Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Aguvl2K6QYsTyQiGfCVWSsgalkU.roa
File: Aguvl2K6QYsTyQiGfCVWSsgalkU.roa (raw, json)
Hash identifier: upig5nbmAyrXR/BeQqGJclM8kXWx2Uy5iPFpobRmcRE=
Subject key identifier: 02:0B:AF:97:62:BA:41:8B:13:C9:08:86:7C:25:56:4A:C8:1A:96:45
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 0194221F80EB5D44B00D70F14330EDC09AD6
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Aguvl2K6QYsTyQiGfCVWSsgalkU.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205836
IP address blocks: 103.226.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:80:eb:5d:44:b0:0d:70:f1:43:30:ed:c0:9a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=020baf9762ba418b13c908867c25564ac81a9645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:0c:7a:ec:b3:87:8d:94:61:b2:1f:f1:43:
4f:9a:2c:16:83:c9:df:94:6b:a5:ed:f8:a4:d0:02:
33:7d:d6:4d:7d:69:95:19:7e:de:94:15:59:ff:30:
99:83:68:97:ce:0a:0c:3b:42:ed:a1:52:d1:4c:c9:
54:c7:35:d4:56:ed:96:d6:0d:d8:48:99:e7:15:71:
87:f6:8f:d9:85:5c:15:d9:3f:46:f4:d4:e6:29:00:
56:2b:cb:15:ca:b0:48:6e:dc:4c:a2:82:4e:82:a1:
46:f2:82:52:be:ae:f5:be:44:92:6f:e7:8f:ee:af:
61:61:49:f4:5e:9d:44:a4:df:cd:51:bc:e6:a2:cd:
7a:8a:88:99:5a:e5:a8:4f:63:19:ae:ce:40:e5:b9:
ce:52:c9:92:f2:4b:40:31:b5:86:21:f4:c2:69:de:
50:ce:c0:06:ea:a8:90:10:21:0b:18:1f:02:0c:e1:
dd:24:29:49:ee:c6:59:76:03:10:d3:2a:8d:df:28:
26:aa:e7:1b:7b:ed:c9:52:2a:dd:57:47:41:78:95:
8c:b3:93:6c:cb:6d:6e:78:14:a8:07:34:f0:b1:8e:
a4:2b:d8:66:8a:ad:dc:04:dc:f5:45:c6:7c:d8:f0:
c1:ce:cc:11:4b:ca:3a:d2:c0:6a:79:e7:43:d6:db:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0B:AF:97:62:BA:41:8B:13:C9:08:86:7C:25:56:4A:C8:1A:96:45
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Aguvl2K6QYsTyQiGfCVWSsgalkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fa:43:1d:1b:87:0a:f5:2b:b4:12:4b:95:95:7b:96:71:72:
70:1c:33:06:7b:8f:10:6f:0c:b4:5e:e8:4f:ff:3e:0d:31:f8:
e8:86:f7:ef:92:54:92:5e:11:f3:d2:4f:14:7d:cc:bf:37:43:
45:80:bf:ec:80:af:b4:ed:80:77:63:16:a0:ef:8a:40:66:65:
84:10:d3:32:04:b7:52:7f:b6:aa:40:3a:98:69:e1:b6:29:fa:
2a:cc:be:ba:17:9f:94:3d:b9:fe:aa:de:e6:fc:c7:b8:d4:5f:
01:89:be:8d:7a:e8:2a:ef:fb:cf:00:5c:22:88:ac:61:80:ba:
db:1b:84:70:a0:9c:fd:90:11:66:44:a2:5b:8b:d1:4f:32:f8:
4a:ad:ca:e3:4a:94:94:73:64:09:55:24:7b:47:94:f8:eb:2e:
da:db:a1:2e:6c:c7:18:0e:26:02:da:6e:23:37:09:ce:42:2f:
bd:d0:38:71:dd:04:c7:40:e0:bd:4f:c2:6d:be:84:91:ed:fa:
e6:36:59:bf:c7:d2:61:22:28:0f:24:58:c0:96:02:f0:4f:5e:
da:c6:87:66:ee:9c:92:49:a4:3d:18:0c:b3:20:8e:a7:06:0a:
cc:ca:55:23:f7:93:70:78:fd:6f:ba:ad:a0:d2:b7:08:97:f2:
3c:00:df:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4DrXUSwDXDxQzDtwJrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBiYWY5NzYyYmE0MThiMTNjOTA4ODY3YzI1NTY0YWM4MWE5NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRUMeuyzh42UYbIf8UNPmiwWg8nf
lGul7fik0AIzfdZNfWmVGX7elBVZ/zCZg2iXzgoMO0LtoVLRTMlUxzXUVu2W1g3Y
SJnnFXGH9o/ZhVwV2T9G9NTmKQBWK8sVyrBIbtxMooJOgqFG8oJSvq71vkSSb+eP
7q9hYUn0Xp1EpN/NUbzmos16ioiZWuWoT2MZrs5A5bnOUsmS8ktAMbWGIfTCad5Q
zsAG6qiQECELGB8CDOHdJClJ7sZZdgMQ0yqN3ygmqucbe+3JUirdV0dBeJWMs5Ns
y21ueBSoBzTwsY6kK9hmiq3cBNz1RcZ82PDBzswRS8o60sBqeedD1tudAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAILr5diukGLE8kIhnwlVkrIGpZFMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvQWd1dmwySzZRWXNUeVFpR2ZDVldTc2dhbGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+LBMA0G
CSqGSIb3DQEBCwUAA4IBAQAP+kMdG4cK9Su0EkuVlXuWcXJwHDMGe48Qbwy0XuhP
/z4NMfjohvfvklSSXhHz0k8Ufcy/N0NFgL/sgK+07YB3Yxag74pAZmWEENMyBLdS
f7aqQDqYaeG2KfoqzL66F5+UPbn+qt7m/Me41F8Bib6Neugq7/vPAFwiiKxhgLrb
G4RwoJz9kBFmRKJbi9FPMvhKrcrjSpSUc2QJVSR7R5T46y7a26EubMcYDiYC2m4j
NwnOQi+90Dhx3QTHQOC9T8JtvoSR7frmNlm/x9JhIigPJFjAlgLwT17axodm7pyS
SaQ9GAyzII6nBgrMylUj95NweP1vuq2g0rcIl/I8AN90
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:45:05 2025 by rpki-client