Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/HfShp3qDHiyP7iJBt8ctjZwUx78.roa
File: HfShp3qDHiyP7iJBt8ctjZwUx78.roa (raw, json)
Hash identifier: mRxTRkOUUuawEKXev/TGpuq24P+85Hj9y5YuA1ZLrnk=
Subject key identifier: 1D:F4:A1:A7:7A:83:1E:2C:8F:EE:22:41:B7:C7:2D:8D:9C:14:C7:BF
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 34C3463F
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/HfShp3qDHiyP7iJBt8ctjZwUx78.roa
Signing time: Thu 10 Mar 2022 12:02:55 +0000
ROA not before: Thu 10 Mar 2022 12:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 78.136.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885212735 (0x34c3463f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Mar 10 12:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1df4a1a77a831e2c8fee2241b7c72d8d9c14c7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6b:d9:09:86:ff:75:71:96:04:85:95:d5:db:
ce:4b:ad:19:66:7f:5f:ef:7d:5e:7a:bd:30:fc:2e:
dc:a9:d3:87:13:32:dc:56:ce:02:2b:b9:dd:38:f0:
a2:65:4d:c7:04:cb:20:89:03:91:4d:41:98:0b:ab:
18:1e:63:ee:96:1a:9b:c7:8d:5f:5b:da:11:27:c8:
a9:8d:03:58:1d:b0:08:26:82:2c:15:e1:73:31:41:
8d:bf:56:34:1b:89:dc:09:3c:c4:07:02:89:22:15:
60:50:d0:cf:8e:9d:c5:21:53:11:ed:d2:05:6c:f6:
1d:76:86:57:7b:c7:41:4b:ba:ee:62:b5:6d:11:71:
cd:3c:7f:04:fc:e3:fe:e7:0f:34:22:f3:85:76:cf:
b6:a9:10:2c:46:db:75:f8:63:da:dd:fc:19:e6:2b:
a0:33:a8:84:42:1d:b4:b2:b0:c6:bf:5d:a9:e0:31:
14:47:20:06:5c:4b:aa:06:b1:0e:93:f7:54:b2:8f:
28:1d:b7:2a:52:00:db:d3:29:71:78:7b:ca:6d:08:
ab:fd:aa:b3:e3:50:1a:1d:80:c3:1d:5f:7f:7e:b7:
43:28:c6:ce:17:ca:25:5a:47:75:fa:8c:f6:da:29:
92:95:1f:c6:28:20:0e:ca:41:6e:9d:76:8f:f7:0c:
ee:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F4:A1:A7:7A:83:1E:2C:8F:EE:22:41:B7:C7:2D:8D:9C:14:C7:BF
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/HfShp3qDHiyP7iJBt8ctjZwUx78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.204.0/22
Signature Algorithm: sha256WithRSAEncryption
89:b9:3c:09:04:e4:e5:cf:19:26:e4:45:9e:da:2c:3e:12:ca:
82:80:d5:b5:3e:0a:ed:ed:c0:89:80:6f:3e:29:b4:10:d8:19:
00:58:3e:50:cb:85:7b:0c:49:90:cf:55:d7:6b:ba:a8:d6:df:
14:4a:29:5e:50:93:b8:42:b9:b3:04:0e:70:e3:70:44:e9:fa:
c2:39:00:3d:20:70:05:ea:e5:0c:b1:8e:0a:34:1c:46:b7:a9:
12:56:dc:23:2a:4e:7c:d9:e2:5a:54:6d:11:2a:0e:3d:85:6f:
04:3e:85:5d:ae:ef:88:65:3b:69:d9:aa:f9:c0:67:d0:7b:86:
83:6b:d1:1c:a2:df:07:b3:65:bd:d4:2f:ef:d8:5f:0e:70:92:
8a:94:96:53:a5:3a:a2:dc:ea:04:1e:b1:8b:07:ca:d2:78:7b:
b9:5b:fc:a4:ad:7b:04:cf:c1:4b:48:3a:16:11:97:e9:7f:68:
e1:ca:c4:b9:e2:d3:ab:c6:30:1d:68:67:53:77:35:19:a1:01:
8a:c3:88:79:0e:5a:0e:34:1a:a0:02:e7:bf:ad:e3:01:11:0f:
c3:b4:20:0e:aa:91:9d:3b:19:b6:02:c8:27:a1:3f:55:b5:4e:
19:7c:c3:c5:ec:96:6c:c7:d8:23:3f:98:fc:22:0d:97:cd:af:
a7:f9:fc:0a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENMNGPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjljMjczMDk4YjUyNzY4Y2EwZTQ0YTNhMmMxNmVmZWQ0YTY1Y2EwMB4XDTIyMDMx
MDEyMDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRmNGExYTc3YTgz
MWUyYzhmZWUyMjQxYjdjNzJkOGQ5YzE0YzdiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBr2QmG/3VxlgSFldXbzkutGWZ/X+99Xnq9MPwu3KnThxMy
3FbOAiu53TjwomVNxwTLIIkDkU1BmAurGB5j7pYam8eNX1vaESfIqY0DWB2wCCaC
LBXhczFBjb9WNBuJ3Ak8xAcCiSIVYFDQz46dxSFTEe3SBWz2HXaGV3vHQUu67mK1
bRFxzTx/BPzj/ucPNCLzhXbPtqkQLEbbdfhj2t38GeYroDOohEIdtLKwxr9dqeAx
FEcgBlxLqgaxDpP3VLKPKB23KlIA29MpcXh7ym0Iq/2qs+NQGh2Awx1ff363QyjG
zhfKJVpHdfqM9topkpUfxiggDspBbp12j/cM7hsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQd9KGneoMeLI/uIkG3xy2NnBTHvzAfBgNVHSMEGDAWgBRSnCcwmLUnaMoO
RKOiwW7+1KZcoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Vwd25NSmkxSjJqS0RrU2pvc0Z1X3RTbVhLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8x
L0hmU2hwM3FESGl5UDdpSkJ0OGN0alp3VXg3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8xL1Vwd25NSmkxSjJq
S0RrU2pvc0Z1X3RTbVhLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk6IzDANBgkqhkiG9w0BAQsFAAOC
AQEAibk8CQTk5c8ZJuRFntosPhLKgoDVtT4K7e3AiYBvPim0ENgZAFg+UMuFewxJ
kM9V12u6qNbfFEopXlCTuEK5swQOcONwROn6wjkAPSBwBerlDLGOCjQcRrepElbc
IypOfNniWlRtESoOPYVvBD6FXa7viGU7admq+cBn0HuGg2vRHKLfB7NlvdQv79hf
DnCSipSWU6U6otzqBB6xiwfK0nh7uVv8pK17BM/BS0g6FhGX6X9o4crEueLTq8Yw
HWhnU3c1GaEBisOIeQ5aDjQaoALnv63jAREPw7QgDqqRnTsZtgLIJ6E/VbVOGXzD
xeyWbMfYIz+Y/CINl82vp/n8Cg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:43:09 2025 by rpki-client