Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/ei_reYXnpHTz3jYm6Rv1z4hsbSU.roa
File: ei_reYXnpHTz3jYm6Rv1z4hsbSU.roa (raw, json)
Hash identifier: U8Yp2+Cr0qw98aWvakuXJCB7ktU7hzkCr3qKvZh6oA0=
Subject key identifier: 7A:2F:EB:79:85:E7:A4:74:F3:DE:36:26:E9:1B:F5:CF:88:6C:6D:25
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 01848B0C16B288ACE5A105D97F172F3C55DA
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/ei_reYXnpHTz3jYm6Rv1z4hsbSU.roa
Signing time: Fri 18 Nov 2022 14:02:15 +0000
ROA not before: Fri 18 Nov 2022 14:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196936
IP address blocks: 178.217.96.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8b:0c:16:b2:88:ac:e5:a1:05:d9:7f:17:2f:3c:55:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: Nov 18 14:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a2feb7985e7a474f3de3626e91bf5cf886c6d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:eb:5b:6d:13:97:4d:17:25:08:19:22:4e:
ef:cd:14:9d:40:98:d8:df:de:75:61:d9:0d:c6:7d:
7c:12:53:23:55:30:e2:a6:0f:26:7f:d2:23:ad:58:
f1:0c:2f:f2:ce:87:d6:63:77:01:0d:33:d7:a9:ae:
47:c6:2e:c7:ef:f2:6a:18:96:a7:2e:6a:1a:6b:f0:
66:19:c7:ed:6d:55:18:1b:76:10:55:46:a3:7f:95:
09:fa:46:fa:48:e8:8e:b2:00:07:37:35:6a:ea:01:
39:5d:43:41:bc:72:ab:70:e5:24:0c:31:67:94:53:
bb:f7:92:0f:9a:2a:f1:9f:85:87:94:ee:b1:5c:be:
e8:f6:14:76:78:2a:bd:13:e5:cd:c2:64:02:bd:fa:
33:76:44:23:c7:f2:e1:10:d7:9d:f3:6f:70:f9:a7:
34:54:c0:88:e3:7b:0b:e4:7b:2f:4c:27:e7:3f:fb:
3f:6e:60:3b:f8:db:61:95:15:a0:e9:79:22:7e:a6:
88:9b:1f:64:91:fe:93:8d:c7:b7:ee:2b:87:e5:8d:
7a:c3:7e:d1:c2:b0:cf:a4:7e:95:1c:c5:58:f2:52:
b3:a2:36:f8:8f:d8:3b:1a:37:2f:c1:eb:ab:33:19:
84:12:9c:0e:1c:6a:aa:57:08:a8:14:a8:59:87:d7:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2F:EB:79:85:E7:A4:74:F3:DE:36:26:E9:1B:F5:CF:88:6C:6D:25
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/ei_reYXnpHTz3jYm6Rv1z4hsbSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.96.0/21
Signature Algorithm: sha256WithRSAEncryption
89:3c:e4:72:83:6e:4f:4e:5d:81:98:c2:0d:0b:0b:32:e2:4a:
d6:d5:c1:73:5d:4d:35:16:26:bf:49:db:f8:9a:ee:e6:a3:ed:
95:b1:fa:bc:79:50:f2:87:e1:94:af:68:8f:46:11:ae:16:4a:
ae:94:a6:6e:cd:df:32:1f:8e:99:54:16:60:94:99:5f:44:65:
39:bf:a0:42:77:d3:20:2d:f9:7f:73:d3:0d:7f:cc:74:89:d4:
2d:95:12:ae:e7:c9:7c:ad:30:6b:d9:27:28:9d:96:57:5b:44:
84:c1:b6:92:cf:9a:32:07:98:54:7f:80:fc:58:9f:d0:14:5c:
23:ce:cb:b2:b6:99:70:b2:4a:b1:50:9f:7e:03:72:db:c8:5c:
c9:01:74:2e:20:40:6f:ed:03:09:1c:00:06:af:ae:8c:df:21:
c5:54:a1:04:b0:ab:22:34:58:a3:09:74:33:11:b4:48:09:a1:
44:b8:0f:00:f9:80:62:7b:a3:38:06:40:d6:8c:93:6c:fe:be:
ae:56:cb:49:dc:70:3b:7c:a5:34:6b:cf:cb:fe:08:00:75:b9:
33:32:1e:47:c2:8b:67:3d:bd:06:cb:ab:d7:fd:e7:19:60:e8:
35:fb:72:4c:95:9c:22:e0:a7:76:35:63:5a:25:d6:dd:35:c7:
a7:6c:5e:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSLDBayiKzloQXZfxcvPFXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDhjYmFkMTc0ODIwNWI0ZjQzMzRiYmE2MzhjNjRjMmIy
MWZjMGUwHhcNMjIxMTE4MTQwMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTJmZWI3OTg1ZTdhNDc0ZjNkZTM2MjZlOTFiZjVjZjg4NmM2ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt/rW20Tl00XJQgZIk7vzRSdQJjY
3951YdkNxn18ElMjVTDipg8mf9IjrVjxDC/yzofWY3cBDTPXqa5Hxi7H7/JqGJan
Lmoaa/BmGcftbVUYG3YQVUajf5UJ+kb6SOiOsgAHNzVq6gE5XUNBvHKrcOUkDDFn
lFO795IPmirxn4WHlO6xXL7o9hR2eCq9E+XNwmQCvfozdkQjx/LhENed829w+ac0
VMCI43sL5HsvTCfnP/s/bmA7+NthlRWg6XkifqaImx9kkf6Tjce37iuH5Y16w37R
wrDPpH6VHMVY8lKzojb4j9g7GjcvweurMxmEEpwOHGqqVwioFKhZh9d05wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHov63mF56R08942Jukb9c+IbG0lMB8GA1UdIwQY
MBaAFEFIy60XSCBbT0M0u6Y4xkwrIfwOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jZTIxYjMtYzRkZS00NTZkLWI1Mzgt
OTc5NzVkMzRmYzZjLzEvZWlfcmVZWG5wSFR6M2pZbTZSdjF6NGhzYlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jZTIxYjMtYzRkZS00NTZkLWI1MzgtOTc5NzVkMzRmYzZj
LzEvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstlgMA0G
CSqGSIb3DQEBCwUAA4IBAQCJPORyg25PTl2BmMINCwsy4krW1cFzXU01Fia/Sdv4
mu7mo+2Vsfq8eVDyh+GUr2iPRhGuFkqulKZuzd8yH46ZVBZglJlfRGU5v6BCd9Mg
Lfl/c9MNf8x0idQtlRKu58l8rTBr2SconZZXW0SEwbaSz5oyB5hUf4D8WJ/QFFwj
zsuytplwskqxUJ9+A3LbyFzJAXQuIEBv7QMJHAAGr66M3yHFVKEEsKsiNFijCXQz
EbRICaFEuA8A+YBie6M4BkDWjJNs/r6uVstJ3HA7fKU0a8/L/ggAdbkzMh5Hwotn
Pb0Gy6vX/ecZYOg1+3JMlZwi4Kd2NWNaJdbdNcenbF6y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:17 2025 by rpki-client