Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/1-UtXFfrrAaAG2n54Jg8rSHLv3-w.roa
File: 1-UtXFfrrAaAG2n54Jg8rSHLv3-w.roa (raw, json)
Hash identifier: 8aMVfTq1oGQQ5uJgblCgGB2yI35NMnftLHzYCfTmoMA=
Subject key identifier: F9:4B:57:15:FA:EB:01:A0:06:DA:7E:78:26:0F:2B:48:72:EF:DF:EC
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 01859AE298737A41155AB217BDD635BBF3A9
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/1-UtXFfrrAaAG2n54Jg8rSHLv3-w.roa
Signing time: Tue 10 Jan 2023 08:53:39 +0000
ROA not before: Tue 10 Jan 2023 08:53:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205836
IP address blocks: 103.226.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:e2:98:73:7a:41:15:5a:b2:17:bd:d6:35:bb:f3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 10 08:53:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f94b5715faeb01a006da7e78260f2b4872efdfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b8:d4:8a:1d:64:07:7e:33:7f:dd:3a:64:1b:
93:cc:c4:73:f2:92:23:7c:ce:1e:1e:51:ab:5d:2e:
f6:e8:c7:47:5d:20:8a:54:c0:79:19:43:8c:17:0b:
9b:94:c6:58:7b:0f:5a:03:e5:69:19:cc:34:4a:fe:
f9:02:36:06:0c:2f:79:6a:db:f5:14:55:b9:86:5a:
cc:c1:ac:28:fd:b0:76:6f:ac:5e:70:91:f5:c0:d3:
82:6b:47:f1:54:95:71:d2:f4:46:aa:1a:28:42:b1:
b0:f2:32:b4:38:09:39:4e:aa:07:b7:20:87:b1:ed:
33:5e:33:a0:62:42:0f:8f:a8:69:3f:c2:76:e7:15:
f7:2a:db:d2:10:1c:4f:d0:4e:d5:0f:1d:7c:74:a5:
67:ed:ee:f7:06:67:54:fd:da:9a:1f:01:ca:60:bd:
dd:2b:6a:30:d2:0e:b0:97:b6:b0:b8:80:e0:62:ca:
7c:bb:57:f3:52:0d:5f:79:0d:5a:02:e8:db:65:1b:
45:b1:3d:4e:2a:b9:52:90:ef:0a:53:ff:7b:17:46:
31:3f:f6:34:0d:8e:00:72:64:e6:ae:0c:84:d8:6e:
1e:95:ce:2f:7b:b9:c0:3d:6d:05:b2:59:b8:d6:30:
a8:39:c7:4e:11:4f:68:6e:42:8a:b7:47:e5:58:14:
32:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:4B:57:15:FA:EB:01:A0:06:DA:7E:78:26:0F:2B:48:72:EF:DF:EC
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/1-UtXFfrrAaAG2n54Jg8rSHLv3-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.193.0/24
Signature Algorithm: sha256WithRSAEncryption
90:8c:08:d3:20:35:88:a9:2d:38:4c:ce:79:bf:9b:9c:ff:cf:
bd:ac:3f:fc:96:a5:e5:8d:3b:55:8d:a1:2f:53:09:82:65:af:
c9:f8:fa:32:08:b2:e3:cb:a9:44:a2:d9:47:9d:e5:8e:8b:78:
01:10:cb:d0:7c:16:d1:c6:8a:77:71:3c:b0:01:af:3b:0c:a3:
94:a2:c9:3f:01:4c:de:25:04:1d:82:56:b4:ff:ee:59:13:5d:
02:6d:72:43:85:a3:ac:5e:32:bc:62:e0:d8:fd:ae:de:c6:8d:
d5:f3:21:37:1f:a1:0d:72:27:3b:eb:06:5f:fa:2b:f0:bf:8f:
0a:87:dc:a4:93:87:68:49:7a:d3:4b:d5:90:8b:c6:81:5b:39:
06:46:e4:c9:ac:a3:a1:c2:6d:40:ae:67:e9:2e:1f:6f:ee:ba:
c0:e9:5b:22:6a:e0:c5:4d:bc:e4:fb:c8:e0:36:1c:6c:e4:a6:
d5:ff:13:04:ab:2c:0a:83:f0:f3:a2:0c:3f:c3:65:e5:6b:e6:
d2:03:c5:03:ce:c9:0d:b9:a0:22:b6:e1:0d:5c:d8:c1:e4:a3:
d6:88:ae:f9:01:61:15:09:07:c1:25:49:8a:05:78:b8:61:77:
d8:50:68:8b:9a:d7:38:52:fe:e9:b5:5a:97:e7:a7:ec:7d:6b:
1f:df:e0:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWa4phzekEVWrIXvdY1u/OpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjMwMTEwMDg1MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTRiNTcxNWZhZWIwMWEwMDZkYTdlNzgyNjBmMmI0ODcyZWZkZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLjUih1kB34zf906ZBuTzMRz8pIj
fM4eHlGrXS726MdHXSCKVMB5GUOMFwublMZYew9aA+VpGcw0Sv75AjYGDC95atv1
FFW5hlrMwawo/bB2b6xecJH1wNOCa0fxVJVx0vRGqhooQrGw8jK0OAk5TqoHtyCH
se0zXjOgYkIPj6hpP8J25xX3KtvSEBxP0E7VDx18dKVn7e73BmdU/dqaHwHKYL3d
K2ow0g6wl7awuIDgYsp8u1fzUg1feQ1aAujbZRtFsT1OKrlSkO8KU/97F0YxP/Y0
DY4AcmTmrgyE2G4elc4ve7nAPW0Fslm41jCoOcdOEU9obkKKt0flWBQytQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlLVxX66wGgBtp+eCYPK0hy79/sMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvMS1VdFhGZnJyQWFBRzJuNTRKZzhyU0hMdjMtdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWEvMWE1YTk2LWQzNmUtNGYzYS05YjM0LTA1NDhkMzg5NWE1
NS8xL0N4NXk4OUNWZjFwdU85RzRSS0VxWVVkRWtDYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGfiwTAN
BgkqhkiG9w0BAQsFAAOCAQEAkIwI0yA1iKktOEzOeb+bnP/Pvaw//Jal5Y07VY2h
L1MJgmWvyfj6Mgiy48upRKLZR53ljot4ARDL0HwW0caKd3E8sAGvOwyjlKLJPwFM
3iUEHYJWtP/uWRNdAm1yQ4WjrF4yvGLg2P2u3saN1fMhNx+hDXInO+sGX/or8L+P
CofcpJOHaEl600vVkIvGgVs5BkbkyayjocJtQK5n6S4fb+66wOlbImrgxU285PvI
4DYcbOSm1f8TBKssCoPw86IMP8Nl5Wvm0gPFA87JDbmgIrbhDVzYweSj1oiu+QFh
FQkHwSVJigV4uGF32FBoi5rXOFL+6bVal+en7H1rH9/gOw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:13 2025 by rpki-client