Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/58VnPI2q-Ojbei9MwP4s915qaEc.roa
File: 58VnPI2q-Ojbei9MwP4s915qaEc.roa (raw, json)
Hash identifier: 339NLyit6Oz+WM2bLFKrkrt2iBtYbG0qkKeQP7xlyGw=
Subject key identifier: E7:C5:67:3C:8D:AA:F8:E8:DB:7A:2F:4C:C0:FE:2C:F7:5E:6A:68:47
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0241C104
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/58VnPI2q-Ojbei9MwP4s915qaEc.roa
Signing time: Sat 01 Jan 2022 05:56:46 +0000
ROA not before: Sat 01 Jan 2022 05:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394814
IP address blocks: 94.131.80.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37863684 (0x241c104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 05:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7c5673c8daaf8e8db7a2f4cc0fe2cf75e6a6847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:40:19:d5:35:47:d9:de:a5:16:f0:19:57:ca:
ca:6b:1a:d3:c5:ff:49:d0:fe:04:5b:46:a8:79:1c:
29:53:57:eb:d2:63:50:ed:87:e0:f5:73:56:5c:a2:
2b:26:29:ca:c6:36:d0:5b:34:b9:b3:2d:f1:92:87:
c3:74:55:3a:0a:02:20:fd:e5:d8:d3:08:e5:d7:09:
4d:f2:3b:07:61:bf:72:e3:f7:b7:54:be:e8:d9:e3:
e1:7d:d2:f8:56:e2:b7:8e:76:5e:ae:ff:e4:1f:59:
51:68:25:27:19:c0:55:7d:f7:bb:04:41:69:52:30:
5b:a3:15:f7:b2:8a:98:6e:80:8e:d3:6f:f5:96:ec:
27:6d:bd:c1:91:37:fb:45:03:2f:06:b0:3d:85:dd:
35:9d:c7:26:6f:b1:7b:ce:13:1f:12:a6:d3:63:70:
17:30:23:fb:3e:6a:8e:7a:f8:24:29:03:a1:94:ba:
c9:c4:28:29:5f:f8:5d:38:e6:91:27:cb:e6:6a:29:
cb:38:8e:b9:c1:d8:56:1a:16:0d:1a:bb:01:4c:74:
5e:fd:53:09:39:3b:28:8b:93:ef:b7:b2:e1:30:2e:
b1:c6:20:05:b5:44:8f:d1:fb:51:b7:96:8c:6c:46:
69:b8:4f:3d:11:f1:e1:c2:7e:91:da:c4:e6:33:a6:
3a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C5:67:3C:8D:AA:F8:E8:DB:7A:2F:4C:C0:FE:2C:F7:5E:6A:68:47
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/58VnPI2q-Ojbei9MwP4s915qaEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:1c:c9:d9:4a:1c:1d:b1:f9:a5:20:19:10:0c:80:b0:4b:59:
8a:11:4a:22:db:6c:9d:38:43:4c:cf:3d:51:dc:59:fc:75:bc:
25:f5:aa:dc:bf:21:41:70:86:6f:b4:d1:24:d2:86:0a:8c:96:
17:50:ae:3f:2f:15:89:d3:39:8f:4e:63:2c:c2:9f:51:1d:41:
d0:41:f1:57:9a:18:e0:33:95:4d:af:33:d8:fa:c6:c2:3b:79:
dd:9a:06:40:3a:98:1c:50:d8:16:47:f3:bd:32:e5:40:c4:fd:
48:69:71:cd:b4:8f:3c:fb:f7:25:57:cd:f4:af:3e:90:f5:c0:
a2:b9:8d:14:b4:2c:57:65:f8:75:11:ee:4f:e8:bd:b3:ca:9e:
60:24:2e:19:40:40:52:e1:d6:92:a7:b8:97:e2:35:b1:e2:1c:
03:fb:69:08:71:b5:7d:06:6f:04:ec:f9:c1:32:e5:06:2d:dc:
97:32:33:7e:72:84:d4:8a:09:e0:7b:1a:7c:53:69:32:9e:e2:
a3:c7:d9:f7:6b:99:b8:5b:5d:e1:8d:85:fc:28:3b:e1:1b:d3:
b2:cc:56:ff:a2:5e:7c:6a:4e:47:12:e7:a2:2c:b8:88:8f:25:
fc:8b:58:90:a8:3b:7c:a3:84:ff:41:38:40:87:e2:43:2b:10:
c8:b3:9a:3e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkHBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDc0M2VkNjNlODY4ZWY1MGY2ZDg0YzAwMDNhODM0ODNmYzYyYTAzMB4XDTIyMDEw
MTA1NTY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdjNTY3M2M4ZGFh
ZjhlOGRiN2EyZjRjYzBmZTJjZjc1ZTZhNjg0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNAGdU1R9nepRbwGVfKymsa08X/SdD+BFtGqHkcKVNX69Jj
UO2H4PVzVlyiKyYpysY20Fs0ubMt8ZKHw3RVOgoCIP3l2NMI5dcJTfI7B2G/cuP3
t1S+6Nnj4X3S+Fbit452Xq7/5B9ZUWglJxnAVX33uwRBaVIwW6MV97KKmG6AjtNv
9ZbsJ229wZE3+0UDLwawPYXdNZ3HJm+xe84THxKm02NwFzAj+z5qjnr4JCkDoZS6
ycQoKV/4XTjmkSfL5mopyziOucHYVhoWDRq7AUx0Xv1TCTk7KIuT77ey4TAuscYg
BbVEj9H7UbeWjGxGabhPPRHx4cJ+kdrE5jOmOiECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTnxWc8jar46Nt6L0zA/iz3XmpoRzAfBgNVHSMEGDAWgBRtdD7WPoaO9Q9t
hMAAOoNIP8YqAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JYUS0xajZHanZVUGJZVEFBRHFEU0RfR0tnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8x
LzU4Vm5QSTJxLU9qYmVpOU13UDRzOTE1cWFFYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8xL2JYUS0xajZHanZV
UGJZVEFBRHFEU0RfR0tnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBF6DUDANBgkqhkiG9w0BAQsFAAOC
AQEAKxzJ2UocHbH5pSAZEAyAsEtZihFKIttsnThDTM89UdxZ/HW8JfWq3L8hQXCG
b7TRJNKGCoyWF1CuPy8VidM5j05jLMKfUR1B0EHxV5oY4DOVTa8z2PrGwjt53ZoG
QDqYHFDYFkfzvTLlQMT9SGlxzbSPPPv3JVfN9K8+kPXAormNFLQsV2X4dRHuT+i9
s8qeYCQuGUBAUuHWkqe4l+I1seIcA/tpCHG1fQZvBOz5wTLlBi3clzIzfnKE1IoJ
4HsafFNpMp7io8fZ92uZuFtd4Y2F/Cg74RvTssxW/6JefGpORxLnoiy4iI8l/ItY
kKg7fKOE/0E4QIfiQysQyLOaPg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:32:31 2025 by rpki-client