Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/09f918-aced-42a8-8a3a-33e2705b4c3e/1/QSpLuDpXUNkOUkYW39ewmuOjeXU.roa
File: QSpLuDpXUNkOUkYW39ewmuOjeXU.roa (raw, json)
Hash identifier: UG4y2e7y7KNq53LhfMoJNHkpPB6I/mgLmyPvfgQKMd0=
Subject key identifier: 41:2A:4B:B8:3A:57:50:D9:0E:52:46:16:DF:D7:B0:9A:E3:A3:79:75
Certificate issuer: /CN=ce2c505f77dca8117ef0625710744cb359736b19
Certificate serial: 0182DB68BE2475DC47C609118B2C1560F676
Authority key identifier: CE:2C:50:5F:77:DC:A8:11:7E:F0:62:57:10:74:4C:B3:59:73:6B:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zixQX3fcqBF-8GJXEHRMs1lzaxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/09f918-aced-42a8-8a3a-33e2705b4c3e/1/QSpLuDpXUNkOUkYW39ewmuOjeXU.roa
Signing time: Fri 26 Aug 2022 18:27:30 +0000
ROA not before: Fri 26 Aug 2022 18:27:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197290
IP address blocks: 46.31.128.0/23 maxlen: 24
46.31.132.0/23 maxlen: 24
46.31.130.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:db:68:be:24:75:dc:47:c6:09:11:8b:2c:15:60:f6:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce2c505f77dca8117ef0625710744cb359736b19
Validity
Not Before: Aug 26 18:27:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=412a4bb83a5750d90e524616dfd7b09ae3a37975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b2:02:0a:8a:ad:8c:ab:f1:17:16:9f:55:75:
7e:d0:fa:ab:93:cb:aa:30:9c:ea:45:94:03:cb:1e:
5b:1e:19:01:89:2b:a2:34:9a:69:19:65:ce:a7:82:
17:17:a5:64:33:af:66:ca:9f:59:4a:6d:c9:62:2f:
d8:de:1b:fb:92:2e:0a:2e:40:cc:28:d8:94:6a:72:
90:e3:6e:b8:00:92:c7:01:17:d3:ac:10:09:15:85:
da:6c:97:67:c7:bd:65:cb:7a:41:10:db:9c:58:89:
3b:b3:b8:a3:0e:21:bb:92:cd:e0:ef:67:9c:e6:a1:
7e:b5:18:c0:59:96:af:c3:da:5a:23:41:af:98:8d:
dc:11:a4:02:59:57:e5:35:8d:38:0d:34:ca:93:8d:
07:7a:e6:f1:2b:e0:e5:62:ed:e8:e2:4e:93:40:da:
c9:6f:a2:41:6b:7d:aa:18:2c:2b:72:54:7a:0c:3b:
d4:15:ef:bf:cb:4b:aa:a7:fa:0a:94:c5:ae:16:7f:
34:25:e0:1e:67:af:79:6a:9e:c2:23:4f:bb:7a:ce:
c1:82:e8:06:e0:33:1b:3e:6a:9a:cd:5b:03:95:79:
54:10:51:e7:4a:a5:c4:cb:9b:11:0d:c6:4b:1f:90:
14:86:f4:a0:55:09:28:18:fa:2e:ad:3a:6e:fc:75:
20:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2A:4B:B8:3A:57:50:D9:0E:52:46:16:DF:D7:B0:9A:E3:A3:79:75
X509v3 Authority Key Identifier:
keyid:CE:2C:50:5F:77:DC:A8:11:7E:F0:62:57:10:74:4C:B3:59:73:6B:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zixQX3fcqBF-8GJXEHRMs1lzaxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/09f918-aced-42a8-8a3a-33e2705b4c3e/1/QSpLuDpXUNkOUkYW39ewmuOjeXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/09f918-aced-42a8-8a3a-33e2705b4c3e/1/zixQX3fcqBF-8GJXEHRMs1lzaxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.128.0-46.31.133.255
Signature Algorithm: sha256WithRSAEncryption
9e:f7:fb:7b:ae:65:bc:4f:84:e7:1f:5c:c9:ae:9a:2f:d6:6b:
79:fe:b1:0b:8b:da:d4:40:cc:74:c1:ab:6b:bf:47:01:ac:c2:
0c:c5:8a:b9:c3:81:2f:31:1d:9b:ee:a0:a1:93:56:b5:7a:e9:
1c:cd:58:55:ee:d6:8a:69:6a:9c:de:47:ce:7c:fd:03:b7:b7:
bc:d6:f1:e3:75:79:36:63:55:8b:4a:5c:a1:9e:d9:54:09:cb:
ab:e8:a8:cc:fc:36:64:d0:ab:86:31:e9:d5:6e:72:6c:e2:7b:
82:a8:b2:e9:a0:0a:42:d3:8c:27:4f:91:f0:18:04:12:76:a0:
37:17:9b:f5:94:ca:73:fd:c8:24:72:74:9f:1b:c3:bb:1c:78:
c8:e2:1f:03:d0:f1:1d:f8:52:84:a7:e4:4a:59:88:e3:70:a1:
77:dd:d7:37:d9:b0:25:37:09:bc:fd:13:e7:d0:d0:5a:d1:0e:
05:b4:f3:4b:d5:cc:59:72:3a:e8:04:fb:0c:2e:7e:a2:43:d7:
30:76:63:89:99:f3:17:8e:29:c4:21:0c:92:c6:b2:23:33:7d:
90:f9:34:85:d5:c6:67:5f:19:b8:3b:29:59:db:fa:83:42:33:
b7:33:f1:57:b0:8b:e7:ee:82:72:26:a1:f6:61:f1:76:ba:7f:
d3:90:24:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLbaL4kddxHxgkRiywVYPZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMmM1MDVmNzdkY2E4MTE3ZWYwNjI1NzEwNzQ0Y2IzNTk3
MzZiMTkwHhcNMjIwODI2MTgyNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJhNGJiODNhNTc1MGQ5MGU1MjQ2MTZkZmQ3YjA5YWUzYTM3OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLICCoqtjKvxFxafVXV+0Pqrk8uq
MJzqRZQDyx5bHhkBiSuiNJppGWXOp4IXF6VkM69myp9ZSm3JYi/Y3hv7ki4KLkDM
KNiUanKQ4264AJLHARfTrBAJFYXabJdnx71ly3pBENucWIk7s7ijDiG7ks3g72ec
5qF+tRjAWZavw9paI0GvmI3cEaQCWVflNY04DTTKk40HeubxK+DlYu3o4k6TQNrJ
b6JBa32qGCwrclR6DDvUFe+/y0uqp/oKlMWuFn80JeAeZ695ap7CI0+7es7BgugG
4DMbPmqazVsDlXlUEFHnSqXEy5sRDcZLH5AUhvSgVQkoGPourTpu/HUgiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEEqS7g6V1DZDlJGFt/XsJrjo3l1MB8GA1UdIwQY
MBaAFM4sUF933KgRfvBiVxB0TLNZc2sZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveml4UVgzZmNxQkYtOEdKWEVIUk1zMWx6YXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wOWY5MTgtYWNlZC00MmE4LThhM2Et
MzNlMjcwNWI0YzNlLzEvUVNwTHVEcFhVTmtPVWtZVzM5ZXdtdU9qZVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wOWY5MTgtYWNlZC00MmE4LThhM2EtMzNlMjcwNWI0YzNl
LzEveml4UVgzZmNxQkYtOEdKWEVIUk1zMWx6YXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAcuH4AD
BAEuH4QwDQYJKoZIhvcNAQELBQADggEBAJ73+3uuZbxPhOcfXMmumi/Wa3n+sQuL
2tRAzHTBq2u/RwGswgzFirnDgS8xHZvuoKGTVrV66RzNWFXu1oppapzeR858/QO3
t7zW8eN1eTZjVYtKXKGe2VQJy6voqMz8NmTQq4Yx6dVucmzie4KosumgCkLTjCdP
kfAYBBJ2oDcXm/WUynP9yCRydJ8bw7sceMjiHwPQ8R34UoSn5EpZiONwoXfd1zfZ
sCU3Cbz9E+fQ0FrRDgW080vVzFlyOugE+wwufqJD1zB2Y4mZ8xeOKcQhDJLGsiMz
fZD5NIXVxmdfGbg7KVnb+oNCM7cz8Vewi+fugnImofZh8Xa6f9OQJKM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:35:02 2025 by rpki-client