Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/AuznsddGnZmPHqzxWCKV_NJXxqE.roa
File: AuznsddGnZmPHqzxWCKV_NJXxqE.roa (raw, json)
Hash identifier: 50HZ+SHhzZXJU8Y2tU6n94T5zhf08r6Lrm44goAzLPk=
Subject key identifier: 02:EC:E7:B1:D7:46:9D:99:8F:1E:AC:F1:58:22:95:FC:D2:57:C6:A1
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 09FBF3A3
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/AuznsddGnZmPHqzxWCKV_NJXxqE.roa
Signing time: Sat 01 Jan 2022 11:55:58 +0000
ROA not before: Sat 01 Jan 2022 11:55:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 193.31.116.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167506851 (0x9fbf3a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 1 11:55:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02ece7b1d7469d998f1eacf1582295fcd257c6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:9d:49:26:a2:25:b5:fa:64:70:5e:c1:bb:
88:76:50:92:48:ed:bd:2e:81:8c:d3:e0:01:99:59:
e2:c3:03:c4:e5:2a:40:31:54:8f:b1:c1:a8:e4:52:
30:22:c3:89:8a:04:16:88:b4:d9:31:d9:43:10:1e:
62:9b:1b:c2:99:3e:4e:a6:02:71:0f:53:7d:82:cd:
db:4f:d2:eb:f4:d1:8e:9d:11:13:74:ce:8f:65:96:
85:f3:97:17:d7:25:6e:46:be:df:ef:e3:0c:e6:01:
b7:85:a1:79:4d:02:69:82:28:78:8d:5f:ce:e2:5a:
13:34:08:27:6c:1b:fa:f7:b9:ae:85:c0:93:34:1c:
ec:07:66:ce:3d:8a:4c:70:e2:0b:f9:68:ba:0b:78:
83:95:24:7d:17:83:92:1c:c0:70:f2:9e:95:98:70:
68:d8:ca:3d:be:99:aa:10:2c:18:16:b7:85:48:8e:
92:1c:91:da:87:57:9f:33:2b:b2:83:af:0e:b3:41:
c6:f3:7b:f6:be:b8:f5:da:7e:68:77:96:8c:1b:1e:
8f:9b:74:0c:40:1f:31:27:27:5f:bb:ac:fc:52:f2:
47:32:40:cb:2b:85:e7:cf:11:45:a0:8d:97:d4:74:
90:8f:c1:39:31:68:b7:22:96:85:c5:9a:6d:21:cf:
4d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EC:E7:B1:D7:46:9D:99:8F:1E:AC:F1:58:22:95:FC:D2:57:C6:A1
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/AuznsddGnZmPHqzxWCKV_NJXxqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.41.0/24
193.31.116.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:62:87:04:a2:0e:e7:b1:0e:4f:b6:67:70:95:18:63:84:11:
cd:5d:b9:ef:a5:fc:33:39:38:4a:a6:ad:48:cb:5e:7b:dc:76:
5c:54:b1:9a:c8:75:9d:db:d9:1a:80:98:6a:95:4f:25:cc:c4:
35:f4:a2:0d:49:ab:3b:41:29:4c:ed:d6:f2:d3:14:f4:bc:aa:
76:93:7c:a8:d1:77:b5:fd:6c:a0:ff:1f:00:d6:55:a6:0a:ec:
27:ce:1c:ba:21:ef:b7:58:39:2c:b0:85:9d:e4:c4:7e:35:0c:
dc:db:a1:99:19:50:d4:52:bf:c5:d9:ed:b1:40:e7:e7:9d:62:
9b:52:03:e6:d1:6f:b8:89:5f:f1:21:9a:ea:0e:a4:00:f6:14:
e1:2d:1f:15:b9:6f:57:4c:d7:8a:03:e6:6a:f4:43:a9:a0:09:
ee:9a:7b:0d:9d:d3:d0:60:23:a9:28:13:e6:e4:5c:7d:e8:df:
a4:9d:26:4e:20:ee:45:07:02:2d:d4:fe:d1:81:c0:0b:0b:86:
5d:3b:43:5b:f9:28:f2:c4:02:82:7b:12:e4:06:a6:08:c5:9e:
b8:ef:ed:d7:e9:96:6f:2d:3b:6f:19:33:bb:4d:9e:44:7c:f6:
9e:28:d4:14:fc:a6:c8:3c:d2:77:44:b0:06:eb:98:4b:89:2f:
88:82:23:a2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECfvzozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDEw
MTExNTU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJlY2U3YjFkNzQ2
OWQ5OThmMWVhY2YxNTgyMjk1ZmNkMjU3YzZhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNQnUkmoiW1+mRwXsG7iHZQkkjtvS6BjNPgAZlZ4sMDxOUq
QDFUj7HBqORSMCLDiYoEFoi02THZQxAeYpsbwpk+TqYCcQ9TfYLN20/S6/TRjp0R
E3TOj2WWhfOXF9clbka+3+/jDOYBt4WheU0CaYIoeI1fzuJaEzQIJ2wb+ve5roXA
kzQc7Admzj2KTHDiC/lougt4g5UkfReDkhzAcPKelZhwaNjKPb6ZqhAsGBa3hUiO
khyR2odXnzMrsoOvDrNBxvN79r649dp+aHeWjBsej5t0DEAfMScnX7us/FLyRzJA
yyuF588RRaCNl9R0kI/BOTFotyKWhcWabSHPTR0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQC7Oex10admY8erPFYIpX80lfGoTAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L0F1em5zZGRHblptUEhxenhXQ0tWX05KWHhxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALBiKQMEAMEfdDANBgkqhkiG9w0B
AQsFAAOCAQEASmKHBKIO57EOT7ZncJUYY4QRzV2576X8Mzk4SqatSMtee9x2XFSx
msh1ndvZGoCYapVPJczENfSiDUmrO0EpTO3W8tMU9LyqdpN8qNF3tf1soP8fANZV
pgrsJ84cuiHvt1g5LLCFneTEfjUM3NuhmRlQ1FK/xdntsUDn551im1ID5tFvuIlf
8SGa6g6kAPYU4S0fFblvV0zXigPmavRDqaAJ7pp7DZ3T0GAjqSgT5uRcfejfpJ0m
TiDuRQcCLdT+0YHACwuGXTtDW/ko8sQCgnsS5AamCMWeuO/t1+mWby07bxkzu02e
RHz2nijUFPymyDzSd0SwBuuYS4kviIIjog==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:55:21 2025 by rpki-client