Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/h2OgYTpY12KiDAk0g2j7ZJ6WTZA.roa
File: h2OgYTpY12KiDAk0g2j7ZJ6WTZA.roa (raw, json)
Hash identifier: Nr+bei4j6kyKqvsQTx9xKqHct15O3/FKg1H3rpUOjNQ=
Subject key identifier: 87:63:A0:61:3A:58:D7:62:A2:0C:09:34:83:68:FB:64:9E:96:4D:90
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01941FFA8BE91DA98FAF9EAE6087B72E4935
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/h2OgYTpY12KiDAk0g2j7ZJ6WTZA.roa
Signing time: Wed 01 Jan 2025 03:48:21 +0000
ROA not before: Wed 01 Jan 2025 03:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134729
IP address blocks: 95.82.48.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:8b:e9:1d:a9:8f:af:9e:ae:60:87:b7:2e:49:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 1 03:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8763a0613a58d762a20c09348368fb649e964d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:d3:78:44:8f:e3:0c:45:1b:0c:19:05:02:
b7:1f:17:6f:8e:0b:6c:4c:f6:48:ae:56:2f:bb:f3:
63:a7:ea:6a:2a:69:39:e2:bc:22:ee:66:10:fb:d2:
04:93:97:e5:1a:33:67:c4:01:e2:0f:fd:c3:94:cc:
e5:a7:4a:21:75:37:2e:1f:7e:5d:c4:59:14:19:1a:
54:6b:2e:a4:75:bc:90:50:a7:c1:4f:2a:8f:ae:54:
a2:49:a5:9b:32:07:40:64:29:4d:3b:9d:60:ba:b0:
15:3b:48:29:64:be:7a:a1:ad:89:77:41:9e:5e:94:
b4:aa:83:2d:49:a6:98:9e:43:94:5e:06:9a:e1:c1:
c1:d4:d2:a3:74:40:ac:9e:e9:6e:31:3a:27:4f:91:
ea:a1:d4:65:04:a0:95:8b:f5:fb:c1:8e:ac:5b:a7:
8a:42:a7:4a:84:33:a9:5d:e4:80:ef:d1:6a:c3:a7:
86:d0:87:e2:fe:89:00:b6:3f:aa:e7:57:24:50:e7:
29:28:dc:d3:04:fb:a0:e3:f9:2a:37:e6:ed:17:a9:
e7:1b:19:fd:ec:cf:76:44:66:b1:db:8f:02:2d:06:
b4:ee:b2:99:4a:b5:02:ad:18:e2:2a:e9:fc:47:ef:
6c:7b:ff:6e:a1:56:a5:5e:6d:e6:29:bb:fd:1e:a2:
cc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:63:A0:61:3A:58:D7:62:A2:0C:09:34:83:68:FB:64:9E:96:4D:90
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/h2OgYTpY12KiDAk0g2j7ZJ6WTZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.48.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:7e:f6:96:13:a3:e6:8e:1e:06:c0:f5:26:17:8d:f2:e1:81:
e2:32:d9:17:1d:0e:61:1f:d5:fd:0c:c6:cc:b9:37:1b:bf:9b:
38:37:e4:71:97:dd:69:a1:a8:11:6f:20:e8:34:d3:2d:cf:24:
fe:6d:1d:50:0d:eb:3a:cf:c2:45:59:d3:61:b5:92:73:7d:86:
6b:31:42:fc:6f:58:ed:db:e3:2d:10:10:0a:f7:af:cb:d3:1a:
c6:c2:fa:79:76:c9:8e:23:a0:ac:f6:12:5f:c5:d3:6e:38:44:
83:51:f4:7d:e5:99:61:18:a0:ed:d1:61:d3:d4:e9:c3:a4:ad:
40:d5:de:4b:90:33:e9:c8:bc:07:77:a2:fe:bc:ee:f6:6a:24:
eb:d0:97:71:53:33:b4:1c:6c:f6:85:53:a7:15:55:83:d2:e4:
f5:c6:e0:2a:fb:82:73:f7:9a:7b:01:79:01:d5:76:62:63:5f:
2e:c1:84:7f:b1:c9:e2:e9:b3:87:84:ae:f4:44:cb:83:9b:ec:
bc:42:05:a5:83:f3:74:41:8b:e3:0e:4d:f3:d0:16:25:e1:58:
76:e9:96:88:7d:ac:03:8b:c0:f6:59:1b:d2:4d:6b:26:25:9d:
05:a7:ef:24:75:c3:10:b6:b8:81:94:26:38:76:e8:1b:3e:af:
f3:96:07:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ovpHamPr56uYIe3Lkk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwMTAxMDM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYzYTA2MTNhNThkNzYyYTIwYzA5MzQ4MzY4ZmI2NDllOTY0ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn/TeESP4wxFGwwZBQK3Hxdvjgts
TPZIrlYvu/Njp+pqKmk54rwi7mYQ+9IEk5flGjNnxAHiD/3DlMzlp0ohdTcuH35d
xFkUGRpUay6kdbyQUKfBTyqPrlSiSaWbMgdAZClNO51gurAVO0gpZL56oa2Jd0Ge
XpS0qoMtSaaYnkOUXgaa4cHB1NKjdECsnuluMTonT5HqodRlBKCVi/X7wY6sW6eK
QqdKhDOpXeSA79Fqw6eG0Ifi/okAtj+q51ckUOcpKNzTBPug4/kqN+btF6nnGxn9
7M92RGax248CLQa07rKZSrUCrRjiKun8R+9se/9uoValXm3mKbv9HqLMwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdjoGE6WNdiogwJNINo+2Selk2QMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvaDJPZ1lUcFkxMktpREFrMGcyajdaSjZXVFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEX1IwMA0G
CSqGSIb3DQEBCwUAA4IBAQArfvaWE6Pmjh4GwPUmF43y4YHiMtkXHQ5hH9X9DMbM
uTcbv5s4N+Rxl91poagRbyDoNNMtzyT+bR1QDes6z8JFWdNhtZJzfYZrMUL8b1jt
2+MtEBAK96/L0xrGwvp5dsmOI6Cs9hJfxdNuOESDUfR95ZlhGKDt0WHT1OnDpK1A
1d5LkDPpyLwHd6L+vO72aiTr0JdxUzO0HGz2hVOnFVWD0uT1xuAq+4Jz95p7AXkB
1XZiY18uwYR/scni6bOHhK70RMuDm+y8QgWlg/N0QYvjDk3z0BYl4Vh26ZaIfawD
i8D2WRvSTWsmJZ0Fp+8kdcMQtriBlCY4dugbPq/zlgfB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:34 2025 by rpki-client