Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/tyI6a2BIfRFLS3kuIvRmvv-1uRA.roa
File: tyI6a2BIfRFLS3kuIvRmvv-1uRA.roa (raw, json)
Hash identifier: rue+SHZqMLTsmVSHkIqBpFSsP2eSrFBh3sih688yhuE=
Subject key identifier: B7:22:3A:6B:60:48:7D:11:4B:4B:79:2E:22:F4:66:BE:FF:B5:B9:10
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 01912B88388EEBBD5BCE5B8434E243AE832B
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/tyI6a2BIfRFLS3kuIvRmvv-1uRA.roa
Signing time: Wed 07 Aug 2024 06:30:33 +0000
ROA not before: Wed 07 Aug 2024 06:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 78.136.249.0/24 maxlen: 24
78.136.250.0/24 maxlen: 24
78.136.251.0/24 maxlen: 24
78.136.252.0/24 maxlen: 24
78.136.253.0/24 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2b:88:38:8e:eb:bd:5b:ce:5b:84:34:e2:43:ae:83:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Aug 7 06:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7223a6b60487d114b4b792e22f466beffb5b910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1e:3e:7f:32:72:82:70:cb:42:ec:b4:cb:cc:
c3:14:63:60:bb:83:2e:a2:04:d1:4d:dd:5c:a5:be:
f8:e7:fa:f1:41:71:38:d4:29:6c:84:b4:eb:8e:dd:
7e:22:55:77:5c:a1:c3:15:00:58:12:1a:e2:30:bb:
b7:1a:f4:49:74:27:4b:be:cb:ba:ee:10:f4:6c:0c:
5a:b6:61:ff:d2:1d:78:02:e4:a5:54:a7:b2:b1:49:
ac:58:3d:7b:89:d3:02:e4:37:49:b4:f3:15:eb:6b:
92:f2:f1:9c:e8:ff:b3:f4:5a:34:f2:ab:70:49:57:
cd:3f:7a:5f:82:e0:b1:4f:2a:df:a2:04:5a:c9:2a:
60:1a:fa:5d:ed:bb:af:38:e0:38:c2:f0:6d:67:e5:
aa:98:78:09:dc:a6:09:ac:70:8d:37:ed:fc:5d:19:
d9:ca:a1:23:5b:b2:75:37:2c:6c:23:60:5f:78:aa:
8b:70:7b:23:9f:b7:0e:e3:e5:42:31:c5:4c:98:03:
ec:3f:fc:77:66:6c:35:f6:a5:5d:30:e4:a8:2a:22:
29:18:a0:a1:45:7a:51:ee:0e:ab:03:9d:6d:c2:b1:
df:0a:05:14:3f:d2:d0:8b:f8:ce:23:b7:71:f4:0f:
72:4d:d8:ea:f4:e4:cd:ab:44:b0:04:19:42:df:12:
11:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:22:3A:6B:60:48:7D:11:4B:4B:79:2E:22:F4:66:BE:FF:B5:B9:10
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/tyI6a2BIfRFLS3kuIvRmvv-1uRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.249.0-78.136.254.255
Signature Algorithm: sha256WithRSAEncryption
2a:18:24:cf:1a:f2:0d:0c:8f:1c:ff:cd:6f:ec:0d:7c:8c:23:
ed:45:d4:9f:92:fe:fd:86:b7:b2:cb:ed:87:33:db:24:3f:dc:
27:2a:e9:1b:55:59:11:a1:37:c3:6c:4d:6a:17:cf:95:44:c6:
01:40:17:20:49:e1:ac:51:9c:98:f6:cb:1b:f7:6a:3a:c4:af:
cf:fb:12:f3:12:64:31:ff:fb:d2:05:e7:55:6b:e8:62:59:71:
a4:8e:97:85:4d:ee:c8:a6:96:6a:db:16:b3:56:5d:89:9b:41:
71:e0:fe:2b:3a:4f:8a:3c:86:43:4c:1d:e6:2e:8c:5d:ca:a5:
8b:ee:af:29:20:77:8f:c5:68:c8:10:69:ae:55:35:6c:da:7f:
31:4d:3a:bc:5b:16:1e:03:40:53:70:27:5a:09:e9:f7:28:ec:
ef:23:59:2e:16:9a:f7:2e:1b:92:1c:8a:e7:c7:40:73:1e:fb:
a0:3a:87:17:b4:31:7e:07:a7:cb:4e:89:09:2b:fa:e2:f4:9c:
b9:54:40:2d:ce:86:75:8e:c3:b4:fa:d1:bc:81:21:fa:00:54:
9c:1f:c0:5a:49:74:30:72:eb:3a:fc:cb:f7:eb:f2:fd:f5:56:
60:14:40:85:2f:68:a5:b3:d7:95:d6:65:9f:2c:45:55:10:3b:
e3:8b:7e:9c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZEriDiO671bzluENOJDroMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjQwODA3MDYzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIyM2E2YjYwNDg3ZDExNGI0Yjc5MmUyMmY0NjZiZWZmYjViOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6x4+fzJygnDLQuy0y8zDFGNgu4Mu
ogTRTd1cpb745/rxQXE41ClshLTrjt1+IlV3XKHDFQBYEhriMLu3GvRJdCdLvsu6
7hD0bAxatmH/0h14AuSlVKeysUmsWD17idMC5DdJtPMV62uS8vGc6P+z9Fo08qtw
SVfNP3pfguCxTyrfogRaySpgGvpd7buvOOA4wvBtZ+WqmHgJ3KYJrHCNN+38XRnZ
yqEjW7J1NyxsI2BfeKqLcHsjn7cO4+VCMcVMmAPsP/x3Zmw19qVdMOSoKiIpGKCh
RXpR7g6rA51twrHfCgUUP9LQi/jOI7dx9A9yTdjq9OTNq0SwBBlC3xIRLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLciOmtgSH0RS0t5LiL0Zr7/tbkQMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvdHlJNmEyQklmUkZMUzNrdUl2Um12di0xdVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABOiPkD
BABOiP4wDQYJKoZIhvcNAQELBQADggEBACoYJM8a8g0Mjxz/zW/sDXyMI+1F1J+S
/v2Gt7LL7Ycz2yQ/3Ccq6RtVWRGhN8NsTWoXz5VExgFAFyBJ4axRnJj2yxv3ajrE
r8/7EvMSZDH/+9IF51Vr6GJZcaSOl4VN7simlmrbFrNWXYmbQXHg/is6T4o8hkNM
HeYujF3KpYvurykgd4/FaMgQaa5VNWzafzFNOrxbFh4DQFNwJ1oJ6fco7O8jWS4W
mvcuG5IciufHQHMe+6A6hxe0MX4Hp8tOiQkr+uL0nLlUQC3OhnWOw7T60byBIfoA
VJwfwFpJdDBy6zr8y/fr8v31VmAUQIUvaKWz15XWZZ8sRVUQO+OLfpw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:32 2025 by rpki-client