Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/w5fdxUCnzSFKiXI1ImVbBC4SeDA.roa
File: w5fdxUCnzSFKiXI1ImVbBC4SeDA.roa (raw, json)
Hash identifier: j250Y5u58ft3pS8OJX75/Jvmt4Q8iahqmTSQJYcWoZA=
Subject key identifier: C3:97:DD:C5:40:A7:CD:21:4A:89:72:35:22:65:5B:04:2E:12:78:30
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0A0018E4
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/w5fdxUCnzSFKiXI1ImVbBC4SeDA.roa
Signing time: Sat 01 Jan 2022 11:56:02 +0000
ROA not before: Sat 01 Jan 2022 11:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212953
IP address blocks: 176.98.41.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167778532 (0xa0018e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 1 11:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c397ddc540a7cd214a89723522655b042e127830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:44:81:20:4c:4b:0d:c4:dc:71:55:ac:9c:61:
8f:08:fb:38:d3:6b:20:53:e8:3c:0d:8b:d8:d1:02:
f0:5b:61:cb:6e:17:88:dc:05:c1:04:0b:d9:8a:4a:
b1:0c:4a:a6:d5:39:e9:2e:c7:4e:01:80:cb:3e:78:
89:41:81:16:4d:f2:58:49:51:58:4e:4a:cc:59:25:
e2:d2:55:2f:19:49:76:64:ef:37:ee:18:06:ca:5f:
b7:02:3d:3f:80:49:26:51:ed:94:bc:26:73:ac:26:
51:5f:b7:4a:b0:f4:c7:c1:fd:94:52:8a:46:4f:34:
f7:d3:1d:d9:a5:e9:e0:dc:47:f9:42:ff:9a:d9:fe:
f2:8f:40:e2:3d:81:12:ef:05:b7:65:02:87:8e:21:
36:a0:3e:de:ff:4e:e0:5c:a1:38:58:3c:f6:6f:83:
2d:01:78:3e:5d:0e:ba:80:87:14:b3:2d:9b:d2:28:
46:ef:cb:b8:17:1b:11:31:0f:1c:f3:88:6a:48:0c:
d5:07:ab:be:7f:11:2a:2c:d8:2c:e2:46:03:f7:3b:
f1:1b:55:c3:c7:0f:77:88:1c:63:aa:7b:10:67:e6:
72:56:4f:d7:fe:b3:ae:08:2e:fc:24:76:6f:fd:a9:
3a:19:4e:fe:ad:50:b6:8f:bc:c6:55:b5:8b:f8:ae:
bf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:97:DD:C5:40:A7:CD:21:4A:89:72:35:22:65:5B:04:2E:12:78:30
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/w5fdxUCnzSFKiXI1ImVbBC4SeDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.106.0/24
176.98.41.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:69:1f:8f:94:5f:03:f9:a2:c0:23:12:ae:44:88:61:f9:96:
3f:71:bc:df:b6:71:06:02:47:fe:42:d4:1d:de:00:f5:27:8c:
2b:4d:43:58:b6:c0:cb:9b:b5:b0:f2:a6:5d:90:2c:4c:05:09:
d7:52:26:28:81:b9:2e:5a:d0:89:e3:69:8b:fe:c5:2a:12:2e:
3f:95:51:d7:6c:dc:e4:50:f7:fb:b8:17:a9:59:78:e0:4f:f2:
09:65:74:82:e9:aa:f4:b6:23:c6:f7:97:32:34:d3:bd:2a:63:
07:2d:60:cf:fe:a6:04:24:17:1e:c1:d9:8e:88:37:19:1d:ae:
07:84:84:44:f7:d5:ca:5c:d1:ad:b3:6c:ad:49:bf:f3:cd:d7:
6e:13:7c:58:a7:9a:f8:e4:58:35:e0:aa:12:25:69:b7:a2:5a:
4c:50:c4:6b:62:e7:a2:03:89:a0:fc:77:79:07:bf:5a:b8:d5:
12:ff:95:12:68:f1:59:de:55:60:24:40:da:86:11:d8:9a:ce:
6b:a8:a8:85:06:a8:fd:82:3e:93:1c:ba:a7:84:08:67:03:0d:
c9:f2:6d:01:c9:57:b8:df:cc:9c:c0:3b:79:21:69:03:aa:70:
37:1b:2c:31:9d:c7:71:b1:75:50:22:72:b6:41:e6:80:9a:c5:
4d:7a:7a:b5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECgAY5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDEw
MTExNTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzM5N2RkYzU0MGE3
Y2QyMTRhODk3MjM1MjI2NTViMDQyZTEyNzgzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNEgSBMSw3E3HFVrJxhjwj7ONNrIFPoPA2L2NEC8Fthy24X
iNwFwQQL2YpKsQxKptU56S7HTgGAyz54iUGBFk3yWElRWE5KzFkl4tJVLxlJdmTv
N+4YBspftwI9P4BJJlHtlLwmc6wmUV+3SrD0x8H9lFKKRk8099Md2aXp4NxH+UL/
mtn+8o9A4j2BEu8Ft2UCh44hNqA+3v9O4FyhOFg89m+DLQF4Pl0OuoCHFLMtm9Io
Ru/LuBcbETEPHPOIakgM1Qervn8RKizYLOJGA/c78RtVw8cPd4gcY6p7EGfmclZP
1/6zrggu/CR2b/2pOhlO/q1Qto+8xlW1i/iuvxECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTDl93FQKfNIUqJcjUiZVsELhJ4MDAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L3c1ZmR4VUNuelNGS2lYSTFJbVZiQkM0U2VEQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC5magMEALBiKTANBgkqhkiG9w0B
AQsFAAOCAQEAGmkfj5RfA/miwCMSrkSIYfmWP3G837ZxBgJH/kLUHd4A9SeMK01D
WLbAy5u1sPKmXZAsTAUJ11ImKIG5LlrQieNpi/7FKhIuP5VR12zc5FD3+7gXqVl4
4E/yCWV0gumq9LYjxveXMjTTvSpjBy1gz/6mBCQXHsHZjog3GR2uB4SERPfVylzR
rbNsrUm/883XbhN8WKea+ORYNeCqEiVpt6JaTFDEa2LnogOJoPx3eQe/WrjVEv+V
EmjxWd5VYCRA2oYR2JrOa6iohQao/YI+kxy6p4QIZwMNyfJtAclXuN/MnMA7eSFp
A6pwNxssMZ3HcbF1UCJytkHmgJrFTXp6tQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:06 2025 by rpki-client