Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/puKzTD998N0Y5UDqu6Z2_Ge5jhE.roa
File: puKzTD998N0Y5UDqu6Z2_Ge5jhE.roa (raw, json)
Hash identifier: 7CyX0A/FoSkCtv8gj4DfyYYkgQhapDXRCKqOWMCkcCE=
Subject key identifier: A6:E2:B3:4C:3F:7D:F0:DD:18:E5:40:EA:BB:A6:76:FC:67:B9:8E:11
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 0194221F479DEE9F95533DD08900AC01CB95
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/puKzTD998N0Y5UDqu6Z2_Ge5jhE.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6660
IP address blocks: 62.25.128.0/17 maxlen: 17
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:47:9d:ee:9f:95:53:3d:d0:89:00:ac:01:cb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e2b34c3f7df0dd18e540eabba676fc67b98e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:17:1c:6c:27:b2:7d:a5:c7:85:3c:e5:24:
22:7e:f5:40:77:47:b0:06:af:5a:d9:a9:6d:54:9a:
bf:28:d2:b1:db:66:a2:c0:be:7d:c2:63:42:ee:19:
87:55:0a:bf:f1:bd:60:5f:84:5c:38:d2:94:83:ec:
3e:95:54:13:eb:38:14:3f:89:48:a5:0a:83:2b:b4:
84:a4:89:00:13:1c:3f:6c:4d:b0:33:83:55:33:83:
e6:5b:d6:a2:25:bf:e6:f9:5f:b9:b7:aa:bc:b1:68:
e5:8d:29:ca:35:b9:84:66:4f:5e:9f:b7:43:52:87:
78:b6:76:16:2b:d1:f9:bc:37:74:a0:1a:f8:a8:09:
d7:c6:0e:57:92:64:fb:69:89:da:18:3a:c8:04:d0:
fc:26:8b:0f:cb:55:85:23:da:34:bc:c8:df:ec:12:
fa:c4:9b:98:7f:2f:cf:23:a9:ca:d1:9e:42:f7:62:
bd:99:49:1b:88:c3:34:13:f1:7e:ad:09:11:c6:ad:
68:49:31:59:36:ad:28:d9:87:72:0c:f4:eb:c5:97:
ab:09:ed:6a:c9:c3:a2:66:e2:69:10:90:83:e6:dc:
e9:d2:04:3d:f2:b8:93:73:f9:fc:8b:48:01:24:4e:
5f:9f:1e:23:81:c6:bc:43:f6:af:2a:32:a9:b5:ac:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E2:B3:4C:3F:7D:F0:DD:18:E5:40:EA:BB:A6:76:FC:67:B9:8E:11
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/puKzTD998N0Y5UDqu6Z2_Ge5jhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.25.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2e:7c:e6:81:41:b7:fd:dc:aa:d9:e5:44:c9:d7:71:53:11:59:
a6:55:d3:cc:2e:3a:d7:09:be:31:7f:30:b9:4d:48:ed:58:e1:
91:75:14:19:e6:09:7c:07:8b:ef:80:9b:c2:54:d2:e0:8c:c0:
d7:80:ef:7d:ed:94:42:83:71:f3:3d:9a:2f:2f:30:2e:fa:aa:
36:0e:1a:12:b8:21:6b:e1:77:81:01:ae:3f:99:f0:a3:31:e3:
44:03:4b:c0:c2:ce:d7:ce:42:57:c2:32:ed:31:97:a9:34:42:
27:e5:95:97:ea:54:74:ac:29:37:d9:b8:68:c2:52:c3:03:3b:
a7:5d:52:44:11:4d:10:5c:e8:57:fa:f7:08:23:fd:0b:93:cf:
70:de:09:20:9d:c8:85:ca:5a:84:f3:dc:10:57:5d:7a:67:98:
19:2d:b8:12:26:e1:13:17:92:0a:12:dd:6d:7c:ef:bf:9a:e8:
e4:e2:6d:90:21:87:e9:cf:f6:2d:af:b7:df:90:4a:f7:c3:e0:
aa:52:5f:44:7f:50:42:a1:d3:4c:47:41:05:3d:f0:ea:ee:59:
db:f9:c7:bc:d3:65:41:e2:96:f0:82:46:16:c2:69:d7:94:e6:
ba:8b:40:b6:06:6c:16:4e:46:f1:f7:97:7e:c3:ef:d4:2d:99:
61:70:c6:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH0ed7p+VUz3QiQCsAcuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmUyYjM0YzNmN2RmMGRkMThlNTQwZWFiYmE2NzZmYzY3Yjk4ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+QXHGwnsn2lx4U85SQifvVAd0ew
Bq9a2altVJq/KNKx22aiwL59wmNC7hmHVQq/8b1gX4RcONKUg+w+lVQT6zgUP4lI
pQqDK7SEpIkAExw/bE2wM4NVM4PmW9aiJb/m+V+5t6q8sWjljSnKNbmEZk9en7dD
Uod4tnYWK9H5vDd0oBr4qAnXxg5XkmT7aYnaGDrIBND8JosPy1WFI9o0vMjf7BL6
xJuYfy/PI6nK0Z5C92K9mUkbiMM0E/F+rQkRxq1oSTFZNq0o2YdyDPTrxZerCe1q
ycOiZuJpEJCD5tzp0gQ98riTc/n8i0gBJE5fnx4jgca8Q/avKjKptaxiVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbis0w/ffDdGOVA6rumdvxnuY4RMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvcHVLelREOTk4TjBZNVVEcXU2WjJfR2U1amhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHPhmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAufOaBQbf93KrZ5UTJ13FTEVmmVdPMLjrXCb4xfzC5
TUjtWOGRdRQZ5gl8B4vvgJvCVNLgjMDXgO997ZRCg3HzPZovLzAu+qo2DhoSuCFr
4XeBAa4/mfCjMeNEA0vAws7XzkJXwjLtMZepNEIn5ZWX6lR0rCk32bhowlLDAzun
XVJEEU0QXOhX+vcII/0Lk89w3gkgnciFylqE89wQV116Z5gZLbgSJuETF5IKEt1t
fO+/mujk4m2QIYfpz/Ytr7ffkEr3w+CqUl9Ef1BCodNMR0EFPfDq7lnb+ce802VB
4pbwgkYWwmnXlOa6i0C2BmwWTkbx95d+w+/ULZlhcMZm
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:40:45 2025 by rpki-client