Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/XoG3wAnaKj85EYeQvI4_fYhbBKw.roa
File: XoG3wAnaKj85EYeQvI4_fYhbBKw.roa (raw, json)
Hash identifier: GEuShmazytM4r7dT50258u9E7X4g1AQX120g2Tr43wQ=
Subject key identifier: 5E:81:B7:C0:09:DA:2A:3F:39:11:87:90:BC:8E:3F:7D:88:5B:04:AC
Certificate issuer: /CN=ed2fa686d18c8020afc6adf55afdbe660dbaac15
Certificate serial: 01942368F11253EC1325781FF9194FA0E4F8
Authority key identifier: ED:2F:A6:86:D1:8C:80:20:AF:C6:AD:F5:5A:FD:BE:66:0D:BA:AC:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7S-mhtGMgCCvxq31Wv2-Zg26rBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/XoG3wAnaKj85EYeQvI4_fYhbBKw.roa
Signing time: Wed 01 Jan 2025 19:47:47 +0000
ROA not before: Wed 01 Jan 2025 19:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212870
IP address blocks: 91.198.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f1:12:53:ec:13:25:78:1f:f9:19:4f:a0:e4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed2fa686d18c8020afc6adf55afdbe660dbaac15
Validity
Not Before: Jan 1 19:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e81b7c009da2a3f39118790bc8e3f7d885b04ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:34:5c:db:79:0d:62:e9:1c:e0:e8:45:75:
fb:e3:61:f0:3c:41:e1:cf:b5:a3:0a:3d:59:6d:e8:
e6:4e:b3:29:8f:01:2b:bc:45:cc:e8:a4:a1:d6:6a:
24:7b:0b:37:86:64:b0:e2:8d:e0:18:c6:d8:36:80:
a9:bd:9f:a6:93:15:09:fb:5f:53:7c:ef:d3:e4:b8:
0e:ee:23:82:1c:e4:e3:33:4e:14:e8:f9:16:2f:8e:
49:b1:1d:70:71:73:8d:24:54:36:36:c8:2f:3b:e0:
77:16:a4:03:ae:55:28:75:09:bb:50:82:c2:0a:db:
8a:71:e2:ca:57:00:7b:1d:35:92:f1:62:4a:43:c9:
5f:c3:2b:e0:eb:7c:5a:f1:27:64:e3:c6:b5:ea:88:
97:4e:37:4c:2a:7f:47:16:8d:21:ef:1b:e2:f8:4a:
7a:6e:1d:94:9b:eb:dc:b5:e7:48:e7:2c:e9:07:03:
d8:7f:a2:19:15:fa:de:37:65:de:1b:a1:0c:07:34:
fa:4b:2b:17:d1:fa:64:45:cd:fd:cb:3f:00:e7:14:
17:35:a1:aa:20:62:4f:63:a1:e6:3a:bf:46:2c:3a:
56:3d:fc:08:40:9b:72:75:e5:0d:ce:d6:10:0e:69:
96:0e:d0:b7:3f:f4:3e:99:09:3e:9b:86:74:21:9d:
3f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:81:B7:C0:09:DA:2A:3F:39:11:87:90:BC:8E:3F:7D:88:5B:04:AC
X509v3 Authority Key Identifier:
keyid:ED:2F:A6:86:D1:8C:80:20:AF:C6:AD:F5:5A:FD:BE:66:0D:BA:AC:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7S-mhtGMgCCvxq31Wv2-Zg26rBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/XoG3wAnaKj85EYeQvI4_fYhbBKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/7S-mhtGMgCCvxq31Wv2-Zg26rBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.188.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:bd:68:85:69:64:2d:0a:51:82:13:53:d1:2a:31:95:c7:0a:
02:4c:94:0c:50:a2:1e:49:38:eb:d8:00:90:4e:80:df:b0:45:
45:cd:4b:99:0a:5a:bf:37:9b:0f:d6:8b:40:a1:4b:f4:e7:91:
09:8b:7a:7c:f5:b1:1b:18:b9:78:60:e7:7a:df:c7:6c:98:4b:
f6:91:33:d0:3c:e2:29:51:da:51:2f:e3:fe:2f:bd:e2:2d:11:
4e:c3:9c:63:45:26:22:ea:55:6a:dd:a3:8d:53:b7:dc:b0:c9:
60:39:e5:5f:98:89:8c:84:98:f7:60:b2:8c:f7:b0:c8:98:1a:
02:8b:61:cb:aa:20:a5:90:fc:4f:f6:ea:f5:2a:d0:55:10:62:
2b:83:31:e8:2d:ac:fb:c2:bb:69:e6:d0:a1:6e:92:cf:ed:fc:
15:2d:15:31:f8:4b:47:1d:3a:0e:a2:25:7c:76:34:72:e3:d7:
1d:77:65:3a:c7:a3:65:5d:42:21:e5:a6:87:60:53:2f:7a:00:
d9:b7:53:2a:5c:e1:c0:d3:df:97:71:bb:5f:b3:b8:d1:f5:f9:
cc:69:db:6a:d5:5f:d7:11:05:52:17:97:62:2e:b4:d8:d9:0d:
37:45:2b:e0:b7:34:bc:99:9a:01:bd:70:56:c7:50:68:27:6b:
31:de:56:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaPESU+wTJXgf+RlPoOT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMmZhNjg2ZDE4YzgwMjBhZmM2YWRmNTVhZmRiZTY2MGRi
YWFjMTUwHhcNMjUwMTAxMTk0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTgxYjdjMDA5ZGEyYTNmMzkxMTg3OTBiYzhlM2Y3ZDg4NWIwNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLw0XNt5DWLpHODoRXX742HwPEHh
z7WjCj1ZbejmTrMpjwErvEXM6KSh1mokews3hmSw4o3gGMbYNoCpvZ+mkxUJ+19T
fO/T5LgO7iOCHOTjM04U6PkWL45JsR1wcXONJFQ2NsgvO+B3FqQDrlUodQm7UILC
CtuKceLKVwB7HTWS8WJKQ8lfwyvg63xa8Sdk48a16oiXTjdMKn9HFo0h7xvi+Ep6
bh2Um+vctedI5yzpBwPYf6IZFfreN2XeG6EMBzT6SysX0fpkRc39yz8A5xQXNaGq
IGJPY6HmOr9GLDpWPfwIQJtydeUNztYQDmmWDtC3P/Q+mQk+m4Z0IZ0/5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6Bt8AJ2io/ORGHkLyOP32IWwSsMB8GA1UdIwQY
MBaAFO0vpobRjIAgr8at9Vr9vmYNuqwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1MtbWh0R01nQ0N2eHEzMVd2Mi1aZzI2ckJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kNzhmYzUtYmYzZS00Njg2LThkODUt
YzMzZjhhMjExMjJjLzEvWG9HM3dBbmFLajg1RVllUXZJNF9mWWhiQkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kNzhmYzUtYmYzZS00Njg2LThkODUtYzMzZjhhMjExMjJj
LzEvN1MtbWh0R01nQ0N2eHEzMVd2Mi1aZzI2ckJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8a8MA0G
CSqGSIb3DQEBCwUAA4IBAQAfvWiFaWQtClGCE1PRKjGVxwoCTJQMUKIeSTjr2ACQ
ToDfsEVFzUuZClq/N5sP1otAoUv055EJi3p89bEbGLl4YOd638dsmEv2kTPQPOIp
UdpRL+P+L73iLRFOw5xjRSYi6lVq3aONU7fcsMlgOeVfmImMhJj3YLKM97DImBoC
i2HLqiClkPxP9ur1KtBVEGIrgzHoLaz7wrtp5tChbpLP7fwVLRUx+EtHHToOoiV8
djRy49cdd2U6x6NlXUIh5aaHYFMvegDZt1MqXOHA09+Xcbtfs7jR9fnMadtq1V/X
EQVSF5diLrTY2Q03RSvgtzS8mZoBvXBWx1BoJ2sx3lYk
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:55:46 2025 by rpki-client