Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/nI7_0yC11N7yF7pHrlQ5Y3bpKRo.roa
File: nI7_0yC11N7yF7pHrlQ5Y3bpKRo.roa (raw, json)
Hash identifier: dc+ZRYWlpmCTZ9sdRvIEGVF0exoU5jzY1AUpex1PKhs=
Subject key identifier: 9C:8E:FF:D3:20:B5:D4:DE:F2:17:BA:47:AE:54:39:63:76:E9:29:1A
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0181D4911CE146C2279CD83CCC7E6A483822
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/nI7_0yC11N7yF7pHrlQ5Y3bpKRo.roa
Signing time: Wed 06 Jul 2022 17:31:28 +0000
ROA not before: Wed 06 Jul 2022 17:31:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52044
IP address blocks: 93.113.255.0/24 maxlen: 24
46.102.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d4:91:1c:e1:46:c2:27:9c:d8:3c:cc:7e:6a:48:38:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jul 6 17:31:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c8effd320b5d4def217ba47ae54396376e9291a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b5:f8:e6:99:ef:80:21:0a:8d:f6:df:69:6b:
2f:92:a6:4c:f5:e4:93:83:ec:dc:87:07:ef:10:1f:
9f:b4:f8:56:33:1f:e6:bc:a6:3c:f9:f5:20:0d:81:
a6:f4:e6:a3:a7:9b:dc:cc:41:d1:ff:91:d3:c7:5a:
6b:15:dd:02:16:67:f6:43:3e:bb:4e:67:27:81:cd:
a1:8e:ef:f6:7b:b8:da:0a:ba:37:1c:b6:f4:95:d8:
cc:fd:f6:fa:98:88:90:f0:e9:5c:2b:26:a3:a4:a4:
4f:0b:ea:ec:71:7f:0e:17:d4:e8:6e:26:93:a0:34:
95:26:fd:7f:24:e0:41:8a:c0:77:2a:5f:c8:5f:af:
7d:32:59:cd:f3:c3:b0:c4:1d:c6:19:22:32:19:1f:
7c:2d:46:d8:ac:50:6e:1c:8d:da:76:aa:54:58:13:
e9:15:74:16:ad:cc:1c:87:b6:3d:81:f9:35:86:d8:
e4:03:bb:47:51:10:9e:71:5d:56:ab:24:60:1b:4e:
58:d8:d8:9e:02:02:9a:72:e2:5c:46:c2:99:a4:63:
d7:7e:e6:35:24:1b:dc:34:64:06:d6:91:f2:42:3d:
3a:7c:31:7f:0f:64:e1:ef:43:f5:c7:50:6a:7a:33:
b2:da:90:36:8f:05:f1:78:e8:f0:55:1e:b8:b3:79:
3c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8E:FF:D3:20:B5:D4:DE:F2:17:BA:47:AE:54:39:63:76:E9:29:1A
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/nI7_0yC11N7yF7pHrlQ5Y3bpKRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.175.0/24
93.113.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0d:00:03:57:d3:a4:96:f1:f2:db:65:68:c3:98:c7:52:66:
fb:0f:c7:d1:11:fd:2b:73:92:4c:f8:e5:4f:0b:86:15:90:bc:
13:a8:f8:21:fd:82:cf:17:ff:7a:d9:fd:db:f8:d0:b4:a6:e2:
6c:cb:a4:9a:b2:0b:f2:5b:db:88:6e:ff:2c:5f:88:cb:32:65:
61:7d:bb:bb:1f:72:6e:42:22:2f:89:73:57:53:cf:a3:71:81:
8c:60:ca:9c:6c:fa:d3:60:5a:81:ed:6a:7e:51:28:67:17:7a:
e4:52:33:2a:a0:4d:f9:55:02:d4:e6:f1:2b:34:8a:a6:74:51:
3e:e9:0f:49:01:48:04:ee:bc:70:48:29:3f:c0:99:d7:2b:c7:
b5:ed:4f:81:3c:06:2e:14:2e:20:23:12:74:45:cc:96:d8:5e:
f5:d9:d2:32:de:c4:a5:77:93:7d:66:93:0a:35:de:47:2b:16:
8b:b0:bf:59:93:3a:ae:97:b4:82:68:d8:aa:dc:4a:bc:0d:76:
af:e0:e5:dc:fe:64:c9:b4:d4:69:31:e2:9c:f0:f0:19:fe:59:
cd:b4:89:a8:bb:f2:92:6b:80:2a:ba:0c:64:64:a5:42:e1:48:
ce:3e:ec:6b:10:48:b2:4f:0b:9c:65:c7:14:2c:b1:33:79:f2:
d4:ea:2d:50
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYHUkRzhRsInnNg8zH5qSDgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIwNzA2MTczMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzhlZmZkMzIwYjVkNGRlZjIxN2JhNDdhZTU0Mzk2Mzc2ZTkyOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7X45pnvgCEKjfbfaWsvkqZM9eST
g+zchwfvEB+ftPhWMx/mvKY8+fUgDYGm9Oajp5vczEHR/5HTx1prFd0CFmf2Qz67
Tmcngc2hju/2e7jaCro3HLb0ldjM/fb6mIiQ8OlcKyajpKRPC+rscX8OF9TobiaT
oDSVJv1/JOBBisB3Kl/IX699MlnN88OwxB3GGSIyGR98LUbYrFBuHI3adqpUWBPp
FXQWrcwch7Y9gfk1htjkA7tHURCecV1WqyRgG05Y2NieAgKacuJcRsKZpGPXfuY1
JBvcNGQG1pHyQj06fDF/D2Th70P1x1BqejOy2pA2jwXxeOjwVR64s3k8nwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJyO/9MgtdTe8he6R65UOWN26SkaMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL25JN18weUMxMU43eUY3cEhybFE1WTNicEtSby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAuZq8D
BABdcf8wDQYJKoZIhvcNAQELBQADggEBAH4NAANX06SW8fLbZWjDmMdSZvsPx9ER
/Stzkkz45U8LhhWQvBOo+CH9gs8X/3rZ/dv40LSm4mzLpJqyC/Jb24hu/yxfiMsy
ZWF9u7sfcm5CIi+Jc1dTz6NxgYxgypxs+tNgWoHtan5RKGcXeuRSMyqgTflVAtTm
8Ss0iqZ0UT7pD0kBSATuvHBIKT/Amdcrx7XtT4E8Bi4ULiAjEnRFzJbYXvXZ0jLe
xKV3k31mkwo13kcrFouwv1mTOq6XtIJo2KrcSrwNdq/g5dz+ZMm01Gkx4pzw8Bn+
Wc20iai78pJrgCq6DGRkpULhSM4+7GsQSLJPC5xlxxQssTN58tTqLVA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:38 2025 by rpki-client