Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/79TVi-M-UeAEA3R8YbQDchLwmJA.roa
File: 79TVi-M-UeAEA3R8YbQDchLwmJA.roa (raw, json)
Hash identifier: tZzb6+pt5a1XtsMoZo6Rh93OZH1bYm1eQcdp2Mv+2Vk=
Subject key identifier: EF:D4:D5:8B:E3:3E:51:E0:04:03:74:7C:61:B4:03:72:12:F0:98:90
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0190BFFB1C8ED6AE13A61CBCAD7AF8873DE2
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/79TVi-M-UeAEA3R8YbQDchLwmJA.roa
Signing time: Wed 17 Jul 2024 09:17:03 +0000
ROA not before: Wed 17 Jul 2024 09:17:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12325
IP address blocks: 85.204.106.0/24 maxlen: 24
89.46.232.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:fb:1c:8e:d6:ae:13:a6:1c:bc:ad:7a:f8:87:3d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jul 17 09:17:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efd4d58be33e51e00403747c61b4037212f09890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8d:7a:d5:b9:14:5a:e5:23:33:4b:7f:72:dc:
8d:f0:74:09:42:b5:cf:04:99:ed:9a:04:e6:3b:e7:
3b:13:0b:33:fb:fd:82:21:68:b3:88:e0:d8:2d:41:
75:ad:fa:5c:27:78:e8:40:68:ce:d4:3a:d1:99:34:
a1:46:3e:57:80:95:f7:5a:5f:05:cd:40:bc:36:be:
d3:d2:77:44:a5:fa:06:fc:36:1a:b1:7d:86:42:9f:
5e:60:a6:f1:f1:08:5d:ab:20:25:51:a4:06:0a:31:
29:f2:4c:51:e1:52:f3:b9:bd:43:14:ab:8c:a3:10:
a1:60:e9:5d:94:38:fb:14:28:01:0d:c9:f4:46:ba:
c3:d1:e0:ef:9b:52:8c:03:bb:eb:f2:63:16:3c:6d:
03:c3:45:6d:1c:95:06:37:89:6b:36:92:1e:9d:19:
b9:da:19:c2:7d:46:bd:72:f4:24:7a:2a:f4:a4:3b:
28:80:d0:25:65:7a:3c:22:15:ed:b3:8f:30:09:fb:
82:cc:ab:98:73:b3:c7:0f:4c:29:11:28:b0:96:fb:
f9:25:af:52:ee:6a:90:7a:e1:bd:fb:0a:c3:65:4d:
f7:de:46:fd:fb:fa:b5:f0:a3:23:4d:ae:49:0e:c2:
cd:be:4f:eb:34:2d:62:1d:72:44:49:63:53:79:1f:
3a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D4:D5:8B:E3:3E:51:E0:04:03:74:7C:61:B4:03:72:12:F0:98:90
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/79TVi-M-UeAEA3R8YbQDchLwmJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.106.0/24
89.46.232.0/21
Signature Algorithm: sha256WithRSAEncryption
04:25:50:2d:a8:54:0b:a8:b0:14:00:7b:e8:57:96:48:01:a1:
37:fb:3d:9c:ea:12:85:84:33:3a:95:dd:f3:5b:2f:34:21:95:
cd:50:9d:c9:bb:c0:dc:ea:14:52:2a:d0:4e:68:b0:ba:b7:cd:
66:4b:bc:9e:5a:60:f0:22:c1:8c:00:2e:20:08:0a:15:15:ec:
dd:71:1d:21:e7:a9:5e:84:79:5d:7a:38:27:9e:06:fc:18:e3:
12:26:c6:e2:5f:9e:6b:32:34:87:ef:af:c4:73:f5:ab:71:41:
d2:32:f0:71:62:40:b5:fb:4c:6f:be:12:88:c7:b6:78:b9:a2:
84:6a:0f:8b:72:93:84:f7:0c:80:7e:19:7f:99:91:f6:fd:05:
5a:49:aa:7a:28:81:78:2d:db:ed:e7:4c:88:44:54:44:2f:33:
c4:d5:fa:fb:2c:95:67:17:dd:c0:75:21:e0:74:95:ff:bf:59:
11:49:e4:86:6f:c3:4c:00:cf:1d:28:4a:fe:06:d2:ae:74:c4:
3c:d4:41:25:0e:a5:8a:11:47:19:55:88:2d:dd:3c:62:0d:af:
ef:99:88:8a:da:59:b9:1b:cc:be:31:ab:89:42:ba:37:92:23:
33:d5:e3:fe:ef:16:7a:6e:41:44:8e:e5:b0:51:b9:8f:4d:8a:
71:3a:7f:32
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZC/+xyO1q4Tphy8rXr4hz3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwNzE3MDkxNzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQ0ZDU4YmUzM2U1MWUwMDQwMzc0N2M2MWI0MDM3MjEyZjA5ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4161bkUWuUjM0t/ctyN8HQJQrXP
BJntmgTmO+c7Ewsz+/2CIWiziODYLUF1rfpcJ3joQGjO1DrRmTShRj5XgJX3Wl8F
zUC8Nr7T0ndEpfoG/DYasX2GQp9eYKbx8QhdqyAlUaQGCjEp8kxR4VLzub1DFKuM
oxChYOldlDj7FCgBDcn0RrrD0eDvm1KMA7vr8mMWPG0Dw0VtHJUGN4lrNpIenRm5
2hnCfUa9cvQkeir0pDsogNAlZXo8IhXts48wCfuCzKuYc7PHD0wpESiwlvv5Ja9S
7mqQeuG9+wrDZU333kb9+/q18KMjTa5JDsLNvk/rNC1iHXJESWNTeR866QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO/U1YvjPlHgBAN0fGG0A3IS8JiQMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzc5VFZpLU0tVWVBRUEzUjhZYlFEY2hMd21KQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABVzGoD
BANZLugwDQYJKoZIhvcNAQELBQADggEBAAQlUC2oVAuosBQAe+hXlkgBoTf7PZzq
EoWEMzqV3fNbLzQhlc1Qncm7wNzqFFIq0E5osLq3zWZLvJ5aYPAiwYwALiAIChUV
7N1xHSHnqV6EeV16OCeeBvwY4xImxuJfnmsyNIfvr8Rz9atxQdIy8HFiQLX7TG++
EojHtni5ooRqD4tyk4T3DIB+GX+Zkfb9BVpJqnoogXgt2+3nTIhEVEQvM8TV+vss
lWcX3cB1IeB0lf+/WRFJ5IZvw0wAzx0oSv4G0q50xDzUQSUOpYoRRxlViC3dPGIN
r++ZiIraWbkbzL4xq4lCujeSIzPV4/7vFnpuQUSO5bBRuY9NinE6fzI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:59 2025 by rpki-client