Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/KTLUPQyqh42he5zY6DrU2IyQzNQ.roa
File: KTLUPQyqh42he5zY6DrU2IyQzNQ.roa (raw, json)
Hash identifier: zjqfO6ktovrZnM+z4G76xIFsClRuM1hWMn57+DWJ9wg=
Subject key identifier: 29:32:D4:3D:0C:AA:87:8D:A1:7B:9C:D8:E8:3A:D4:D8:8C:90:CC:D4
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018D170FE4B884E3B0FF4C8DB3F8881D7AC9
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/KTLUPQyqh42he5zY6DrU2IyQzNQ.roa
Signing time: Wed 17 Jan 2024 10:55:33 +0000
ROA not before: Wed 17 Jan 2024 10:55:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26042
IP address blocks: 193.53.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:0f:e4:b8:84:e3:b0:ff:4c:8d:b3:f8:88:1d:7a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 17 10:55:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2932d43d0caa878da17b9cd8e83ad4d88c90ccd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:af:77:0c:df:ad:ef:eb:f0:ea:09:c5:63:6c:
3a:dd:d6:bd:41:73:6e:f0:70:62:52:b1:03:54:20:
24:b1:9c:dd:5c:d1:45:a9:9f:b4:c6:e6:de:32:74:
88:b5:86:9c:f1:6f:c1:1a:c9:be:88:32:f6:de:53:
84:11:20:eb:c0:3d:2c:0d:ba:86:98:f5:c1:db:ab:
cb:ea:bd:78:a4:86:3b:e6:47:79:cf:34:21:f2:b1:
77:23:73:b4:cd:9b:18:a5:ae:47:86:74:33:70:5c:
ac:34:30:89:3c:3b:e0:a5:01:33:4e:06:e4:4d:62:
bc:a6:f0:75:c8:08:84:5d:76:29:a2:52:ee:e2:4b:
c9:e8:74:d6:c2:89:19:76:26:d0:7e:ad:3a:44:bc:
c3:21:48:1f:72:fd:1f:dd:ca:a0:14:a8:89:99:5d:
3d:36:d3:b2:80:5b:f8:62:e8:34:de:98:1c:cc:5b:
3c:e9:4b:ae:f1:ae:14:90:a6:da:a8:ca:ba:0a:ee:
e8:12:97:68:51:c0:be:3d:f9:0d:2f:ee:6d:e9:c7:
0d:45:eb:95:ac:e7:b1:79:39:cf:04:1f:f5:9c:3e:
b9:02:ff:f8:da:49:ef:dd:58:51:4a:0b:f2:fa:6a:
c4:73:e2:62:ba:91:ff:d3:cb:84:c6:6d:58:da:05:
ba:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:32:D4:3D:0C:AA:87:8D:A1:7B:9C:D8:E8:3A:D4:D8:8C:90:CC:D4
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/KTLUPQyqh42he5zY6DrU2IyQzNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.82.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e1:8a:b4:35:d4:2d:9d:13:8a:a0:16:73:09:a0:54:8f:f6:
f7:c3:08:8b:a9:00:44:dc:1d:b7:b3:54:77:35:80:8d:9f:2a:
b1:1d:af:7b:ea:fa:d1:98:46:81:be:cd:64:96:3e:9f:1f:29:
3a:05:c3:f1:37:0e:4a:f4:68:41:b5:fb:0e:d8:ff:68:19:23:
c4:2e:ab:fc:ac:3e:31:8e:59:cd:db:5f:fe:72:46:21:7a:be:
f9:f1:a3:c9:fe:84:ab:9d:ec:68:3b:3b:66:6f:69:b6:13:05:
3d:4b:84:fa:51:b8:4b:cf:75:f4:de:db:91:a2:76:8e:07:7d:
a4:dc:15:46:b9:31:86:28:b2:35:b5:e2:53:f5:75:8e:f1:25:
60:26:6b:40:e9:9f:ef:65:53:63:0e:df:a4:f2:83:a0:b1:03:
e3:a3:e1:75:f3:41:90:d2:d2:48:ff:1c:3b:81:2e:a9:e3:1d:
67:2f:47:b7:d9:fa:2d:6e:cb:d8:50:16:09:13:ef:00:a8:a2:
92:53:7f:8e:9e:3e:5e:95:89:52:8c:22:6a:3d:fd:06:c6:cb:
be:7e:c1:33:94:36:58:74:6d:11:4b:40:d5:49:dc:3f:d8:9b:
8a:21:b5:35:fa:ef:3e:21:6b:ac:4b:f6:c5:76:c2:bd:fe:e5:
80:a6:40:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0XD+S4hOOw/0yNs/iIHXrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQwMTE3MTA1NTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTMyZDQzZDBjYWE4NzhkYTE3YjljZDhlODNhZDRkODhjOTBjY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha93DN+t7+vw6gnFY2w63da9QXNu
8HBiUrEDVCAksZzdXNFFqZ+0xubeMnSItYac8W/BGsm+iDL23lOEESDrwD0sDbqG
mPXB26vL6r14pIY75kd5zzQh8rF3I3O0zZsYpa5HhnQzcFysNDCJPDvgpQEzTgbk
TWK8pvB1yAiEXXYpolLu4kvJ6HTWwokZdibQfq06RLzDIUgfcv0f3cqgFKiJmV09
NtOygFv4Yug03pgczFs86Uuu8a4UkKbaqMq6Cu7oEpdoUcC+PfkNL+5t6ccNReuV
rOexeTnPBB/1nD65Av/42knv3VhRSgvy+mrEc+JiupH/08uExm1Y2gW6/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCky1D0MqoeNoXuc2Og61NiMkMzUMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvS1RMVVBReXFoNDJoZTV6WTZEclUySXlRek5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTVSMA0G
CSqGSIb3DQEBCwUAA4IBAQAu4Yq0NdQtnROKoBZzCaBUj/b3wwiLqQBE3B23s1R3
NYCNnyqxHa976vrRmEaBvs1klj6fHyk6BcPxNw5K9GhBtfsO2P9oGSPELqv8rD4x
jlnN21/+ckYher758aPJ/oSrnexoOztmb2m2EwU9S4T6UbhLz3X03tuRonaOB32k
3BVGuTGGKLI1teJT9XWO8SVgJmtA6Z/vZVNjDt+k8oOgsQPjo+F180GQ0tJI/xw7
gS6p4x1nL0e32fotbsvYUBYJE+8AqKKSU3+Onj5elYlSjCJqPf0Gxsu+fsEzlDZY
dG0RS0DVSdw/2JuKIbU1+u8+IWusS/bFdsK9/uWApkC8
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:31:46 2025 by rpki-client