Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/C7wvkTT7YczFhqT1g0jWtWfNrbo.roa
File: C7wvkTT7YczFhqT1g0jWtWfNrbo.roa (raw, json)
Hash identifier: /FKL843tNx0KiZlfgen2vDeP1BzNLbQhm91cnkdZwRo=
Subject key identifier: 0B:BC:2F:91:34:FB:61:CC:C5:86:A4:F5:83:48:D6:B5:67:CD:AD:BA
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 019096B1D3892428D60B08F88053CF0F6435
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/C7wvkTT7YczFhqT1g0jWtWfNrbo.roa
Signing time: Tue 09 Jul 2024 08:52:34 +0000
ROA not before: Tue 09 Jul 2024 08:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 213.226.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:b1:d3:89:24:28:d6:0b:08:f8:80:53:cf:0f:64:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jul 9 08:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bbc2f9134fb61ccc586a4f58348d6b567cdadba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0d:65:af:ef:37:10:2a:e4:a3:a4:73:20:4b:
c8:80:f1:df:61:1c:3b:9f:6e:c0:55:e9:84:77:0e:
b4:aa:49:cc:de:21:c5:c0:6d:c7:1b:86:db:65:bb:
fa:18:1c:3f:39:ea:ec:89:79:87:35:0c:b0:40:78:
49:92:eb:60:a4:2b:47:78:37:ba:dd:3e:ad:cb:a5:
a5:1e:bd:08:83:bf:b9:72:df:f2:7a:d9:52:12:80:
29:0e:27:65:38:1f:b8:36:85:17:2a:6f:a4:f4:21:
13:0a:c9:fa:8e:cc:28:f5:3a:82:fb:b0:ee:b1:f9:
47:69:63:2e:ba:b5:94:0a:32:4a:76:88:a4:c4:3f:
af:77:a4:7e:96:d7:c9:98:65:7f:de:8f:b9:5d:d3:
ac:25:79:b5:3b:e9:74:df:fb:13:07:cc:95:bf:ca:
78:1b:f4:b5:05:0a:ef:9b:c6:d5:37:77:2f:77:6e:
8b:c3:23:f4:aa:81:a9:8a:ef:cf:65:ed:c3:8c:1b:
58:c6:be:e0:c5:5b:1d:2a:61:8b:5b:8b:d5:4f:41:
de:f5:a2:ce:fd:fc:1a:f9:38:e2:96:8a:ce:81:0b:
69:f7:00:74:f1:20:19:fb:58:43:4c:2c:f5:be:08:
09:e5:c0:d1:f1:35:1d:f2:15:fc:6e:f7:aa:34:bb:
db:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BC:2F:91:34:FB:61:CC:C5:86:A4:F5:83:48:D6:B5:67:CD:AD:BA
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/C7wvkTT7YczFhqT1g0jWtWfNrbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.226.117.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:bf:f6:f3:eb:18:ce:34:09:b1:15:06:fc:d6:bd:93:fa:95:
ed:0a:69:64:39:a2:1f:ce:88:8e:9e:16:15:32:be:f1:92:20:
d9:4e:99:e3:6c:7b:c6:1e:19:a1:2c:dc:79:4e:01:18:fb:c8:
df:d9:da:6c:c6:a0:b7:49:29:09:0d:9e:c8:e1:ce:b0:18:fe:
01:9b:54:2a:f3:7a:d7:78:da:ac:bc:b7:80:ed:57:1e:c6:29:
c2:e8:6c:3a:96:fd:1c:47:31:4a:3b:e4:a4:c9:57:cc:6e:ba:
9c:79:5f:76:fc:3d:a5:89:19:51:a8:ee:86:29:70:91:14:1c:
2f:40:9d:63:78:f9:e6:93:4a:76:ee:b5:1d:ff:08:28:66:53:
4d:21:10:72:42:53:b4:85:73:97:e9:41:de:67:df:b1:7d:03:
61:b6:cf:f2:73:3f:4b:bf:9a:19:5a:d9:48:b7:db:3b:29:a7:
fd:ee:a3:65:dd:e8:fb:50:de:08:9d:82:91:09:34:36:29:c0:
99:aa:09:6c:ec:a8:49:d3:c7:96:f8:d4:06:9c:70:b8:42:01:
9e:5e:11:72:75:f2:1c:99:a1:1e:8f:ea:5a:2d:85:c4:a5:77:
6d:cb:be:d4:98:f3:85:6d:54:0f:a5:cf:24:f6:ea:d6:e0:b9:
69:0b:c5:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCWsdOJJCjWCwj4gFPPD2Q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwNzA5MDg1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJjMmY5MTM0ZmI2MWNjYzU4NmE0ZjU4MzQ4ZDZiNTY3Y2RhZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw1lr+83ECrko6RzIEvIgPHfYRw7
n27AVemEdw60qknM3iHFwG3HG4bbZbv6GBw/OersiXmHNQywQHhJkutgpCtHeDe6
3T6ty6WlHr0Ig7+5ct/yetlSEoApDidlOB+4NoUXKm+k9CETCsn6jswo9TqC+7Du
sflHaWMuurWUCjJKdoikxD+vd6R+ltfJmGV/3o+5XdOsJXm1O+l03/sTB8yVv8p4
G/S1BQrvm8bVN3cvd26LwyP0qoGpiu/PZe3DjBtYxr7gxVsdKmGLW4vVT0He9aLO
/fwa+TjilorOgQtp9wB08SAZ+1hDTCz1vggJ5cDR8TUd8hX8bveqNLvblwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAu8L5E0+2HMxYak9YNI1rVnza26MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvQzd3dmtUVDdZY3pGaHFUMWcwald0V2ZOcmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1eJ1MA0G
CSqGSIb3DQEBCwUAA4IBAQDTv/bz6xjONAmxFQb81r2T+pXtCmlkOaIfzoiOnhYV
Mr7xkiDZTpnjbHvGHhmhLNx5TgEY+8jf2dpsxqC3SSkJDZ7I4c6wGP4Bm1Qq83rX
eNqsvLeA7VcexinC6Gw6lv0cRzFKO+SkyVfMbrqceV92/D2liRlRqO6GKXCRFBwv
QJ1jePnmk0p27rUd/wgoZlNNIRByQlO0hXOX6UHeZ9+xfQNhts/ycz9Lv5oZWtlI
t9s7Kaf97qNl3ej7UN4InYKRCTQ2KcCZqgls7KhJ08eW+NQGnHC4QgGeXhFydfIc
maEej+paLYXEpXdty77UmPOFbVQPpc8k9urW4LlpC8Vt
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:52:16 2025 by rpki-client