Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/w9L85L7pVZ1sTRg7Pyke54JmUqc.roa
File: w9L85L7pVZ1sTRg7Pyke54JmUqc.roa (raw, json)
Hash identifier: FD3kZrMQCFFmNw9nVHdUVT9yDihwLXHtNzMXQlDd9Qk=
Subject key identifier: C3:D2:FC:E4:BE:E9:55:9D:6C:4D:18:3B:3F:29:1E:E7:82:66:52:A7
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018AB1ECCB13939C3944EACCBE31DA9A933D
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/w9L85L7pVZ1sTRg7Pyke54JmUqc.roa
Signing time: Wed 20 Sep 2023 09:30:00 +0000
ROA not before: Wed 20 Sep 2023 09:30:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61347
IP address blocks: 213.226.116.0/24 maxlen: 24
84.54.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:ec:cb:13:93:9c:39:44:ea:cc:be:31:da:9a:93:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Sep 20 09:30:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3d2fce4bee9559d6c4d183b3f291ee7826652a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c3:b7:07:21:e5:52:2c:d3:78:c6:c4:77:67:
1f:1d:18:59:bc:cb:c5:b2:a8:81:4e:4e:dd:8a:45:
b9:6f:46:15:1c:a0:dc:84:9b:0c:b4:91:94:fd:dd:
8d:ac:a9:03:b6:dc:a2:6e:49:88:17:7f:2b:e4:fe:
5f:aa:97:f0:80:50:ae:d3:d8:c6:a5:db:89:8f:b8:
57:29:7d:4c:4c:21:42:4a:a8:b9:ff:07:8d:ac:16:
a1:f1:5a:5d:08:51:89:a2:21:44:3f:83:c3:60:4d:
39:21:89:ae:a9:43:53:76:bf:8f:1c:f7:3b:5e:17:
8d:d5:1f:1a:00:da:70:10:71:0d:88:d6:92:6c:f9:
b8:f0:37:45:18:38:86:88:8e:96:73:c8:bc:25:d3:
e9:d1:f2:25:14:fd:2e:4f:d8:fc:5b:4e:5e:31:d3:
ab:ca:09:77:25:bc:ce:6c:c2:0d:ad:f8:fb:6d:8c:
bb:eb:5b:79:52:fe:bc:ec:d0:41:27:f8:d3:99:bc:
81:84:d7:ec:10:c7:5e:9b:54:bd:1c:11:6b:2e:82:
63:36:af:8f:19:91:32:a6:f0:9b:21:2b:40:91:68:
b2:03:2a:7e:4d:83:f9:9e:94:c4:0f:21:e2:2d:b5:
3a:0f:69:50:9a:34:13:81:31:1b:a4:b8:80:a1:2d:
dc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D2:FC:E4:BE:E9:55:9D:6C:4D:18:3B:3F:29:1E:E7:82:66:52:A7
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/w9L85L7pVZ1sTRg7Pyke54JmUqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.15.0/24
213.226.116.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:44:28:a2:26:82:47:74:59:e5:18:da:f9:03:23:92:69:12:
53:02:82:6b:20:52:27:97:3b:87:5c:ea:d2:c5:8a:c0:6f:8d:
aa:91:52:ee:0e:6f:26:13:8c:49:41:cc:c7:f0:70:b5:af:3a:
c1:a0:5c:8c:17:cb:87:43:b5:5d:12:ff:ed:ed:34:a2:85:bc:
89:c3:b2:50:ce:79:f7:ae:64:fd:bd:e3:f3:2c:83:9d:1f:36:
ac:81:3c:cb:1a:97:7c:44:3c:e3:c8:38:81:30:9b:61:f1:39:
24:2e:c8:a0:9c:86:3f:08:22:c7:a0:93:5a:6d:73:7e:2a:64:
e8:be:12:9e:eb:c8:6b:84:ff:9c:b4:0f:1a:08:ac:5f:c9:ee:
54:d0:12:85:b5:33:bb:36:28:6c:59:e5:f6:a2:58:59:d7:de:
42:4c:dd:f1:fb:5d:d0:25:ac:9c:20:ad:93:0f:78:5c:be:c3:
c2:5c:cc:22:ef:de:a8:67:8c:9f:a0:db:2c:1c:80:4d:3e:cc:
be:b1:9f:47:6f:2f:3f:16:0c:42:ec:c6:f2:fc:00:df:d3:11:
f0:ba:f1:49:18:4e:b2:e9:37:5c:ce:2a:8b:1a:e5:b8:3b:c3:
7b:5e:12:d9:fa:df:38:17:9b:26:1e:8f:3d:20:fb:d5:c4:0c:
ef:c8:25:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqx7MsTk5w5ROrMvjHampM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwOTIwMDkzMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2QyZmNlNGJlZTk1NTlkNmM0ZDE4M2IzZjI5MWVlNzgyNjY1MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMO3ByHlUizTeMbEd2cfHRhZvMvF
sqiBTk7dikW5b0YVHKDchJsMtJGU/d2NrKkDttyibkmIF38r5P5fqpfwgFCu09jG
pduJj7hXKX1MTCFCSqi5/weNrBah8VpdCFGJoiFEP4PDYE05IYmuqUNTdr+PHPc7
XheN1R8aANpwEHENiNaSbPm48DdFGDiGiI6Wc8i8JdPp0fIlFP0uT9j8W05eMdOr
ygl3JbzObMINrfj7bYy761t5Uv687NBBJ/jTmbyBhNfsEMdem1S9HBFrLoJjNq+P
GZEypvCbIStAkWiyAyp+TYP5npTEDyHiLbU6D2lQmjQTgTEbpLiAoS3cywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMPS/OS+6VWdbE0YOz8pHueCZlKnMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvdzlMODVMN3BWWjFzVFJnN1B5a2U1NEptVXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVDYPAwQA
1eJ0MA0GCSqGSIb3DQEBCwUAA4IBAQB/RCiiJoJHdFnlGNr5AyOSaRJTAoJrIFIn
lzuHXOrSxYrAb42qkVLuDm8mE4xJQczH8HC1rzrBoFyMF8uHQ7VdEv/t7TSihbyJ
w7JQznn3rmT9vePzLIOdHzasgTzLGpd8RDzjyDiBMJth8TkkLsignIY/CCLHoJNa
bXN+KmTovhKe68hrhP+ctA8aCKxfye5U0BKFtTO7NihsWeX2olhZ195CTN3x+13Q
JaycIK2TD3hcvsPCXMwi796oZ4yfoNssHIBNPsy+sZ9Hby8/FgxC7Mby/ADf0xHw
uvFJGE6y6TdcziqLGuW4O8N7XhLZ+t84F5smHo89IPvVxAzvyCVp
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:45:37 2025 by rpki-client