ea:4e:90:3c:
71:72:1e:0f:4c:c1:0d:73:c5:a5:d9:aa:f9:31:67:
f2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F4:96:C1:54:90:76:6F:B7:45:2A:EF:69:46:E4:08:4F:C5:F4:FC
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/I_SWwVSQdm-3RSrvaUbkCE_F9Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.197.148.0/22
178.17.160.0/20
178.175.128.0-178.175.179.255
IPv6:
2a00:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:98:5a:20:58:26:2f:60:c4:1a:62:56:e8:e4:32:4f:17:2a:
a9:63:56:1d:96:12:72:e3:6e:ac:29:45:65:b2:cf:d9:9a:2b:
2a:2a:6a:1b:70:2a:59:b3:5c:c9:cb:52:c1:31:4a:38:b2:a7:
63:50:b2:00:5d:aa:50:92:32:c4:a7:14:40:63:8d:84:8b:0a:
74:38:09:f2:af:3f:10:b4:73:a0:d4:9a:e7:93:79:57:cf:5e:
33:fc:70:f1:5a:c7:7c:9a:4c:87:e4:69:97:e4:62:99:cb:58:
f8:c7:c2:33:52:7d:0f:89:36:95:f2:d9:85:a3:23:ad:a2:1d:
84:80:1a:7d:47:e5:02:02:bd:ad:db:ce:c6:4d:32:d5:75:68:
5d:8f:8a:23:64:dc:51:65:5b:ef:4a:29:8e:d3:52:33:85:e6:
be:6d:87:e6:78:ef:30:5b:fc:5a:9f:48:1a:e1:1b:e3:01:9d:
e4:e1:96:d8:56:b8:5e:fa:bd:bb:c9:3e:0e:5f:6d:0f:f5:b5:
03:79:b3:df:65:07:dd:d4:82:25:8d:3d:f6:4d:e1:1f:85:0d:
b7:10:8e:91:c0:21:51:0a:14:82:b7:bc:84:46:fc:9f:e4:dd:
34:76:28:1f:ad:b4:45:15:ed:c8:56:63:e5:3a:a6:0f:4e:ec:
a1:ac:77:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEOcPViDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDYy
MTA3NDk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNmNDk2YzE1NDkw
NzY2ZmI3NDUyYWVmNjk0NmU0MDg0ZmM1ZjRmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObGshLwM7D1vUhdYQdy6uLQvLomSMGG5+pXaki8BHS5tVXw
DkvxQr2JB61pjKhSTpLhtng7dvFwRPvnyhvo8UjkZGJsDtmTdZrkCVMmt9cFGTg6
nWLTr/d5Ltjjd/hI8p56On6i/X9yerC52G0JxQhiQa2AzfFCAEA4eUDvBZjilKj6
SaSjYfgKney+9EZu8NHfP8Kxf1Dv+As6XB9LFzXLP9D2EdhKexEBIKFmOU+5dnLy
WSZAJ/+7Ngyaxq33iVQm38zzlSmUIWHaf9IHdf9rr8tOISKvnEkRgyExZjRpZv6F
xrPRW8yqV+HqTpA8cXIeD0zBDXPFpdmq+TFn8p8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQj9JbBVJB2b7dFKu9pRuQIT8X0/DAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
L0lfU1d3VlNRZG0tM1JTcnZhVWJrQ0VfRjlQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAmfFlAMEBLIRoDAMAwQHsq+AAwQC
sq+wMA0EAgACMAcDBQMqAB3AMA0GCSqGSIb3DQEBCwUAA4IBAQBgmFogWCYvYMQa
Ylbo5DJPFyqpY1YdlhJy426sKUVlss/ZmisqKmobcCpZs1zJy1LBMUo4sqdjULIA
XapQkjLEpxRAY42Eiwp0OAnyrz8QtHOg1Jrnk3lXz14z/HDxWsd8mkyH5GmX5GKZ
y1j4x8IzUn0PiTaV8tmFoyOtoh2EgBp9R+UCAr2t287GTTLVdWhdj4ojZNxRZVvv
SimO01Izhea+bYfmeO8wW/xan0ga4RvjAZ3k4ZbYVrhe+r27yT4OX20P9bUDebPf
ZQfd1IIljT32TeEfhQ23EI6RwCFRChSCt7yERvyf5N00digfrbRFFe3IVmPlOqYP
TuyhrHdT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:29 2025 by rpki-client