Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/yVJzN61BE2CbqMYgPpACXypYZOE.roa
File: yVJzN61BE2CbqMYgPpACXypYZOE.roa (raw, json)
Hash identifier: hGhx3Arvl/CPllqss+6FyQl2G2h35qOvYzK82QSONeQ=
Subject key identifier: C9:52:73:37:AD:41:13:60:9B:A8:C6:20:3E:90:02:5F:2A:58:64:E1
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: F48253
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/yVJzN61BE2CbqMYgPpACXypYZOE.roa
Signing time: Mon 25 Apr 2022 03:03:10 +0000
ROA not before: Mon 25 Apr 2022 03:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210000
IP address blocks: 176.119.223.0/24 maxlen: 24
194.156.188.0/24 maxlen: 24
2a12:3fc0::/44 maxlen: 44
2a12:3fc0:7d12::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16024147 (0xf48253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Apr 25 03:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9527337ad4113609ba8c6203e90025f2a5864e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:f8:a7:3f:02:7f:93:14:f6:25:12:c2:e2:
6d:ee:9e:09:fd:8f:fc:78:d0:7e:f1:f6:29:a0:90:
05:8a:c4:0d:2a:82:19:7f:6b:28:20:20:e8:c7:2b:
a4:09:5c:0b:7d:14:1f:c4:b4:05:ed:10:19:b9:fa:
f9:20:64:b5:b3:99:ca:ae:1f:c5:3d:d0:80:f2:b9:
9a:2d:f2:42:58:3d:96:81:24:10:89:fc:b6:ad:3d:
52:6e:ab:cc:b1:2f:32:a7:b0:10:ec:69:d2:3c:b3:
83:83:5f:a5:e3:85:d3:44:6e:39:d4:07:08:0f:d5:
39:37:37:30:ae:9e:8f:f8:06:3a:13:09:14:a2:1f:
8e:27:54:68:fb:9c:9f:ae:55:a7:06:04:a6:d7:18:
9f:31:78:a4:43:2e:ca:14:97:74:7e:7f:55:8b:a7:
12:cf:bb:8e:5b:af:52:08:ae:26:fb:36:fe:27:d3:
7a:dc:59:46:1e:7c:bb:3f:e8:a2:07:d3:36:cc:44:
27:a4:d4:cd:73:1b:42:09:f5:7b:19:9a:f8:f5:3f:
c6:28:4c:ac:37:b7:fc:f7:29:13:21:56:9e:65:84:
85:42:0a:b8:59:d3:2a:e8:bd:1e:f1:7e:fe:2e:e1:
a4:bc:06:77:5b:b3:a5:c4:a3:d2:56:78:27:a3:97:
4a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:52:73:37:AD:41:13:60:9B:A8:C6:20:3E:90:02:5F:2A:58:64:E1
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/yVJzN61BE2CbqMYgPpACXypYZOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.223.0/24
194.156.188.0/24
IPv6:
2a12:3fc0::/44
2a12:3fc0:7d12::/48
Signature Algorithm: sha256WithRSAEncryption
9c:e8:57:e8:3b:91:84:8b:48:8a:2c:c5:8f:ae:c2:bb:90:d0:
77:4b:4a:59:e2:9e:01:71:cc:c2:cd:71:8b:e3:22:27:f4:35:
b0:53:fd:ad:34:98:b4:30:73:5e:be:52:06:6f:51:50:e8:5f:
c4:b8:77:a9:b0:eb:e9:42:13:2a:1b:2f:24:d4:05:a9:33:cf:
8f:f7:99:8f:54:4f:ee:7e:b3:4a:76:ea:ae:f1:bc:e8:dd:1b:
e5:cf:67:71:5f:f8:ec:a1:0e:c0:6a:e7:62:fe:40:b4:cf:37:
d4:93:d1:39:8c:db:38:a5:8e:23:a7:f1:e6:44:4c:7f:8f:be:
5b:46:d6:ee:cc:da:70:e1:d9:e5:2d:86:79:09:11:3c:4f:24:
94:04:86:89:62:45:ab:db:3a:c2:46:dd:b6:66:3e:3f:98:e2:
5c:d2:b8:e0:cf:f1:2c:e6:db:3a:52:e7:22:93:48:29:13:e8:
de:57:51:bd:a7:cb:39:20:50:d1:ea:41:da:93:e0:a8:d3:53:
76:1c:f4:31:07:6c:20:90:e0:e9:5d:a1:95:ca:bd:2a:1d:ba:
40:75:a8:ba:70:b5:4d:72:5f:95:a5:fa:c5:30:16:c7:33:72:
1a:46:60:43:e5:cc:d5:40:4d:f2:8a:9a:ee:26:61:1a:f6:dc:
fd:a8:08:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEAPSCUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OThmN2IxZmQ4MDJiM2RjNmFiZDdhNWNkYTc4NmE2MzExZTFkNjNkMB4XDTIyMDQy
NTAzMDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk1MjczMzdhZDQx
MTM2MDliYThjNjIwM2U5MDAyNWYyYTU4NjRlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXd+Kc/An+TFPYlEsLibe6eCf2P/HjQfvH2KaCQBYrEDSqC
GX9rKCAg6McrpAlcC30UH8S0Be0QGbn6+SBktbOZyq4fxT3QgPK5mi3yQlg9loEk
EIn8tq09Um6rzLEvMqewEOxp0jyzg4NfpeOF00RuOdQHCA/VOTc3MK6ej/gGOhMJ
FKIfjidUaPucn65VpwYEptcYnzF4pEMuyhSXdH5/VYunEs+7jluvUgiuJvs2/ifT
etxZRh58uz/oogfTNsxEJ6TUzXMbQgn1exma+PU/xihMrDe3/PcpEyFWnmWEhUIK
uFnTKui9HvF+/i7hpLwGd1uzpcSj0lZ4J6OXSg8CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTJUnM3rUETYJuoxiA+kAJfKlhk4TAfBgNVHSMEGDAWgBR5j3sf2AKz3Gq9
elzaeGpjEeHWPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VZOTdIOWdDczl4cXZYcGMybmhxWXhIaDFqMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMzA4ODNhLTE2ZDctNDIxMi05MTk5LTA5ZDBhYTI4ZTU1MS8x
L3lWSnpONjFCRTJDYnFNWWdQcEFDWHlwWVpPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MzA4ODNhLTE2ZDctNDIxMi05MTk5LTA5ZDBhYTI4ZTU1MS8xL2VZOTdIOWdDczl4
cXZYcGMybmhxWXhIaDFqMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEALB33wMEAMKcvDAYBAIAAjASAwcE
KhI/wAAAAwcAKhI/wH0SMA0GCSqGSIb3DQEBCwUAA4IBAQCc6FfoO5GEi0iKLMWP
rsK7kNB3S0pZ4p4BcczCzXGL4yIn9DWwU/2tNJi0MHNevlIGb1FQ6F/EuHepsOvp
QhMqGy8k1AWpM8+P95mPVE/ufrNKduqu8bzo3Rvlz2dxX/jsoQ7Aaudi/kC0zzfU
k9E5jNs4pY4jp/HmREx/j75bRtbuzNpw4dnlLYZ5CRE8TySUBIaJYkWr2zrCRt22
Zj4/mOJc0rjgz/Es5ts6Uucik0gpE+jeV1G9p8s5IFDR6kHak+Co01N2HPQxB2wg
kODpXaGVyr0qHbpAdai6cLVNcl+VpfrFMBbHM3IaRmBD5czVQE3yipruJmEa9tz9
qAjO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:33 2025 by rpki-client