Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/egzibCHO9KvhgHq_HuNRrruN5i0.roa
File: egzibCHO9KvhgHq_HuNRrruN5i0.roa (raw, json)
Hash identifier: O3hSgQucydH4/+/xGtVH74B3A/aztjNheOBpLOb5vms=
Subject key identifier: 7A:0C:E2:6C:21:CE:F4:AB:E1:80:7A:BF:1E:E3:51:AE:BB:8D:E6:2D
Certificate issuer: /CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
Certificate serial: 0188B95C07F55BE6063BF6884F8169D332D2
Authority key identifier: F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/egzibCHO9KvhgHq_HuNRrruN5i0.roa
Signing time: Wed 14 Jun 2023 10:03:16 +0000
ROA not before: Wed 14 Jun 2023 10:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205368
IP address blocks: 91.237.150.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:5c:07:f5:5b:e6:06:3b:f6:88:4f:81:69:d3:32:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
Validity
Not Before: Jun 14 10:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a0ce26c21cef4abe1807abf1ee351aebb8de62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:ab:ac:92:bb:cc:d1:91:7f:81:a5:cb:3d:
ff:b3:37:26:bf:72:9b:85:ae:5a:c8:9b:5a:d8:02:
43:7e:15:fd:74:f3:61:98:0c:35:cd:1f:8d:d2:39:
04:00:ca:42:47:03:d2:41:b4:51:53:ad:4f:c3:cf:
30:16:fa:31:78:23:5c:a0:fd:73:6a:06:33:a1:97:
a1:3b:ba:f4:f3:88:05:31:a6:d4:ff:e3:d5:fe:65:
21:69:5d:e2:d1:60:79:2b:75:ca:f1:5a:ef:e1:45:
f6:b7:31:84:69:c3:b2:f6:24:ca:c6:93:42:99:ef:
57:08:1f:e4:7e:b5:eb:e9:ee:ea:48:b4:56:f5:53:
4b:99:b6:95:08:e3:db:73:0b:c2:f2:60:07:be:6f:
34:7d:e2:5b:8f:7a:2e:fa:27:35:29:fe:04:49:2d:
b3:08:e9:28:9a:c8:94:5a:99:84:b0:01:a0:ec:4e:
b7:0e:76:64:33:e3:6a:20:e5:95:9c:02:2d:da:6d:
43:53:ac:de:48:42:ff:45:1c:e6:3e:82:7c:0a:3d:
1d:a3:0d:59:b3:1f:5a:de:45:4d:fe:ea:0f:93:b0:
4b:ea:58:07:52:67:40:be:7d:68:ad:b6:ad:96:bb:
2b:03:7f:f2:21:50:21:03:d2:16:4e:8a:06:07:17:
be:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0C:E2:6C:21:CE:F4:AB:E1:80:7A:BF:1E:E3:51:AE:BB:8D:E6:2D
X509v3 Authority Key Identifier:
keyid:F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/egzibCHO9KvhgHq_HuNRrruN5i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.150.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f4:dd:02:d8:75:e7:cf:d2:18:e1:98:ba:4c:18:74:04:1a:
23:fa:1a:3b:89:62:24:90:7f:10:08:e7:a6:0d:f0:ba:f6:36:
1d:d6:a1:61:9b:90:e1:e7:53:de:c1:70:23:c9:32:67:af:71:
b0:05:1c:e4:69:36:95:56:3e:cc:e4:4d:13:8b:1c:f6:9f:42:
7e:89:fd:3b:07:0b:3d:cc:fc:fa:58:50:ae:33:18:8e:71:04:
4d:b8:9e:4a:fb:b1:f4:bd:00:b5:29:b1:5e:00:10:65:25:0c:
69:7e:c7:2d:f3:3a:3b:c4:72:1b:38:f4:cf:20:53:ac:b7:34:
c1:d4:c0:05:38:e6:04:08:97:eb:53:24:e0:a7:b9:ae:69:33:
b3:78:d0:e5:1d:9f:5d:25:ad:47:f0:a0:43:aa:1c:7b:29:c2:
48:86:17:b5:f1:24:6f:24:dd:20:df:a0:f4:bc:9a:83:46:d9:
f3:31:c4:db:39:b0:58:3c:d3:ff:80:7a:ae:74:04:72:ac:4c:
e3:b6:68:09:3e:55:7b:05:19:51:16:cb:65:82:ae:ef:5b:da:
75:86:fb:a9:80:26:d6:01:f9:b5:d2:23:75:d2:3c:7a:52:ab:
f8:13:a8:3f:5e:8a:39:43:20:60:c6:1a:d5:31:19:7f:e4:ac:
28:a2:a8:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi5XAf1W+YGO/aIT4Fp0zLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2ZlNGQ0MzRkMzg3NjQ0MDU3ZDI0MWVhYzZmNjlkM2Vl
ODFjMTIwHhcNMjMwNjE0MTAwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBjZTI2YzIxY2VmNGFiZTE4MDdhYmYxZWUzNTFhZWJiOGRlNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFGrrJK7zNGRf4Glyz3/szcmv3Kb
ha5ayJta2AJDfhX9dPNhmAw1zR+N0jkEAMpCRwPSQbRRU61Pw88wFvoxeCNcoP1z
agYzoZehO7r084gFMabU/+PV/mUhaV3i0WB5K3XK8Vrv4UX2tzGEacOy9iTKxpNC
me9XCB/kfrXr6e7qSLRW9VNLmbaVCOPbcwvC8mAHvm80feJbj3ou+ic1Kf4ESS2z
COkomsiUWpmEsAGg7E63DnZkM+NqIOWVnAIt2m1DU6zeSEL/RRzmPoJ8Cj0dow1Z
sx9a3kVN/uoPk7BL6lgHUmdAvn1orbatlrsrA3/yIVAhA9IWTooGBxe+SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHoM4mwhzvSr4YB6vx7jUa67jeYtMB8GA1UdIwQY
MBaAFPfP5NQ004dkQFfSQerG9p0+6BwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMt
YzQwNTQ0MjgxZWIwLzEvZWd6aWJDSE85S3ZoZ0hxX0h1TlJycnVONWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMtYzQwNTQ0MjgxZWIw
LzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+2WMA0G
CSqGSIb3DQEBCwUAA4IBAQBI9N0C2HXnz9IY4Zi6TBh0BBoj+ho7iWIkkH8QCOem
DfC69jYd1qFhm5Dh51PewXAjyTJnr3GwBRzkaTaVVj7M5E0Tixz2n0J+if07Bws9
zPz6WFCuMxiOcQRNuJ5K+7H0vQC1KbFeABBlJQxpfsct8zo7xHIbOPTPIFOstzTB
1MAFOOYECJfrUyTgp7muaTOzeNDlHZ9dJa1H8KBDqhx7KcJIhhe18SRvJN0g36D0
vJqDRtnzMcTbObBYPNP/gHqudARyrEzjtmgJPlV7BRlRFstlgq7vW9p1hvupgCbW
Afm10iN10jx6Uqv4E6g/Xoo5QyBgxhrVMRl/5Kwooqjg
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:47:13 2025 by rpki-client