Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/tpaWvqilus89DJLqG479PuDLPN8.roa
File: tpaWvqilus89DJLqG479PuDLPN8.roa (raw, json)
Hash identifier: ozJBRQSIAir/sS6xBgKqt6141l+dHObsybWnZgDjAZo=
Subject key identifier: B6:96:96:BE:A8:A5:BA:CF:3D:0C:92:EA:1B:8E:FD:3E:E0:CB:3C:DF
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 0977E89F
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/tpaWvqilus89DJLqG479PuDLPN8.roa
Signing time: Sat 01 Jan 2022 13:07:16 +0000
ROA not before: Sat 01 Jan 2022 13:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41269
IP address blocks: 212.110.158.0/24 maxlen: 24
193.47.166.0/24 maxlen: 24
193.238.108.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158853279 (0x977e89f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Jan 1 13:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b69696bea8a5bacf3d0c92ea1b8efd3ee0cb3cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e3:4c:8c:38:c4:70:92:f8:12:35:9d:4e:8c:
ae:55:6d:c0:03:b6:4e:17:63:a2:32:fc:9b:fe:c7:
47:66:35:ff:a5:30:6b:28:f8:5a:5c:ce:2c:f1:63:
07:60:96:05:6b:6a:79:be:e7:69:f6:fe:a1:90:17:
51:dd:0c:fe:41:7a:45:97:04:e4:a8:36:fc:19:bd:
e7:99:5d:5c:c8:c1:bf:e8:34:fc:21:11:5d:de:7f:
77:95:db:39:7e:85:7e:91:37:d0:6f:88:dc:a3:46:
cb:e9:6e:dd:a6:a6:8e:a5:34:1b:77:a3:af:0c:dc:
22:24:94:68:b5:fc:f4:b1:0d:65:fa:ad:06:29:51:
27:6d:6a:26:c6:07:ec:da:80:60:83:d2:d4:a0:64:
62:22:18:40:1e:be:9f:5d:bb:a7:c7:82:36:d2:3a:
67:6d:5c:79:60:e3:19:7b:f9:15:2f:b9:34:5d:63:
c3:31:ab:8a:6a:4f:02:aa:14:6e:2e:9d:33:2d:1c:
a5:a4:68:5a:fd:c4:27:61:08:c2:17:3b:7b:a3:73:
38:e0:1f:1d:ea:e1:fd:4e:9e:f2:ab:15:ea:c5:cc:
bb:7b:96:e0:10:65:45:3d:f0:28:8b:09:fc:11:c2:
75:de:71:4e:35:27:d9:06:88:5b:c1:5a:35:e2:c0:
92:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:96:96:BE:A8:A5:BA:CF:3D:0C:92:EA:1B:8E:FD:3E:E0:CB:3C:DF
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/tpaWvqilus89DJLqG479PuDLPN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.166.0/24
193.238.108.0/24
212.110.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:f4:cd:75:a7:58:6d:e8:0b:fc:d2:f5:12:8f:5c:a1:cf:b0:
a5:65:fb:5a:36:0a:31:a5:79:47:5b:1d:41:3c:a2:9b:d9:fa:
ad:05:f9:06:d1:90:87:c2:d6:b7:31:a6:2d:d4:a7:44:bf:75:
6d:b2:23:6d:70:6a:3f:dd:9c:34:4a:08:c3:fe:47:3f:5c:f2:
8c:88:04:4b:66:dd:3a:54:a6:2d:4d:4a:ba:05:cf:d8:9c:1c:
8c:01:68:b7:8e:d8:44:f6:a6:9b:cd:af:52:a0:1e:a5:a0:03:
d0:ce:04:b9:f4:99:34:4d:d5:d7:f2:3b:2e:fb:02:3d:22:2e:
49:9d:3e:a2:23:41:f6:73:8b:40:54:8b:c3:db:da:c1:49:cd:
59:a8:53:e8:c8:ad:28:32:5f:6a:5e:f7:35:8c:20:96:51:ee:
5d:5b:33:31:41:ea:d1:b2:26:0e:6d:b2:d0:ee:a1:51:a2:1a:
d5:2c:9f:19:6f:bf:54:08:c0:0b:d3:6f:fd:93:83:4f:8d:ca:
ee:99:2d:f3:09:d0:0b:59:30:1e:97:ee:5c:3f:f6:2a:5c:98:
2e:de:23:39:72:7a:f8:15:f1:df:e8:9f:b6:e7:10:e0:d4:ef:
96:ca:9f:d7:2e:bb:51:f0:00:34:41:3b:60:c1:5b:23:c2:d2:
b6:34:6b:9e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECXfonzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTJlY2U5YzlhMzI0ZDQ1YzM1Zjk1NTlmMzI5ZDg4NjlkYWI1M2JhMB4XDTIyMDEw
MTEzMDcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY5Njk2YmVhOGE1
YmFjZjNkMGM5MmVhMWI4ZWZkM2VlMGNiM2NkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXjTIw4xHCS+BI1nU6MrlVtwAO2ThdjojL8m/7HR2Y1/6Uw
ayj4WlzOLPFjB2CWBWtqeb7nafb+oZAXUd0M/kF6RZcE5Kg2/Bm955ldXMjBv+g0
/CERXd5/d5XbOX6FfpE30G+I3KNGy+lu3aamjqU0G3ejrwzcIiSUaLX89LENZfqt
BilRJ21qJsYH7NqAYIPS1KBkYiIYQB6+n127p8eCNtI6Z21ceWDjGXv5FS+5NF1j
wzGrimpPAqoUbi6dMy0cpaRoWv3EJ2EIwhc7e6NzOOAfHerh/U6e8qsV6sXMu3uW
4BBlRT3wKIsJ/BHCdd5xTjUn2QaIW8FaNeLAkpMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS2lpa+qKW6zz0Mkuobjv0+4Ms83zAfBgNVHSMEGDAWgBSFLs6cmjJNRcNf
lVnzKdiGnatTujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hTN09uSm95VFVYRFg1Vlo4eW5ZaHAyclU3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvZDNjY2U2LWI0N2ItNGQwNi1hMzBmLWViMjQxMWQyMTJhYi8x
L3RwYVd2cWlsdXM4OURKTHFHNDc5UHVETFBOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
ZDNjY2U2LWI0N2ItNGQwNi1hMzBmLWViMjQxMWQyMTJhYi8xL2hTN09uSm95VFVY
RFg1Vlo4eW5ZaHAyclU3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMEvpgMEAMHubAMEANRunjANBgkq
hkiG9w0BAQsFAAOCAQEAmvTNdadYbegL/NL1Eo9coc+wpWX7WjYKMaV5R1sdQTyi
m9n6rQX5BtGQh8LWtzGmLdSnRL91bbIjbXBqP92cNEoIw/5HP1zyjIgES2bdOlSm
LU1KugXP2JwcjAFot47YRPamm82vUqAepaAD0M4EufSZNE3V1/I7LvsCPSIuSZ0+
oiNB9nOLQFSLw9vawUnNWahT6MitKDJfal73NYwgllHuXVszMUHq0bImDm2y0O6h
UaIa1SyfGW+/VAjAC9Nv/ZODT43K7pkt8wnQC1kwHpfuXD/2KlyYLt4jOXJ6+BXx
3+iftucQ4NTvlsqf1y67UfAANEE7YMFbI8LStjRrng==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:36:28 2025 by rpki-client