Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/7Il45mtlezhqkgWRKSVGazvtGqo.roa
File: 7Il45mtlezhqkgWRKSVGazvtGqo.roa (raw, json)
Hash identifier: DcP09g86BOQzoeGOc5rmxIRuzKI28OcnCEc+eMkul3Y=
Subject key identifier: EC:89:78:E6:6B:65:7B:38:6A:92:05:91:29:25:46:6B:3B:ED:1A:AA
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 0195A879A4C3EE88EB8D2B2B2796430115CE
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/7Il45mtlezhqkgWRKSVGazvtGqo.roa
Signing time: Tue 18 Mar 2025 08:58:18 +0000
ROA not before: Tue 18 Mar 2025 08:58:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 78.136.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:79:a4:c3:ee:88:eb:8d:2b:2b:27:96:43:01:15:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Mar 18 08:58:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec8978e66b657b386a9205912925466b3bed1aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:38:ed:46:70:6f:c2:5e:ce:ba:a4:50:67:d2:
e7:b7:e6:36:f6:fa:33:47:58:8a:1a:11:4f:ae:f4:
64:1a:19:ce:49:5e:81:3f:a2:32:d5:b6:06:3e:5a:
13:4c:03:6e:98:4b:c3:9e:95:0c:1b:73:63:9d:f8:
a3:bd:83:a5:b0:9c:15:d5:e4:4d:a0:c6:bb:a2:47:
15:59:63:cd:b7:c3:e4:17:3f:c9:da:00:58:32:f9:
05:df:67:e5:71:45:d4:9b:b3:1e:a0:82:38:49:9c:
b7:d9:3c:0b:34:7c:cf:bc:16:3f:2c:40:15:25:0f:
0e:3e:12:72:a4:9d:59:d7:64:a7:b9:54:7f:19:85:
43:3e:56:0e:d9:40:66:97:51:55:2d:27:9e:64:da:
33:25:26:ea:6f:7b:f9:70:af:24:09:a3:2e:be:35:
a3:5d:56:0d:f4:e0:99:d7:bb:46:40:9c:f2:3d:7c:
3d:c5:ae:b6:9a:af:28:40:8c:40:27:f5:07:2f:f2:
66:fd:78:c0:ce:6f:5b:40:2a:66:8d:f0:b6:72:03:
2d:d0:95:d4:ce:1e:36:fc:02:ff:23:ea:98:28:c7:
41:d8:e2:94:1e:a3:fc:de:aa:11:53:a7:c4:59:55:
7d:2e:15:a6:49:1b:f2:0f:e3:a7:01:41:0f:0a:ad:
cc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:89:78:E6:6B:65:7B:38:6A:92:05:91:29:25:46:6B:3B:ED:1A:AA
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/7Il45mtlezhqkgWRKSVGazvtGqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.254.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e4:d7:4b:0a:02:a9:38:9a:4e:67:35:41:5a:76:8a:72:ef:
6e:46:3c:e5:3b:ce:72:fe:04:c6:c6:7c:a9:a6:88:cb:2e:50:
f0:64:33:ff:8a:f9:e4:b9:8c:8d:fc:44:c2:51:b0:52:aa:26:
0b:92:6b:ce:ab:14:30:2b:1c:d8:d5:d5:16:e6:ed:c6:24:d8:
f4:22:f4:de:b4:59:13:2a:45:41:64:07:75:8c:2d:50:e6:3c:
2d:82:4f:14:8f:77:f3:aa:48:64:e1:6f:80:c2:5e:9a:cf:47:
93:2d:6e:8c:f3:fe:b3:21:f8:dc:9f:af:ce:83:9b:18:8a:e6:
ec:0d:8e:e8:36:4e:a9:7e:82:da:af:3f:d9:42:89:36:37:8c:
9a:fe:07:f6:93:10:87:49:ab:4c:e8:e1:76:d4:7f:60:fc:22:
70:2c:fa:ef:19:cf:d9:f2:e2:c3:7a:3a:f7:f8:44:89:57:83:
9e:05:29:62:17:6a:37:0e:b8:04:21:08:7f:73:6b:6e:88:d5:
7f:96:36:ff:9a:c5:99:46:a9:b4:86:bb:95:e0:7e:08:67:44:
39:cc:06:6d:3a:20:d1:e0:93:fa:e2:a0:d9:93:e9:51:be:91:
f1:a7:bb:6f:5a:26:6f:d2:ba:68:87:0f:7f:65:e2:90:1e:db:
79:b0:61:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWoeaTD7ojrjSsrJ5ZDARXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjUwMzE4MDg1ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg5NzhlNjZiNjU3YjM4NmE5MjA1OTEyOTI1NDY2YjNiZWQxYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzjtRnBvwl7OuqRQZ9Lnt+Y29voz
R1iKGhFPrvRkGhnOSV6BP6Iy1bYGPloTTANumEvDnpUMG3NjnfijvYOlsJwV1eRN
oMa7okcVWWPNt8PkFz/J2gBYMvkF32flcUXUm7MeoII4SZy32TwLNHzPvBY/LEAV
JQ8OPhJypJ1Z12SnuVR/GYVDPlYO2UBml1FVLSeeZNozJSbqb3v5cK8kCaMuvjWj
XVYN9OCZ17tGQJzyPXw9xa62mq8oQIxAJ/UHL/Jm/XjAzm9bQCpmjfC2cgMt0JXU
zh42/AL/I+qYKMdB2OKUHqP83qoRU6fEWVV9LhWmSRvyD+OnAUEPCq3MbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyJeOZrZXs4apIFkSklRms77RqqMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvN0lsNDVtdGxlemhxa2dXUktTVkdhenZ0R3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToj+MA0G
CSqGSIb3DQEBCwUAA4IBAQBk5NdLCgKpOJpOZzVBWnaKcu9uRjzlO85y/gTGxnyp
pojLLlDwZDP/ivnkuYyN/ETCUbBSqiYLkmvOqxQwKxzY1dUW5u3GJNj0IvTetFkT
KkVBZAd1jC1Q5jwtgk8Uj3fzqkhk4W+Awl6az0eTLW6M8/6zIfjcn6/Og5sYiubs
DY7oNk6pfoLarz/ZQok2N4ya/gf2kxCHSatM6OF21H9g/CJwLPrvGc/Z8uLDejr3
+ESJV4OeBSliF2o3DrgEIQh/c2tuiNV/ljb/msWZRqm0hruV4H4IZ0Q5zAZtOiDR
4JP64qDZk+lRvpHxp7tvWiZv0rpohw9/ZeKQHtt5sGGz
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:32:54 2025 by rpki-client