Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/9teJwl_P47C63_oRQ6XCkY8FJLc.roa
File: 9teJwl_P47C63_oRQ6XCkY8FJLc.roa (raw, json)
Hash identifier: TDsD1rWj/nevWkjqkI3r2og58L5l6ZOyMx10BDOyf3w=
Subject key identifier: F6:D7:89:C2:5F:CF:E3:B0:BA:DF:FA:11:43:A5:C2:91:8F:05:24:B7
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0191A7B1565A9A9F75BB5F4334B9CF91B813
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/9teJwl_P47C63_oRQ6XCkY8FJLc.roa
Signing time: Sat 31 Aug 2024 09:08:22 +0000
ROA not before: Sat 31 Aug 2024 09:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39531
IP address blocks: 93.115.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:b1:56:5a:9a:9f:75:bb:5f:43:34:b9:cf:91:b8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Aug 31 09:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6d789c25fcfe3b0badffa1143a5c2918f0524b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9c:fa:d2:2e:74:d2:2c:89:94:b7:11:9e:d0:
50:71:3f:0e:3d:85:bc:90:8f:35:1d:77:87:cf:18:
a5:ec:26:e8:d3:7e:64:ff:ac:2f:f9:5f:55:b0:7a:
6d:83:e6:03:62:70:c3:a5:6f:08:ba:f9:e8:b3:f7:
f6:2c:46:61:09:6e:cb:67:db:45:d8:2c:ef:b1:91:
af:3f:de:07:b0:78:ae:da:08:ce:1f:a2:76:ff:3f:
38:b6:f2:55:b0:e8:6d:a4:bd:cd:ea:4f:03:1c:18:
ed:87:20:4f:3b:48:30:50:f1:84:6a:03:77:a0:91:
9d:da:50:c1:8c:4c:fe:f3:93:e0:f2:11:6b:57:45:
41:d9:fc:ce:68:e7:95:08:e3:ac:50:70:e8:db:b9:
c4:9d:ef:76:74:f0:8e:97:e8:29:eb:76:83:dc:90:
c1:77:74:f1:de:29:68:d4:27:fa:a7:ec:ed:9e:d0:
c4:90:fa:da:3e:15:a4:09:a8:b8:33:b8:03:6e:10:
00:25:cf:04:24:f2:58:1b:7f:0c:7a:28:c4:44:b3:
0f:e0:a9:1c:ef:2a:88:81:15:83:c1:44:a5:c4:7b:
4c:d9:95:aa:88:5c:cf:8a:6e:df:1a:1f:07:c9:0b:
4b:90:61:2f:71:ad:b4:36:21:59:f4:c3:c3:70:ee:
d6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D7:89:C2:5F:CF:E3:B0:BA:DF:FA:11:43:A5:C2:91:8F:05:24:B7
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/9teJwl_P47C63_oRQ6XCkY8FJLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.172.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:5b:da:58:f9:05:3e:27:52:79:3f:3b:0f:d2:6b:31:15:a3:
14:af:97:8e:3f:fa:24:b0:89:fe:99:e0:c0:87:5d:3f:6e:55:
b3:b5:f6:30:fd:42:05:db:b2:2e:dd:e5:73:7e:25:be:0c:93:
cc:44:34:d3:6b:bf:42:56:0b:b1:03:68:53:a9:34:3f:ff:d3:
e8:94:f0:a9:3e:9e:f8:d5:6e:60:37:f3:b6:b4:2a:97:3d:ae:
bc:e9:00:24:e2:be:4d:88:5c:e5:a8:ff:b7:87:82:87:7f:6b:
65:85:a2:3b:59:a5:57:c7:e3:88:76:0f:bd:2c:a8:13:37:c3:
e8:03:7b:af:34:67:7c:d6:a2:3f:cd:c0:9e:ec:38:d1:61:6a:
ab:41:de:6e:59:39:95:a5:7e:40:4b:a7:a6:51:9f:4a:e9:47:
80:48:fc:d7:a8:fd:dc:1a:67:6e:33:16:be:ed:92:fe:0c:a2:
1c:c6:02:ae:44:0e:dc:c7:44:b3:c0:39:e9:f9:5f:15:54:51:
9c:2a:d3:3e:b1:43:cb:d4:7c:27:c3:e3:ce:e1:fc:e7:df:fc:
51:2f:20:2b:e0:c4:0f:0e:19:dd:f2:d4:33:7e:69:9f:9e:f3:
5a:e3:aa:58:dc:4c:65:e9:10:f0:ec:1b:cb:31:a5:8d:f4:01:
cf:d6:95:3e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZGnsVZamp91u19DNLnPkbgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwODMxMDkwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ3ODljMjVmY2ZlM2IwYmFkZmZhMTE0M2E1YzI5MThmMDUyNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zz60i500iyJlLcRntBQcT8OPYW8
kI81HXeHzxil7Cbo035k/6wv+V9VsHptg+YDYnDDpW8Iuvnos/f2LEZhCW7LZ9tF
2CzvsZGvP94HsHiu2gjOH6J2/z84tvJVsOhtpL3N6k8DHBjthyBPO0gwUPGEagN3
oJGd2lDBjEz+85Pg8hFrV0VB2fzOaOeVCOOsUHDo27nEne92dPCOl+gp63aD3JDB
d3Tx3ilo1Cf6p+ztntDEkPraPhWkCai4M7gDbhAAJc8EJPJYG38MeijERLMP4Kkc
7yqIgRWDwUSlxHtM2ZWqiFzPim7fGh8HyQtLkGEvca20NiFZ9MPDcO7WMQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPbXicJfz+Owut/6EUOlwpGPBSS3MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzl0ZUp3bF9QNDdDNjNfb1JRNlhDa1k4RkpMYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJdc6ww
DQYJKoZIhvcNAQELBQADggEBAIpb2lj5BT4nUnk/Ow/SazEVoxSvl44/+iSwif6Z
4MCHXT9uVbO19jD9QgXbsi7d5XN+Jb4Mk8xENNNrv0JWC7EDaFOpND//0+iU8Kk+
nvjVbmA387a0Kpc9rrzpACTivk2IXOWo/7eHgod/a2WFojtZpVfH44h2D70sqBM3
w+gDe680Z3zWoj/NwJ7sONFhaqtB3m5ZOZWlfkBLp6ZRn0rpR4BI/Neo/dwaZ24z
Fr7tkv4MohzGAq5EDtzHRLPAOen5XxVUUZwq0z6xQ8vUfCfD487h/Off/FEvICvg
xA8OGd3y1DN+aZ+e81rjqljcTGXpEPDsG8sxpY30Ac/WlT4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:35 2025 by rpki-client