Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/xj_dIK07W5hBis6FqwQ6-kqRb-A.roa
File: xj_dIK07W5hBis6FqwQ6-kqRb-A.roa (raw, json)
Hash identifier: GxzvWCCyO+o3kO+mmyj1OfWD8xCaV0pfK+LrGEAKRnI=
Subject key identifier: C6:3F:DD:20:AD:3B:5B:98:41:8A:CE:85:AB:04:3A:FA:4A:91:6F:E0
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: CA94DD
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/xj_dIK07W5hBis6FqwQ6-kqRb-A.roa
Signing time: Mon 04 Jul 2022 06:41:25 +0000
ROA not before: Mon 04 Jul 2022 06:41:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47787
IP address blocks: 193.109.184.0/21 maxlen: 24
2001:b18::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13276381 (0xca94dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Jul 4 06:41:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c63fdd20ad3b5b98418ace85ab043afa4a916fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:21:47:d0:a3:24:45:eb:d8:66:15:80:df:
f0:0e:3b:46:10:54:c3:7c:0a:93:d6:9f:09:df:d9:
21:c7:d0:c4:ab:df:1b:f6:c1:d1:cb:37:c5:43:7c:
ba:17:12:be:75:0b:91:d3:40:b4:d9:ba:c3:47:d7:
99:16:58:71:56:a8:93:f9:ab:d1:d6:67:af:42:4b:
7d:84:d7:e3:91:97:ad:91:52:1b:d5:ed:08:e7:a7:
15:b0:2c:b0:b0:ee:3a:2f:a1:6b:9f:6a:14:08:97:
c4:d7:06:41:ff:76:0e:23:70:34:2c:1e:d5:05:3d:
94:b8:3b:fb:3e:dd:25:e8:6c:3f:40:58:f6:2f:80:
75:ee:91:52:33:fb:6c:d0:2a:2b:d1:44:eb:3d:d1:
12:16:28:b8:34:f8:14:d7:4c:bf:f6:57:37:f4:8c:
2c:67:df:d8:ff:59:91:66:7c:a3:e3:c4:5f:fb:46:
ac:8d:5b:8b:c0:97:e9:45:bd:ef:b4:4c:09:b7:02:
bd:91:f8:25:14:76:e1:62:9d:e4:24:bc:d7:a2:00:
18:b3:d1:30:af:70:14:c1:bc:bb:fe:e3:14:eb:ef:
b2:d7:62:72:30:cc:1a:b3:74:cb:8d:cd:10:2d:b6:
26:89:fc:a1:1e:2a:4b:93:ac:ba:0c:1d:ce:86:4e:
13:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3F:DD:20:AD:3B:5B:98:41:8A:CE:85:AB:04:3A:FA:4A:91:6F:E0
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/xj_dIK07W5hBis6FqwQ6-kqRb-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.184.0/21
IPv6:
2001:b18::/32
Signature Algorithm: sha256WithRSAEncryption
82:66:8a:f2:95:f2:b3:fb:fa:16:b1:a7:d8:1a:27:87:90:ac:
1b:03:17:a8:e5:f2:09:7c:f3:43:f3:a0:17:c8:24:75:35:d4:
c9:67:a0:6c:cd:83:ed:7e:91:95:2a:34:b8:41:0a:b9:c6:48:
f7:67:56:d0:11:32:43:09:0a:0b:00:41:3f:95:b0:9a:1c:8c:
16:87:85:3b:23:ff:2c:25:0b:17:01:8b:67:42:e6:2c:cf:bc:
eb:ef:31:97:80:80:20:00:b4:08:95:fd:3c:0f:47:ae:6c:9a:
b5:27:1a:24:01:62:a6:c8:37:a7:85:32:fc:e1:c6:48:cd:cc:
a4:37:72:fe:82:13:93:34:ce:49:92:af:51:f3:2c:74:e9:f4:
b0:3b:9b:c9:a5:97:a0:22:20:a4:6a:13:7e:3d:9c:99:47:6e:
db:99:d7:8f:3c:3f:8b:4a:9e:f1:59:94:b4:66:35:6c:24:ba:
9e:83:fd:7c:56:2a:0c:6f:d9:dd:99:71:6a:2b:82:c3:8f:ff:
d3:f5:96:12:3b:b6:11:33:c2:24:28:62:52:a0:53:bf:e4:d6:
06:e5:2d:c5:00:ab:bf:f2:66:c2:81:a7:67:06:dd:be:ff:9e:
41:4d:ef:87:4d:e0:e7:b8:fc:60:24:fb:ab:c4:e7:f7:18:f3:
e8:37:f3:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAMqU3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzQ1NzlhNDAyODgyOWQzN2FjYWM2NWY2NmMwNTYwNjMyNTFlNTdlMB4XDTIyMDcw
NDA2NDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYzZmRkMjBhZDNi
NWI5ODQxOGFjZTg1YWIwNDNhZmE0YTkxNmZlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFnIUfQoyRF69hmFYDf8A47RhBUw3wKk9afCd/ZIcfQxKvf
G/bB0cs3xUN8uhcSvnULkdNAtNm6w0fXmRZYcVaok/mr0dZnr0JLfYTX45GXrZFS
G9XtCOenFbAssLDuOi+ha59qFAiXxNcGQf92DiNwNCwe1QU9lLg7+z7dJehsP0BY
9i+Ade6RUjP7bNAqK9FE6z3REhYouDT4FNdMv/ZXN/SMLGff2P9ZkWZ8o+PEX/tG
rI1bi8CX6UW977RMCbcCvZH4JRR24WKd5CS816IAGLPRMK9wFMG8u/7jFOvvstdi
cjDMGrN0y43NEC22Jon8oR4qS5OsugwdzoZOE7cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTGP90grTtbmEGKzoWrBDr6SpFv4DAfBgNVHSMEGDAWgBQMRXmkAogp03rK
xl9mwFYGMlHlfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RFVjVwQUtJS2RONnlzWmZac0JXQmpKUjVYNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZWRhZWI1LTVlNmUtNDExYi05OWNiLTNjNTAxODA3ODBiMC8x
L3hqX2RJSzA3VzVoQmlzNkZxd1E2LWtxUmItQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZWRhZWI1LTVlNmUtNDExYi05OWNiLTNjNTAxODA3ODBiMC8xL0RFVjVwQUtJS2RO
NnlzWmZac0JXQmpKUjVYNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA8FtuDANBAIAAjAHAwUAIAELGDAN
BgkqhkiG9w0BAQsFAAOCAQEAgmaK8pXys/v6FrGn2Bonh5CsGwMXqOXyCXzzQ/Og
F8gkdTXUyWegbM2D7X6RlSo0uEEKucZI92dW0BEyQwkKCwBBP5WwmhyMFoeFOyP/
LCULFwGLZ0LmLM+86+8xl4CAIAC0CJX9PA9HrmyatScaJAFipsg3p4Uy/OHGSM3M
pDdy/oITkzTOSZKvUfMsdOn0sDubyaWXoCIgpGoTfj2cmUdu25nXjzw/i0qe8VmU
tGY1bCS6noP9fFYqDG/Z3ZlxaiuCw4//0/WWEju2ETPCJChiUqBTv+TWBuUtxQCr
v/JmwoGnZwbdvv+eQU3vh03g57j8YCT7q8Tn9xjz6DfzSQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:02 2025 by rpki-client