Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/o9s6KAY3FsT03yFd5_zr8SGP2D0.roa
File: o9s6KAY3FsT03yFd5_zr8SGP2D0.roa (raw, json)
Hash identifier: D7rsMtD8bvO9VjJllO93lT4bcBCxWZ7nbpE0TJZARhI=
Subject key identifier: A3:DB:3A:28:06:37:16:C4:F4:DF:21:5D:E7:FC:EB:F1:21:8F:D8:3D
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 38AC12C7
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/o9s6KAY3FsT03yFd5_zr8SGP2D0.roa
Signing time: Tue 01 Mar 2022 08:54:29 +0000
ROA not before: Tue 01 Mar 2022 08:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48205
IP address blocks: 178.175.166.0/24 maxlen: 24
178.175.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950801095 (0x38ac12c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Mar 1 08:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3db3a28063716c4f4df215de7fcebf1218fd83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:1b:8d:c1:81:c0:43:33:48:34:d8:c3:5a:
ab:a8:07:db:0e:15:b9:43:17:c9:c7:75:52:6b:8e:
96:0d:93:bb:31:2f:93:0a:05:8a:3c:61:60:a8:4f:
94:f7:96:55:03:a0:d3:c5:0f:e3:ed:78:fb:97:46:
b3:47:2b:94:8d:e2:17:b1:10:18:9c:38:f6:88:b1:
e3:38:e5:63:7e:c5:5d:62:33:46:1e:e6:f5:8d:58:
9d:85:40:7a:ae:05:54:40:40:0e:7b:d7:4b:6c:b1:
9e:f0:09:6e:25:22:3b:4e:db:ed:36:63:22:12:38:
72:94:4e:79:2f:13:00:32:86:3d:5e:8e:8f:8f:72:
51:f9:14:a4:a1:70:a3:c0:2c:22:a5:06:49:0b:95:
39:f3:20:72:09:51:32:9b:2b:2c:59:62:4d:a7:42:
0c:f9:e1:b6:9e:44:30:ca:d9:0e:b6:eb:e0:6c:ad:
aa:c8:60:29:33:42:54:02:66:26:a8:84:8f:c6:f8:
fa:fa:1f:c7:c2:bb:b1:85:c1:e5:3b:90:9a:fa:a0:
b3:aa:bd:5b:fe:ed:41:d3:f3:f9:34:ac:73:01:6f:
09:98:8e:28:45:dd:ae:3b:21:2c:58:80:c5:e0:53:
56:af:0f:6e:15:85:e7:04:21:c4:a4:b2:32:4e:21:
da:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DB:3A:28:06:37:16:C4:F4:DF:21:5D:E7:FC:EB:F1:21:8F:D8:3D
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/o9s6KAY3FsT03yFd5_zr8SGP2D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.166.0/24
178.175.191.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:ed:90:46:cc:6b:ca:2f:5d:03:a2:1c:7f:df:c3:5e:6c:f6:
dd:25:f8:13:90:cb:bb:c7:87:ed:a6:1a:49:7b:22:04:fa:db:
af:6d:20:1b:90:0d:6e:4d:de:1f:4c:7e:d6:8a:20:1e:6c:f0:
16:04:52:de:2c:88:a8:84:df:14:a9:83:12:13:ea:3e:5a:ec:
9e:f8:74:88:cc:02:07:ad:f4:00:2b:95:30:86:05:b1:ec:74:
7f:49:07:7b:f4:f4:52:74:1a:a7:73:50:86:65:4a:d9:92:c6:
eb:9a:6d:6a:a4:d6:68:8e:ef:a5:a0:63:2b:a4:b1:b9:98:30:
2e:7a:b3:e0:d9:18:3d:3f:ba:a2:7e:9e:87:9b:1e:6e:d8:c4:
38:e6:19:f9:3e:fa:7e:91:31:3a:42:e1:de:8d:22:a6:96:97:
c2:c1:41:8f:22:63:4b:b5:4f:a6:bb:50:51:34:15:a8:95:a3:
5c:7c:ee:86:ac:78:be:ab:fc:8d:8c:47:11:12:57:4d:73:29:
d1:e4:a4:38:91:6e:da:93:e7:d6:39:f3:b8:e4:bf:40:79:75:
4d:b7:1c:b9:4f:dd:43:23:85:c9:77:e3:38:17:7c:2d:98:08:
4b:44:3d:a8:4c:81:dc:69:64:64:85:ac:4c:09:49:9f:ca:a3:
76:2c:dc:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOKwSxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDMw
MTA4NTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNkYjNhMjgwNjM3
MTZjNGY0ZGYyMTVkZTdmY2ViZjEyMThmZDgzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUfG43BgcBDM0g02MNaq6gH2w4VuUMXycd1UmuOlg2TuzEv
kwoFijxhYKhPlPeWVQOg08UP4+14+5dGs0crlI3iF7EQGJw49oix4zjlY37FXWIz
Rh7m9Y1YnYVAeq4FVEBADnvXS2yxnvAJbiUiO07b7TZjIhI4cpROeS8TADKGPV6O
j49yUfkUpKFwo8AsIqUGSQuVOfMgcglRMpsrLFliTadCDPnhtp5EMMrZDrbr4Gyt
qshgKTNCVAJmJqiEj8b4+vofx8K7sYXB5TuQmvqgs6q9W/7tQdPz+TSscwFvCZiO
KEXdrjshLFiAxeBTVq8PbhWF5wQhxKSyMk4h2j8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSj2zooBjcWxPTfIV3n/OvxIY/YPTAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
L285czZLQVkzRnNUMDN5RmQ1X3pyOFNHUDJEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALKvpgMEALKvvzANBgkqhkiG9w0B
AQsFAAOCAQEAxu2QRsxryi9dA6Icf9/DXmz23SX4E5DLu8eH7aYaSXsiBPrbr20g
G5ANbk3eH0x+1oogHmzwFgRS3iyIqITfFKmDEhPqPlrsnvh0iMwCB630ACuVMIYF
sex0f0kHe/T0UnQap3NQhmVK2ZLG65ptaqTWaI7vpaBjK6SxuZgwLnqz4NkYPT+6
on6eh5sebtjEOOYZ+T76fpExOkLh3o0ippaXwsFBjyJjS7VPprtQUTQVqJWjXHzu
hqx4vqv8jYxHERJXTXMp0eSkOJFu2pPn1jnzuOS/QHl1TbccuU/dQyOFyXfjOBd8
LZgIS0Q9qEyB3GlkZIWsTAlJn8qjdizcfQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:32 2025 by rpki-client