Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/z6bMnWP-hmdvmIhwkaj5Yy-qp9o.roa
File: z6bMnWP-hmdvmIhwkaj5Yy-qp9o.roa (raw, json)
Hash identifier: /X2D5mKbBZCQ+YIcDZWx+YZiRpwGMAL80edVCqIQJ0E=
Subject key identifier: CF:A6:CC:9D:63:FE:86:67:6F:98:88:70:91:A8:F9:63:2F:AA:A7:DA
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 35C5E7EA
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/z6bMnWP-hmdvmIhwkaj5Yy-qp9o.roa
Signing time: Tue 05 Jul 2022 06:20:25 +0000
ROA not before: Tue 05 Jul 2022 06:20:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 78.136.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902162410 (0x35c5e7ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jul 5 06:20:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfa6cc9d63fe86676f98887091a8f9632faaa7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5e:d6:a7:e2:03:a4:aa:0c:5c:e2:37:9f:77:
23:bb:55:71:8f:87:5f:78:9e:2c:18:50:e6:50:13:
a8:59:76:f6:3a:2e:01:3c:ed:25:01:8d:d5:1f:0e:
d0:33:4e:f2:09:a2:e9:6a:08:04:aa:bd:79:7b:3b:
1e:2a:9f:ab:42:da:79:e8:cd:53:39:c8:c5:cf:73:
33:07:2a:7c:80:3c:4e:2f:bc:c1:6c:67:35:98:43:
f9:77:24:2b:db:9e:ee:07:c1:91:ef:41:29:bf:4c:
00:cf:1b:55:7c:05:4a:c5:96:d3:c0:f1:6f:22:1e:
db:da:2e:36:fb:9f:50:80:70:41:a5:9b:50:9e:b2:
7e:45:03:ff:92:8c:58:53:cf:eb:53:28:8a:7e:d5:
dd:dc:ff:3a:13:f7:cc:b5:b3:af:97:9b:fe:10:3c:
5f:49:c7:f6:82:3b:e4:4d:08:99:66:c6:7f:a1:2d:
e2:b4:b3:35:1c:fc:fe:c2:1b:0c:6d:eb:35:7c:15:
1b:73:f0:fe:94:70:f3:8a:16:7e:b5:da:48:28:15:
e7:0b:2e:47:90:1d:13:78:e9:68:55:5d:09:5d:40:
cd:10:f5:c5:ea:74:b1:89:5f:69:62:40:5e:75:4d:
67:82:cc:54:50:c4:e8:cd:dd:12:3f:2b:6b:93:b8:
d2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A6:CC:9D:63:FE:86:67:6F:98:88:70:91:A8:F9:63:2F:AA:A7:DA
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/z6bMnWP-hmdvmIhwkaj5Yy-qp9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.254.0/24
Signature Algorithm: sha256WithRSAEncryption
36:8e:1f:cd:61:81:77:bb:1e:f5:75:35:88:17:8c:6b:d2:67:
61:1b:d8:47:49:4a:10:ae:4c:12:c1:02:56:b0:86:bd:76:38:
e0:14:d7:07:ca:f2:72:bd:bc:78:a2:84:ff:67:45:f5:0c:c3:
20:8d:75:f1:fb:89:c3:45:b7:17:52:48:0d:fe:8b:50:72:fd:
27:3b:92:0b:6a:93:29:72:f5:7e:b8:35:a2:7c:49:6f:ba:65:
8b:a8:90:36:5a:33:34:ab:20:41:34:55:91:47:69:b1:6a:41:
c5:0a:58:1d:4a:eb:f9:a5:eb:2b:15:55:33:7e:85:90:a7:6b:
f5:6c:44:08:56:9e:52:1b:30:fd:c3:5e:2f:4a:c9:e1:e4:87:
d7:57:c9:a1:f7:e0:a5:de:c1:02:61:f1:b8:82:11:6d:17:2d:
1e:80:00:16:83:94:31:8a:69:f4:73:01:a7:56:a4:09:a7:b3:
d0:8b:b8:64:95:6c:31:20:88:c8:31:6b:16:8a:5c:9a:16:cf:
1e:ff:63:b4:9e:9e:a9:ba:75:aa:4b:5e:5c:cb:21:9e:25:a5:
6e:6c:94:e5:cf:c7:7f:2a:18:c1:45:9b:8b:d9:23:6d:d5:4c:
52:05:1a:c9:c1:96:01:ed:2a:34:8a:66:92:b2:db:46:9b:3b:
b2:c6:ce:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENcXn6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjljMjczMDk4YjUyNzY4Y2EwZTQ0YTNhMmMxNmVmZWQ0YTY1Y2EwMB4XDTIyMDcw
NTA2MjAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ZhNmNjOWQ2M2Zl
ODY2NzZmOTg4ODcwOTFhOGY5NjMyZmFhYTdkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZe1qfiA6SqDFziN593I7tVcY+HX3ieLBhQ5lATqFl29jou
ATztJQGN1R8O0DNO8gmi6WoIBKq9eXs7Hiqfq0LaeejNUznIxc9zMwcqfIA8Ti+8
wWxnNZhD+XckK9ue7gfBke9BKb9MAM8bVXwFSsWW08DxbyIe29ouNvufUIBwQaWb
UJ6yfkUD/5KMWFPP61Moin7V3dz/OhP3zLWzr5eb/hA8X0nH9oI75E0ImWbGf6Et
4rSzNRz8/sIbDG3rNXwVG3Pw/pRw84oWfrXaSCgV5wsuR5AdE3jpaFVdCV1AzRD1
xep0sYlfaWJAXnVNZ4LMVFDE6M3dEj8ra5O40l8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPpsydY/6GZ2+YiHCRqPljL6qn2jAfBgNVHSMEGDAWgBRSnCcwmLUnaMoO
RKOiwW7+1KZcoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Vwd25NSmkxSjJqS0RrU2pvc0Z1X3RTbVhLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8x
L3o2Yk1uV1AtaG1kdm1JaHdrYWo1WXktcXA5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8xL1Vwd25NSmkxSjJq
S0RrU2pvc0Z1X3RTbVhLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE6I/jANBgkqhkiG9w0BAQsFAAOC
AQEANo4fzWGBd7se9XU1iBeMa9JnYRvYR0lKEK5MEsECVrCGvXY44BTXB8rycr28
eKKE/2dF9QzDII118fuJw0W3F1JIDf6LUHL9JzuSC2qTKXL1frg1onxJb7pli6iQ
NlozNKsgQTRVkUdpsWpBxQpYHUrr+aXrKxVVM36FkKdr9WxECFaeUhsw/cNeL0rJ
4eSH11fJoffgpd7BAmHxuIIRbRctHoAAFoOUMYpp9HMBp1akCaez0Iu4ZJVsMSCI
yDFrFopcmhbPHv9jtJ6eqbp1qkteXMshniWlbmyU5c/HfyoYwUWbi9kjbdVMUgUa
ycGWAe0qNIpmkrLbRps7ssbOIQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:18:47 2025 by rpki-client