Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/a6PicMkTe2yqRgIRWaF4WqoQdn8.roa
File: a6PicMkTe2yqRgIRWaF4WqoQdn8.roa (raw, json)
Hash identifier: JkDAvJBKQq5zS61HT9bfz46mPTMXwHlu8fZd0lN5PFs=
Subject key identifier: 6B:A3:E2:70:C9:13:7B:6C:AA:46:02:11:59:A1:78:5A:AA:10:76:7F
Certificate issuer: /CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Certificate serial: 01835814540E2BF45590FEBDA19FC28A7F4E
Authority key identifier: 00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/a6PicMkTe2yqRgIRWaF4WqoQdn8.roa
Signing time: Mon 19 Sep 2022 23:27:50 +0000
ROA not before: Mon 19 Sep 2022 23:27:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61371
IP address blocks: 94.231.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:58:14:54:0e:2b:f4:55:90:fe:bd:a1:9f:c2:8a:7f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Validity
Not Before: Sep 19 23:27:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ba3e270c9137b6caa46021159a1785aaa10767f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:7f:80:57:cd:60:02:bd:b5:b2:1b:4d:c1:
4a:c7:10:bc:25:20:82:82:98:72:2c:7b:51:3a:41:
b1:10:13:cc:b2:dd:99:d3:50:a5:1d:6f:0c:95:a8:
06:68:57:ab:53:05:7e:7c:42:a8:d6:71:a1:20:5a:
d2:34:4b:34:de:e0:2b:9b:45:01:14:0b:79:55:1f:
39:48:6f:af:cf:64:ef:55:b6:75:74:2f:08:1c:8d:
4c:d2:98:28:48:f0:f2:79:88:20:d3:7e:d0:88:20:
a9:fb:03:55:2c:b7:6a:02:d0:6d:e2:65:9c:f9:63:
e5:bb:e3:77:1e:27:b9:8d:5f:b1:f5:8e:30:84:e1:
4f:2e:38:a5:38:62:09:e0:f3:26:af:f2:cd:e7:92:
57:5e:e7:4f:20:89:b7:32:91:fa:44:62:0f:5f:1b:
6b:93:e0:45:77:de:1e:e1:b8:25:65:6e:c1:2d:37:
7b:1f:39:a7:8f:f2:25:2e:0a:41:dc:d1:e1:66:63:
7e:91:91:62:4d:b7:31:e6:0d:34:6a:b5:b0:97:33:
d2:41:0f:b1:5f:c9:f7:d9:20:2f:a1:2f:32:b1:fb:
33:5b:5a:2d:12:ab:fc:1d:6b:19:b8:7e:61:05:db:
fd:d5:32:4e:76:6e:68:ef:10:81:80:6d:c9:65:4c:
9b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A3:E2:70:C9:13:7B:6C:AA:46:02:11:59:A1:78:5A:AA:10:76:7F
X509v3 Authority Key Identifier:
keyid:00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/a6PicMkTe2yqRgIRWaF4WqoQdn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/AC-m4ZBWg4kFvDK1OrDRBH145NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.39.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:ec:dc:99:11:dd:36:33:37:18:4d:99:81:1f:e4:07:71:cf:
2f:19:d3:e2:46:e6:dd:a1:6e:a4:a0:70:db:39:5c:fe:99:41:
3d:f4:5e:bd:69:79:31:7f:b3:a8:14:52:aa:5b:a6:17:d6:85:
ed:dc:15:34:17:3a:f0:68:43:4d:ea:e5:95:a3:c5:2d:74:7f:
d1:2b:d1:04:27:21:84:0d:91:8c:6d:88:78:79:e0:60:80:10:
fb:6c:3b:ca:e0:73:98:99:1e:f4:86:2e:85:86:f0:67:bf:cb:
6e:55:e0:df:7b:4e:e4:89:92:5c:17:d6:b0:64:80:92:02:59:
96:3a:16:52:0e:c9:5d:8e:dc:f5:12:3e:c0:23:7d:63:22:5c:
64:d0:b2:41:b5:98:43:95:3a:8f:6d:17:7d:da:f7:58:da:82:
ab:93:bb:b2:86:49:f9:1a:ce:e2:60:88:b6:72:15:29:4d:8a:
a8:67:0a:d4:3e:2f:a4:6f:a5:a0:34:42:5e:2a:03:e7:ea:cd:
e4:e3:e7:cc:a5:81:ae:bf:fe:8c:17:26:44:f3:29:15:cc:e9:
85:eb:eb:8a:9f:47:4b:b8:83:0c:7d:99:1d:b5:70:ab:0e:c2:
5b:87:78:69:00:83:60:a0:68:81:ae:ed:6a:00:95:0f:6f:f1:
70:48:e6:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNYFFQOK/RVkP69oZ/Cin9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmZhNmUxOTA1NjgzODkwNWJjMzJiNTNhYjBkMTA0N2Q3
OGU0ZDQwHhcNMjIwOTE5MjMyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmEzZTI3MGM5MTM3YjZjYWE0NjAyMTE1OWExNzg1YWFhMTA3NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcd/gFfNYAK9tbIbTcFKxxC8JSCC
gphyLHtROkGxEBPMst2Z01ClHW8MlagGaFerUwV+fEKo1nGhIFrSNEs03uArm0UB
FAt5VR85SG+vz2TvVbZ1dC8IHI1M0pgoSPDyeYgg037QiCCp+wNVLLdqAtBt4mWc
+WPlu+N3Hie5jV+x9Y4whOFPLjilOGIJ4PMmr/LN55JXXudPIIm3MpH6RGIPXxtr
k+BFd94e4bglZW7BLTd7Hzmnj/IlLgpB3NHhZmN+kZFiTbcx5g00arWwlzPSQQ+x
X8n32SAvoS8ysfszW1otEqv8HWsZuH5hBdv91TJOdm5o7xCBgG3JZUybMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuj4nDJE3tsqkYCEVmheFqqEHZ/MB8GA1UdIwQY
MBaAFAAvpuGQVoOJBbwytTqw0QR9eOTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUMtbTRaQldnNGtGdkRLMU9yRFJCSDE0NU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny84NjZiNmItZjU2Yy00YTJmLTkwMmQt
ZmJjMzZlNDM0OGY1LzEvYTZQaWNNa1RlMnlxUmdJUldhRjRXcW9RZG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny84NjZiNmItZjU2Yy00YTJmLTkwMmQtZmJjMzZlNDM0OGY1
LzEvQUMtbTRaQldnNGtGdkRLMU9yRFJCSDE0NU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXucnMA0G
CSqGSIb3DQEBCwUAA4IBAQBb7NyZEd02MzcYTZmBH+QHcc8vGdPiRubdoW6koHDb
OVz+mUE99F69aXkxf7OoFFKqW6YX1oXt3BU0FzrwaENN6uWVo8UtdH/RK9EEJyGE
DZGMbYh4eeBggBD7bDvK4HOYmR70hi6FhvBnv8tuVeDfe07kiZJcF9awZICSAlmW
OhZSDsldjtz1Ej7AI31jIlxk0LJBtZhDlTqPbRd92vdY2oKrk7uyhkn5Gs7iYIi2
chUpTYqoZwrUPi+kb6WgNEJeKgPn6s3k4+fMpYGuv/6MFyZE8ykVzOmF6+uKn0dL
uIMMfZkdtXCrDsJbh3hpAINgoGiBru1qAJUPb/FwSObI
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:33 2025 by rpki-client