Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9cf9d4-2ce9-424b-9cf0-8aa6f6c170ff/1/XFuKkIjZ3-DEXl8CCeByf7Hj1Ec.roa
File: XFuKkIjZ3-DEXl8CCeByf7Hj1Ec.roa (raw, json)
Hash identifier: 47VqmbqniRB9D74nSlZlLLqPAaeJlEH945/hVcuNZP8=
Subject key identifier: 5C:5B:8A:90:88:D9:DF:E0:C4:5E:5F:02:09:E0:72:7F:B1:E3:D4:47
Certificate issuer: /CN=12085c540c114fc8957a0250bb49f484b74357b9
Certificate serial: 019229BC2428C2147079546E1AE9790A1152
Authority key identifier: 12:08:5C:54:0C:11:4F:C8:95:7A:02:50:BB:49:F4:84:B7:43:57:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EghcVAwRT8iVegJQu0n0hLdDV7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9cf9d4-2ce9-424b-9cf0-8aa6f6c170ff/1/XFuKkIjZ3-DEXl8CCeByf7Hj1Ec.roa
Signing time: Wed 25 Sep 2024 15:10:48 +0000
ROA not before: Wed 25 Sep 2024 15:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197984
IP address blocks: 94.230.232.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:bc:24:28:c2:14:70:79:54:6e:1a:e9:79:0a:11:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12085c540c114fc8957a0250bb49f484b74357b9
Validity
Not Before: Sep 25 15:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c5b8a9088d9dfe0c45e5f0209e0727fb1e3d447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e8:ce:75:6f:ff:32:71:f7:20:3b:80:28:40:
3d:36:89:16:ab:ff:fa:17:81:b3:55:d7:e3:8a:a0:
24:eb:74:2f:83:fb:21:7f:d2:6a:bb:2e:fc:de:8d:
9f:b9:7f:0d:82:48:80:a7:95:96:43:9d:03:7b:30:
d0:ac:e0:6f:a3:53:4c:5d:7e:23:ea:36:e5:8f:db:
7e:e7:c6:54:4b:ff:8c:53:a7:b9:1b:c6:03:05:27:
56:54:a4:57:08:13:2b:75:a8:ce:0d:30:5f:ba:64:
f0:06:76:f7:bd:13:ba:9a:8b:f8:43:0b:84:f5:ba:
24:e7:8e:60:15:24:87:ad:e1:b3:45:a5:93:44:42:
a0:60:2d:2d:61:05:a1:ac:09:70:c9:96:65:e2:6c:
24:0e:bf:74:d6:16:e0:07:c0:4e:3b:37:12:37:c3:
0a:7b:33:79:4a:e1:56:4a:b3:f7:8e:08:48:f8:08:
5c:84:a6:4c:cc:08:36:7c:f3:1f:bd:06:b4:25:9c:
e7:d0:4e:ee:54:79:14:fe:6c:2c:a0:a8:d3:e3:69:
d8:d6:ca:62:f0:f7:16:35:88:a6:a1:64:84:10:24:
51:f9:e6:7f:58:ef:0c:95:e8:43:df:a9:82:82:41:
15:d0:ab:69:5d:0a:da:4d:2f:25:ab:f1:47:17:fa:
9b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5B:8A:90:88:D9:DF:E0:C4:5E:5F:02:09:E0:72:7F:B1:E3:D4:47
X509v3 Authority Key Identifier:
keyid:12:08:5C:54:0C:11:4F:C8:95:7A:02:50:BB:49:F4:84:B7:43:57:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EghcVAwRT8iVegJQu0n0hLdDV7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9cf9d4-2ce9-424b-9cf0-8aa6f6c170ff/1/XFuKkIjZ3-DEXl8CCeByf7Hj1Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9cf9d4-2ce9-424b-9cf0-8aa6f6c170ff/1/EghcVAwRT8iVegJQu0n0hLdDV7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.232.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ef:cd:20:91:fe:cb:44:df:37:c3:61:86:aa:5f:2f:44:22:
d1:27:b6:69:73:29:1d:3b:c4:19:a0:49:37:6f:0e:73:f6:6e:
dc:41:be:bb:8a:f1:a2:94:f8:2b:e5:9a:6e:17:28:cf:dd:6f:
ca:29:8b:db:0e:62:c7:f0:b8:4c:88:cb:c5:76:ac:79:e0:7f:
d9:91:eb:f3:f1:1d:10:bf:71:85:da:51:91:cb:c2:89:d4:e9:
55:b9:22:e1:ec:90:c9:b0:0b:c5:fe:24:4e:6a:c7:88:d7:25:
06:a3:89:c2:a7:ed:a3:41:85:11:10:cc:40:d9:88:7d:13:47:
5f:e9:aa:4f:e8:eb:0d:0e:a0:4b:ee:9e:0f:36:6b:00:74:bc:
95:7d:5e:19:cb:4a:63:e3:97:4f:30:82:27:87:bb:62:85:c2:
4a:48:3c:7f:b3:a7:95:b5:61:a7:c4:c0:b1:cb:0a:f8:5d:dd:
91:86:1f:b7:ba:3d:49:f4:c6:2c:a3:3c:48:6f:99:c5:4e:14:
4b:ad:d7:65:ab:80:0d:f6:30:19:ce:cd:6f:a1:57:79:e0:a2:
52:aa:3c:28:39:a1:a4:ca:c9:79:e8:7d:54:bc:53:39:1f:e1:
86:ca:89:68:20:40:1b:14:dd:55:0a:f4:8e:2b:e2:9e:e0:63:
a0:86:59:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIpvCQowhRweVRuGul5ChFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMDg1YzU0MGMxMTRmYzg5NTdhMDI1MGJiNDlmNDg0Yjc0
MzU3YjkwHhcNMjQwOTI1MTUxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzViOGE5MDg4ZDlkZmUwYzQ1ZTVmMDIwOWUwNzI3ZmIxZTNkNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OjOdW//MnH3IDuAKEA9NokWq//6
F4GzVdfjiqAk63Qvg/shf9Jquy783o2fuX8NgkiAp5WWQ50DezDQrOBvo1NMXX4j
6jblj9t+58ZUS/+MU6e5G8YDBSdWVKRXCBMrdajODTBfumTwBnb3vRO6mov4QwuE
9bok545gFSSHreGzRaWTREKgYC0tYQWhrAlwyZZl4mwkDr901hbgB8BOOzcSN8MK
ezN5SuFWSrP3jghI+AhchKZMzAg2fPMfvQa0JZzn0E7uVHkU/mwsoKjT42nY1spi
8PcWNYimoWSEECRR+eZ/WO8MlehD36mCgkEV0KtpXQraTS8lq/FHF/qbsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxbipCI2d/gxF5fAgngcn+x49RHMB8GA1UdIwQY
MBaAFBIIXFQMEU/IlXoCULtJ9IS3Q1e5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWdoY1ZBd1JUOGlWZWdKUXUwbjBoTGREVjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85Y2Y5ZDQtMmNlOS00MjRiLTljZjAt
OGFhNmY2YzE3MGZmLzEvWEZ1S2tJalozLURFWGw4Q0NlQnlmN0hqMUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85Y2Y5ZDQtMmNlOS00MjRiLTljZjAtOGFhNmY2YzE3MGZm
LzEvRWdoY1ZBd1JUOGlWZWdKUXUwbjBoTGREVjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXuboMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ780gkf7LRN83w2GGql8vRCLRJ7ZpcykdO8QZoEk3
bw5z9m7cQb67ivGilPgr5ZpuFyjP3W/KKYvbDmLH8LhMiMvFdqx54H/Zkevz8R0Q
v3GF2lGRy8KJ1OlVuSLh7JDJsAvF/iROaseI1yUGo4nCp+2jQYUREMxA2Yh9E0df
6apP6OsNDqBL7p4PNmsAdLyVfV4Zy0pj45dPMIInh7tihcJKSDx/s6eVtWGnxMCx
ywr4Xd2Rhh+3uj1J9MYsozxIb5nFThRLrddlq4AN9jAZzs1voVd54KJSqjwoOaGk
ysl56H1UvFM5H+GGyoloIEAbFN1VCvSOK+Ke4GOghllK
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:36:11 2025 by rpki-client