Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/OERk1SVyx9KqqKPnUK0ofrPMNNM.roa
File: OERk1SVyx9KqqKPnUK0ofrPMNNM.roa (raw, json)
Hash identifier: 3drTkDYfQsMKzcRYB2yq05RPjO2zvZikM6R9uU8As0g=
Subject key identifier: 38:44:64:D5:25:72:C7:D2:AA:A8:A3:E7:50:AD:28:7E:B3:CC:34:D3
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0182CF5090522B3041AC059577031F624750
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/OERk1SVyx9KqqKPnUK0ofrPMNNM.roa
Signing time: Wed 24 Aug 2022 10:05:39 +0000
ROA not before: Wed 24 Aug 2022 10:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44547
IP address blocks: 193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
84.54.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cf:50:90:52:2b:30:41:ac:05:95:77:03:1f:62:47:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Aug 24 10:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=384464d52572c7d2aaa8a3e750ad287eb3cc34d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:74:d8:5f:8e:49:cd:a5:8b:79:5e:59:42:f0:
0d:26:a3:b2:43:23:45:93:47:6b:a1:30:ad:31:25:
f3:5f:4e:0a:47:eb:a6:d6:20:27:b3:c4:04:12:1b:
a2:9f:4b:d2:6b:0d:a5:91:b0:a3:89:60:01:e0:ba:
3d:09:c2:c2:41:45:7f:28:e2:c1:fd:bf:aa:dd:5d:
77:94:14:77:73:6f:aa:f3:c1:41:54:d5:bc:db:51:
b0:04:24:b3:60:0a:b7:2d:84:3d:c8:4b:7e:c5:a8:
78:03:45:da:ea:48:48:82:14:dd:e8:65:66:a0:df:
de:f8:c2:78:49:72:af:2b:fe:0b:fb:3f:0e:ba:47:
df:c2:54:5c:c2:5b:f4:70:0d:00:fb:18:6a:d0:b4:
cf:fd:d7:58:8f:65:91:50:d5:8d:22:c5:44:f5:6f:
14:f3:2b:ab:fd:e2:ef:e3:34:fd:26:da:f1:95:eb:
1a:53:a0:9e:e1:ef:f4:99:00:14:1a:80:2f:24:fb:
93:fe:d4:f7:c5:91:7e:4e:c3:44:5f:a3:ea:2a:85:
83:64:87:b6:68:9e:fe:5c:49:ec:de:12:5f:1a:81:
5c:e2:f0:40:bf:93:a0:a6:4b:b7:e9:60:74:e7:00:
b4:46:d2:cd:4a:d2:db:fd:ff:1e:b0:d0:3b:23:4f:
c4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:44:64:D5:25:72:C7:D2:AA:A8:A3:E7:50:AD:28:7E:B3:CC:34:D3
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/OERk1SVyx9KqqKPnUK0ofrPMNNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:c4:3e:15:61:c6:d8:4f:66:96:bc:ac:f0:20:3a:2c:54:04:
f3:3e:0a:54:14:cc:1f:08:c2:6a:2a:0d:43:3f:b7:b2:f2:39:
df:e9:81:ae:d1:df:40:57:db:9c:85:70:58:2e:6a:e9:ac:e6:
df:73:22:d7:d9:56:c2:70:a9:09:4d:50:1b:95:9b:cf:ab:29:
91:24:51:47:52:88:d4:25:ba:df:0e:61:c1:87:4e:74:f0:6c:
65:af:47:c5:f2:89:22:dc:cd:53:9e:37:03:69:72:dc:24:a4:
b2:57:dd:83:87:64:38:84:c5:27:d2:48:6f:f0:67:56:de:10:
7f:0a:9b:fe:27:b4:60:0a:32:7e:ca:82:5a:d4:88:82:7e:19:
93:13:5c:6b:8e:b4:37:f4:6d:16:16:0e:ee:9f:9a:fb:54:c0:
69:46:fd:e4:fe:68:44:08:6d:0d:73:f1:72:70:9c:26:df:79:
39:82:b0:c9:e2:28:70:e7:38:af:fa:7f:b9:0a:e4:cf:c7:a0:
6b:bd:d7:c7:93:bc:75:6b:1c:0c:bc:70:ec:89:f9:1b:9b:e3:
ed:14:c9:29:20:96:47:70:10:c2:9b:ce:5f:8c:61:74:60:6a:
55:ea:a6:6b:92:d1:d0:6c:52:6e:6a:8c:f0:3f:14:bf:17:23:
7b:2b:64:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYLPUJBSKzBBrAWVdwMfYkdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjIwODI0MTAwNTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQ0NjRkNTI1NzJjN2QyYWFhOGEzZTc1MGFkMjg3ZWIzY2MzNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHTYX45JzaWLeV5ZQvANJqOyQyNF
k0droTCtMSXzX04KR+um1iAns8QEEhuin0vSaw2lkbCjiWAB4Lo9CcLCQUV/KOLB
/b+q3V13lBR3c2+q88FBVNW821GwBCSzYAq3LYQ9yEt+xah4A0Xa6khIghTd6GVm
oN/e+MJ4SXKvK/4L+z8OukffwlRcwlv0cA0A+xhq0LTP/ddYj2WRUNWNIsVE9W8U
8yur/eLv4zT9JtrxlesaU6Ce4e/0mQAUGoAvJPuT/tT3xZF+TsNEX6PqKoWDZIe2
aJ7+XEns3hJfGoFc4vBAv5Ogpku36WB05wC0RtLNStLb/f8esNA7I0/ENQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDhEZNUlcsfSqqij51CtKH6zzDTTMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvT0VSazFTVnl4OUtxcUtQblVLMG9mclBNTk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQAaxD4VYcbYT2aWvKzw
IDosVATzPgpUFMwfCMJqKg1DP7ey8jnf6YGu0d9AV9uchXBYLmrprObfcyLX2VbC
cKkJTVAblZvPqymRJFFHUojUJbrfDmHBh0508Gxlr0fF8oki3M1TnjcDaXLcJKSy
V92Dh2Q4hMUn0khv8GdW3hB/Cpv+J7RgCjJ+yoJa1IiCfhmTE1xrjrQ39G0WFg7u
n5r7VMBpRv3k/mhECG0Nc/FycJwm33k5grDJ4ihw5ziv+n+5CuTPx6BrvdfHk7x1
axwMvHDsifkbm+PtFMkpIJZHcBDCm85fjGF0YGpV6qZrktHQbFJuaozwPxS/FyN7
K2TO
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:20:18 2025 by rpki-client