Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/266T7ZbtAjK11A0E6WjPTYpighg.roa
File: 266T7ZbtAjK11A0E6WjPTYpighg.roa (raw, json)
Hash identifier: h54XCS3Y9TYQGtHJQpa7QGwzILwF6eYHuiXq2TnEQCM=
Subject key identifier: DB:AE:93:ED:96:ED:02:32:B5:D4:0D:04:E9:68:CF:4D:8A:62:82:18
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 42DE6045
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/266T7ZbtAjK11A0E6WjPTYpighg.roa
Signing time: Wed 04 May 2022 09:35:33 +0000
ROA not before: Wed 04 May 2022 09:35:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48881
IP address blocks: 93.118.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1121869893 (0x42de6045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 4 09:35:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbae93ed96ed0232b5d40d04e968cf4d8a628218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:14:d0:a3:98:13:36:f6:25:0b:dd:74:48:a2:
a6:2b:50:59:ed:c8:11:32:78:ef:7d:2a:d1:2c:fa:
b1:b6:a6:4b:b3:86:c7:bd:71:eb:39:d4:70:3b:3c:
6b:ab:8f:84:fa:68:a4:c3:01:67:08:b8:e3:b4:64:
bc:02:ba:c8:02:cc:eb:f7:eb:a6:35:b8:5a:5e:36:
99:55:63:8b:c7:48:1c:33:91:d3:d6:3a:ab:d0:cf:
86:53:1a:4d:0c:0d:d6:cd:f6:38:b0:54:81:ca:ef:
ad:d4:d1:ec:f6:4e:ff:35:e3:dd:74:ba:0b:7f:d7:
a9:3b:fc:a3:cb:e9:65:8f:9b:3c:de:2e:a7:89:8d:
ac:b1:c5:b1:07:91:3a:f0:15:60:3b:13:33:36:df:
60:60:e7:f8:a6:ad:0f:57:f5:2a:0a:20:a4:b7:49:
a6:02:b6:ec:d0:01:e0:8b:94:8c:a3:66:93:7a:ae:
ce:47:9a:4e:e3:d4:13:2c:99:ba:c3:f2:9c:09:0f:
47:de:ca:ca:aa:e2:a4:02:21:51:55:4b:2e:cf:6d:
d9:05:d2:9c:9d:4f:74:17:1b:78:ac:c1:0d:c5:5b:
8d:c1:9c:97:bb:64:85:c0:0c:b6:4b:1f:60:fc:22:
12:cc:56:09:84:4d:a7:2b:1f:f6:43:a2:1d:a8:df:
8c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AE:93:ED:96:ED:02:32:B5:D4:0D:04:E9:68:CF:4D:8A:62:82:18
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/266T7ZbtAjK11A0E6WjPTYpighg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.118.36.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:ce:9e:eb:d9:e4:d6:6c:86:e7:7b:d8:77:ce:97:ea:e9:ee:
13:16:55:3e:1e:58:f3:28:b2:bc:7e:e8:98:1c:33:63:4a:41:
9d:7d:e9:d0:d2:2d:83:a4:9a:44:c3:a9:f2:d7:a1:e0:6c:4b:
4c:07:19:1e:12:35:10:76:11:31:af:62:2c:6f:90:9e:80:1b:
a8:81:bf:32:50:9e:3a:32:9a:8f:0b:bf:28:bd:47:8a:92:f5:
99:51:7e:a7:80:1b:3e:97:0b:a3:fb:e3:3c:13:b5:86:35:3a:
38:43:b7:d4:a4:65:b7:ce:08:ea:5a:8c:5a:eb:b1:3f:ca:8c:
d5:7a:7b:40:70:75:6f:96:32:ec:1b:73:7c:1e:e9:95:8e:24:
31:b6:62:b8:f8:e1:ab:8c:c9:12:20:7c:cc:93:04:70:66:22:
fa:77:47:5b:e7:e1:a9:74:92:e8:74:61:28:e2:a2:47:3c:f7:
da:fc:13:d5:e6:a5:5f:d3:73:89:50:8a:42:3d:51:03:24:c9:
12:12:27:02:e9:28:d6:86:34:c5:3f:59:fd:c5:8c:6a:b3:a1:
ca:9c:b5:db:50:a5:f4:e7:62:e2:d2:1b:21:83:f2:f3:f2:91:
30:f5:f2:36:19:49:1c:ac:c3:61:b6:22:b6:16:07:b7:48:fc:
07:b6:3b:f2
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQt5gRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUw
NDA5MzUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJhZTkzZWQ5NmVk
MDIzMmI1ZDQwZDA0ZTk2OGNmNGQ4YTYyODIxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANwU0KOYEzb2JQvddEiipitQWe3IETJ4730q0Sz6sbamS7OG
x71x6znUcDs8a6uPhPpopMMBZwi447RkvAK6yALM6/frpjW4Wl42mVVji8dIHDOR
09Y6q9DPhlMaTQwN1s32OLBUgcrvrdTR7PZO/zXj3XS6C3/XqTv8o8vpZY+bPN4u
p4mNrLHFsQeROvAVYDsTMzbfYGDn+KatD1f1KgogpLdJpgK27NAB4IuUjKNmk3qu
zkeaTuPUEyyZusPynAkPR97KyqripAIhUVVLLs9t2QXSnJ1PdBcbeKzBDcVbjcGc
l7tkhcAMtksfYPwiEsxWCYRNpysf9kOiHajfjNsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTbrpPtlu0CMrXUDQTpaM9NimKCGDAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS8yNjZUN1pidEFqSzExQTBFNldqUFRZcGlnaGcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXYkMA0GCSqGSIb3DQEBCwUA
A4IBAQC4zp7r2eTWbIbne9h3zpfq6e4TFlU+HljzKLK8fuiYHDNjSkGdfenQ0i2D
pJpEw6ny16HgbEtMBxkeEjUQdhExr2Isb5CegBuogb8yUJ46MpqPC78ovUeKkvWZ
UX6ngBs+lwuj++M8E7WGNTo4Q7fUpGW3zgjqWoxa67E/yozVentAcHVvljLsG3N8
HumVjiQxtmK4+OGrjMkSIHzMkwRwZiL6d0db5+GpdJLodGEo4qJHPPfa/BPV5qVf
03OJUIpCPVEDJMkSEicC6SjWhjTFP1n9xYxqs6HKnLXbUKX052Li0hshg/Lz8pEw
9fI2GUkcrMNhtiK2Fge3SPwHtjvy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:27 2025 by rpki-client