Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/TnpQnkQdeiSoFkMEn_qQggM4PRI.roa
File: TnpQnkQdeiSoFkMEn_qQggM4PRI.roa (raw, json)
Hash identifier: NKZ4EGKozxXT3fnVMehNS5j3SoAqSw6nS47F2M072hk=
Subject key identifier: 4E:7A:50:9E:44:1D:7A:24:A8:16:43:04:9F:FA:90:82:03:38:3D:12
Certificate issuer: /CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Certificate serial: 023EB8A4
Authority key identifier: 25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/TnpQnkQdeiSoFkMEn_qQggM4PRI.roa
Signing time: Sat 01 Jan 2022 07:04:24 +0000
ROA not before: Sat 01 Jan 2022 07:04:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.178.171.0/24 maxlen: 24
185.178.169.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37664932 (0x23eb8a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Validity
Not Before: Jan 1 07:04:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e7a509e441d7a24a81643049ffa908203383d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:81:f1:f6:ca:07:d9:1f:92:76:65:c5:04:74:
df:10:46:bf:02:48:9e:01:19:3c:6c:73:e1:f0:37:
3d:2e:d1:a8:8a:f3:62:29:f8:df:ec:73:b3:31:68:
0c:97:c5:1c:66:e6:0d:0a:ef:e8:65:6e:79:60:72:
ee:a8:1e:19:ee:55:08:28:98:4f:7e:10:1c:a6:df:
63:1d:ea:f5:d2:7b:01:b6:7d:87:e6:9a:0c:7c:4c:
81:77:f5:c3:93:79:8d:08:bd:52:c1:a0:68:4d:1d:
96:48:4b:fd:dc:c1:f1:01:3c:1d:ba:4c:ca:fe:2d:
02:9b:31:16:e6:72:cd:1b:99:0a:57:c3:a6:b3:c0:
ac:14:78:dc:fc:8f:3e:c0:a3:1f:fc:59:08:9c:a1:
26:46:3c:d5:9c:67:7f:98:b9:81:08:cf:35:61:b7:
eb:8e:2d:09:6d:67:bb:0a:d6:46:24:6d:78:41:5d:
e7:86:ee:de:0b:d4:32:2b:83:63:34:80:1c:81:de:
b3:54:ae:58:42:98:5e:6a:5a:db:60:5f:a4:72:09:
d8:2f:45:b0:1e:50:df:09:29:fc:7b:ab:fd:c1:01:
ff:80:2b:32:69:52:ac:7e:c7:70:95:d2:d0:fc:b3:
5e:7e:71:75:f9:fa:4d:b2:c5:ba:4f:85:ea:5a:75:
c4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7A:50:9E:44:1D:7A:24:A8:16:43:04:9F:FA:90:82:03:38:3D:12
X509v3 Authority Key Identifier:
keyid:25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/TnpQnkQdeiSoFkMEn_qQggM4PRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.169.0/24
185.178.171.0/24
Signature Algorithm: sha256WithRSAEncryption
82:22:8d:e0:ff:83:99:57:9e:af:b4:d4:50:19:cb:a8:0c:61:
c0:77:75:46:2f:f1:d9:25:76:e7:a6:f2:15:e5:7d:2a:8a:5c:
c9:07:e1:91:66:57:d2:48:0d:68:10:14:db:df:a2:2d:d1:51:
c8:46:2e:1e:b7:15:58:cd:39:b3:87:c5:b3:7b:c3:fa:d5:d9:
c1:88:81:35:c8:6f:c3:0e:8b:0a:09:ba:03:05:51:f4:e3:ae:
47:cb:fc:5e:71:27:4e:cb:29:d1:1e:8f:05:dc:e4:d2:05:85:
4d:2e:dc:6f:fc:ad:88:f2:78:47:c5:ec:b7:bd:0b:21:79:96:
08:ad:e7:59:7a:2a:c8:62:8a:f3:00:5e:2f:de:2b:f9:93:de:
7f:d8:86:b0:a7:9f:e9:76:b4:15:88:a7:16:1e:78:04:66:a5:
54:0a:7b:64:82:a8:00:28:eb:0f:ed:8e:02:e3:23:9e:54:9d:
6f:0b:69:0c:41:60:cc:91:cd:74:15:f7:48:e6:4a:2d:05:59:
67:13:aa:14:56:08:48:e4:77:3c:5a:17:4c:83:73:c0:02:9e:
4c:cc:95:27:d7:dd:3c:3f:4f:84:14:29:36:5b:15:8d:76:af:
c9:dd:48:17:50:35:a6:85:4e:92:72:8b:db:a6:cf:9f:5a:e7:
2b:ae:18:b3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAj64pDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWFlNTUxYWYwYmI1ZDc5NzdlYTczZjY4OTZmMjVmMWVjYTI4ZjlkMB4XDTIyMDEw
MTA3MDQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU3YTUwOWU0NDFk
N2EyNGE4MTY0MzA0OWZmYTkwODIwMzM4M2QxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCB8fbKB9kfknZlxQR03xBGvwJIngEZPGxz4fA3PS7RqIrz
Yin43+xzszFoDJfFHGbmDQrv6GVueWBy7qgeGe5VCCiYT34QHKbfYx3q9dJ7AbZ9
h+aaDHxMgXf1w5N5jQi9UsGgaE0dlkhL/dzB8QE8HbpMyv4tApsxFuZyzRuZClfD
prPArBR43PyPPsCjH/xZCJyhJkY81Zxnf5i5gQjPNWG3644tCW1nuwrWRiRteEFd
54bu3gvUMiuDYzSAHIHes1SuWEKYXmpa22BfpHIJ2C9FsB5Q3wkp/Hur/cEB/4Ar
MmlSrH7HcJXS0PyzXn5xdfn6TbLFuk+F6lp1xGkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBROelCeRB16JKgWQwSf+pCCAzg9EjAfBgNVHSMEGDAWgBQlrlUa8LtdeXfq
c/aJbyXx7KKPnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0phNVZHdkM3WFhsMzZuUDJpVzhsOGV5aWo1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNDJmODFiLWM0MmMtNDI1NC1hYmI5LTIxNDJmOGZiNjc2ZS8x
L1RucFFua1FkZWlTb0ZrTUVuX3FRZ2dNNFBSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NDJmODFiLWM0MmMtNDI1NC1hYmI5LTIxNDJmOGZiNjc2ZS8xL0phNVZHdkM3WFhs
MzZuUDJpVzhsOGV5aWo1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmyqQMEALmyqzANBgkqhkiG9w0B
AQsFAAOCAQEAgiKN4P+DmVeer7TUUBnLqAxhwHd1Ri/x2SV256byFeV9KopcyQfh
kWZX0kgNaBAU29+iLdFRyEYuHrcVWM05s4fFs3vD+tXZwYiBNchvww6LCgm6AwVR
9OOuR8v8XnEnTssp0R6PBdzk0gWFTS7cb/ytiPJ4R8Xst70LIXmWCK3nWXoqyGKK
8wBeL94r+ZPef9iGsKef6Xa0FYinFh54BGalVAp7ZIKoACjrD+2OAuMjnlSdbwtp
DEFgzJHNdBX3SOZKLQVZZxOqFFYISOR3PFoXTINzwAKeTMyVJ9fdPD9PhBQpNlsV
jXavyd1IF1A1poVOknKL26bPn1rnK64Ysw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:31:56 2025 by rpki-client