Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/D1mc9pRvD2MNbhRr98IPSXlct6U.roa
File: D1mc9pRvD2MNbhRr98IPSXlct6U.roa (raw, json)
Hash identifier: 2Atq3EwCdzvAwK5TIhwwhfKG6CfpT3sZb+dLe4BBlts=
Subject key identifier: 0F:59:9C:F6:94:6F:0F:63:0D:6E:14:6B:F7:C2:0F:49:79:5C:B7:A5
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 01912B88394C9362429A9A215A9EA3248F2E
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/D1mc9pRvD2MNbhRr98IPSXlct6U.roa
Signing time: Wed 07 Aug 2024 06:30:33 +0000
ROA not before: Wed 07 Aug 2024 06:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 78.136.250.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2b:88:39:4c:93:62:42:9a:9a:21:5a:9e:a3:24:8f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Aug 7 06:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f599cf6946f0f630d6e146bf7c20f49795cb7a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:94:6f:32:06:e0:46:5b:74:15:ff:bd:62:0e:
ed:6a:72:2c:d0:38:a7:36:b4:e6:bc:a3:f1:5e:cc:
2f:13:23:3b:97:02:63:70:96:42:af:f7:88:35:a3:
fb:17:75:af:78:86:c5:e6:aa:e6:dc:e1:cf:16:b1:
9e:0b:92:37:d2:3a:fe:1f:e1:b1:3e:ca:e7:44:e9:
91:0e:c5:2d:92:16:34:f1:3d:63:b1:8a:6b:eb:f2:
72:0d:0c:b5:fa:7e:00:b7:12:36:2f:3b:09:99:79:
ce:ff:08:f1:4b:01:7e:a8:79:51:37:58:f4:d6:6f:
36:38:99:18:1c:55:eb:8b:c8:de:57:3d:0d:fe:af:
a1:ac:69:a2:72:c5:a7:e4:7a:20:ba:e9:5c:60:b7:
7f:5c:39:cd:b5:57:03:77:fa:89:6c:b3:68:79:c3:
94:46:b1:a8:78:66:0d:71:6f:1b:ea:6b:22:1d:b4:
df:10:9e:85:d0:ab:06:22:63:38:7d:ee:1b:fe:c7:
bc:7a:3b:b6:55:b7:10:ea:64:14:07:4a:46:2c:87:
42:ee:67:c5:44:cb:c8:70:40:5b:40:59:06:c5:a5:
5b:04:f8:ad:73:f8:90:43:07:a0:52:e1:16:02:f9:
d3:69:4b:ff:67:a9:c7:46:6d:d4:c0:08:e5:5d:0d:
f1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:59:9C:F6:94:6F:0F:63:0D:6E:14:6B:F7:C2:0F:49:79:5C:B7:A5
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/D1mc9pRvD2MNbhRr98IPSXlct6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.250.0-78.136.254.255
Signature Algorithm: sha256WithRSAEncryption
42:7c:bc:ff:df:cb:07:38:d1:76:fa:cd:ca:4e:cd:b1:3c:05:
e2:d0:d8:ab:42:a8:f4:9c:e3:d7:9c:85:1c:d4:bc:7c:24:84:
83:48:d4:e9:7e:ab:fc:25:26:1f:63:03:b9:81:10:5e:74:32:
84:b6:ee:55:89:84:bd:db:31:70:c1:f2:3f:ad:04:88:50:82:
60:0f:8f:7f:16:32:c6:7c:01:80:70:36:fc:14:80:4e:ad:fa:
6e:85:87:7f:59:22:8e:0a:6e:8e:14:d6:96:a7:d4:6c:75:b6:
29:38:e4:de:c6:cf:2c:d2:14:3e:f6:8a:34:a3:ee:b2:31:cf:
5a:f0:b2:eb:34:15:80:e2:8a:fc:ad:4c:d2:a3:c1:2f:86:36:
13:0f:73:d4:36:2e:2f:ae:d6:38:7d:81:66:36:30:d8:55:0d:
67:75:b6:55:3e:15:3a:1d:26:51:e8:c8:8e:7e:83:02:7d:27:
19:26:c6:f2:70:22:c2:81:09:a9:54:fe:ee:d3:63:3f:b0:42:
a9:87:c2:d5:71:5f:88:e6:76:f6:5e:5e:b0:47:06:b3:2e:a8:
30:b8:9d:a5:ba:40:6a:5a:3c:e9:4d:b3:6d:94:1e:72:0e:37:
45:50:e8:f1:e0:f6:6c:fa:cb:26:d9:f3:0b:bb:fb:d7:3a:9c:
34:ab:ef:be
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZEriDlMk2JCmpohWp6jJI8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjQwODA3MDYzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU5OWNmNjk0NmYwZjYzMGQ2ZTE0NmJmN2MyMGY0OTc5NWNiN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJRvMgbgRlt0Ff+9Yg7tanIs0Din
NrTmvKPxXswvEyM7lwJjcJZCr/eINaP7F3WveIbF5qrm3OHPFrGeC5I30jr+H+Gx
PsrnROmRDsUtkhY08T1jsYpr6/JyDQy1+n4AtxI2LzsJmXnO/wjxSwF+qHlRN1j0
1m82OJkYHFXri8jeVz0N/q+hrGmicsWn5HoguulcYLd/XDnNtVcDd/qJbLNoecOU
RrGoeGYNcW8b6msiHbTfEJ6F0KsGImM4fe4b/se8eju2VbcQ6mQUB0pGLIdC7mfF
RMvIcEBbQFkGxaVbBPitc/iQQwegUuEWAvnTaUv/Z6nHRm3UwAjlXQ3xDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA9ZnPaUbw9jDW4Ua/fCD0l5XLelMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvRDFtYzlwUnZEMk1OYmhScjk4SVBTWGxjdDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFOiPoD
BABOiP4wDQYJKoZIhvcNAQELBQADggEBAEJ8vP/fywc40Xb6zcpOzbE8BeLQ2KtC
qPSc49echRzUvHwkhINI1Ol+q/wlJh9jA7mBEF50MoS27lWJhL3bMXDB8j+tBIhQ
gmAPj38WMsZ8AYBwNvwUgE6t+m6Fh39ZIo4Kbo4U1pan1Gx1tik45N7GzyzSFD72
ijSj7rIxz1rwsus0FYDiivytTNKjwS+GNhMPc9Q2Li+u1jh9gWY2MNhVDWd1tlU+
FTodJlHoyI5+gwJ9JxkmxvJwIsKBCalU/u7TYz+wQqmHwtVxX4jmdvZeXrBHBrMu
qDC4naW6QGpaPOlNs22UHnION0VQ6PHg9mz6yybZ8wu7+9c6nDSr774=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:58 2025 by rpki-client