Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/dOefqSO8amy2E9QvbrvHjS5e52c.roa
File: dOefqSO8amy2E9QvbrvHjS5e52c.roa (raw, json)
Hash identifier: IIFICbp4kA+Dz3VKQMl5mz80L5qWjoMtqttgiYC81hQ=
Subject key identifier: 74:E7:9F:A9:23:BC:6A:6C:B6:13:D4:2F:6E:BB:C7:8D:2E:5E:E7:67
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01912CDF8DF01AFD34CE9B9131FF090A2B1C
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/dOefqSO8amy2E9QvbrvHjS5e52c.roa
Signing time: Wed 07 Aug 2024 12:45:34 +0000
ROA not before: Wed 07 Aug 2024 12:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 176.98.41.0/24 maxlen: 24
193.31.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:df:8d:f0:1a:fd:34:ce:9b:91:31:ff:09:0a:2b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Aug 7 12:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74e79fa923bc6a6cb613d42f6ebbc78d2e5ee767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0b:31:17:51:46:79:8e:0d:bc:b6:93:12:ef:
db:7e:66:28:84:bf:ba:3b:8c:fb:e0:c6:bf:40:14:
62:c6:11:3b:4a:3c:d3:72:94:8c:0f:22:1b:01:96:
39:dd:50:bb:0f:b0:1e:69:ec:99:69:0a:b2:f6:dc:
d3:e8:37:ab:86:e0:39:f9:34:d4:5e:af:6c:30:6a:
b8:3c:d7:8e:87:6b:d4:80:ae:88:d9:a6:a2:7b:69:
39:c9:2f:32:de:cf:41:ae:30:40:2b:cd:92:2a:c8:
8c:1c:35:c3:b6:19:21:dd:ed:69:36:90:f2:39:0c:
90:8a:9d:c2:51:e0:02:41:1b:f1:d2:fe:7d:44:cb:
3e:de:f5:ed:56:39:de:6d:ef:25:91:bb:74:d0:6d:
f3:68:97:b5:62:e0:3b:ef:b1:31:49:83:b9:9a:3a:
a6:3b:3e:41:0e:e7:36:ad:a4:9c:cb:22:6d:7d:bc:
24:14:77:f0:ac:52:77:79:33:32:a0:d1:af:1b:97:
95:e4:64:05:5e:b5:d3:e1:90:8f:d3:00:50:46:2e:
7f:f0:be:60:8e:14:a8:83:82:ae:81:50:dd:66:0f:
fc:b6:43:af:75:64:73:3c:12:0b:c5:9b:46:d7:13:
dd:69:9f:1f:56:8c:e0:cd:e3:84:2b:f6:07:f7:83:
97:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E7:9F:A9:23:BC:6A:6C:B6:13:D4:2F:6E:BB:C7:8D:2E:5E:E7:67
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/dOefqSO8amy2E9QvbrvHjS5e52c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.41.0/24
193.31.116.0/24
Signature Algorithm: sha256WithRSAEncryption
e4:c6:50:54:1a:51:18:6a:df:58:8d:00:e4:1a:f2:0b:bc:f9:
5a:dc:0b:14:b5:53:fc:25:f9:a4:ca:4e:7e:9f:ad:ab:d8:43:
4c:99:d8:3b:6b:ab:89:fe:e3:80:43:07:40:83:27:5e:4b:82:
cd:88:31:fc:b2:33:92:3d:3a:f9:2e:08:2f:14:43:bf:f5:5e:
05:bc:f0:b1:b1:c5:e8:e9:c0:b5:f6:cb:2b:4c:6c:01:a8:cb:
83:3f:27:33:c3:95:8f:77:fe:af:94:07:e3:fd:92:15:7a:9c:
42:e8:31:9d:84:14:3f:cc:e2:9d:e8:03:f3:68:32:60:a3:e5:
41:23:70:01:05:4d:13:6a:68:cc:d8:a3:88:aa:4a:c3:66:d5:
fd:55:97:75:03:96:dc:3c:97:c3:37:a4:b0:bc:e7:cb:09:8e:
40:c7:39:3c:84:89:9f:fc:93:4e:e2:60:28:23:32:c8:8e:e6:
f5:fd:4a:b0:c8:2f:21:15:f4:5f:ab:58:3e:c2:c3:3b:db:57:
d7:73:18:b6:5a:32:ad:54:60:80:e2:9f:77:c1:31:86:5e:89:
9b:01:94:30:8d:04:8f:d3:e3:c3:c5:cf:61:4e:d5:29:5d:d2:
87:91:40:04:08:11:c5:04:96:51:b8:d4:e7:8f:08:37:7c:61:
2f:2d:92:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEs343wGv00zpuRMf8JCiscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwODA3MTI0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU3OWZhOTIzYmM2YTZjYjYxM2Q0MmY2ZWJiYzc4ZDJlNWVlNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gsxF1FGeY4NvLaTEu/bfmYohL+6
O4z74Ma/QBRixhE7SjzTcpSMDyIbAZY53VC7D7AeaeyZaQqy9tzT6DerhuA5+TTU
Xq9sMGq4PNeOh2vUgK6I2aaie2k5yS8y3s9BrjBAK82SKsiMHDXDthkh3e1pNpDy
OQyQip3CUeACQRvx0v59RMs+3vXtVjnebe8lkbt00G3zaJe1YuA777ExSYO5mjqm
Oz5BDuc2raScyyJtfbwkFHfwrFJ3eTMyoNGvG5eV5GQFXrXT4ZCP0wBQRi5/8L5g
jhSog4KugVDdZg/8tkOvdWRzPBILxZtG1xPdaZ8fVozgzeOEK/YH94OXDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTnn6kjvGpsthPUL267x40uXudnMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvZE9lZnFTTzhhbXkyRTlRdmJydkhqUzVlNTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGIpAwQA
wR90MA0GCSqGSIb3DQEBCwUAA4IBAQDkxlBUGlEYat9YjQDkGvILvPla3AsUtVP8
Jfmkyk5+n62r2ENMmdg7a6uJ/uOAQwdAgydeS4LNiDH8sjOSPTr5LggvFEO/9V4F
vPCxscXo6cC19ssrTGwBqMuDPyczw5WPd/6vlAfj/ZIVepxC6DGdhBQ/zOKd6APz
aDJgo+VBI3ABBU0TamjM2KOIqkrDZtX9VZd1A5bcPJfDN6SwvOfLCY5Axzk8hImf
/JNO4mAoIzLIjub1/UqwyC8hFfRfq1g+wsM721fXcxi2WjKtVGCA4p93wTGGXomb
AZQwjQSP0+PDxc9hTtUpXdKHkUAECBHFBJZRuNTnjwg3fGEvLZJ6
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:25:36 2025 by rpki-client