Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/94ne_xB-JLBxge0WTj6wE6YYDnw.roa
File: 94ne_xB-JLBxge0WTj6wE6YYDnw.roa (raw, json)
Hash identifier: Zw1y3bSVWv0CxDfSsd8muIFiiz6lx908ll/7exvZrno=
Subject key identifier: F7:89:DE:FF:10:7E:24:B0:71:81:ED:16:4E:3E:B0:13:A6:18:0E:7C
Certificate issuer: /CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Certificate serial: 018789DC3029C67D2B65B859716F19312815
Authority key identifier: CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/94ne_xB-JLBxge0WTj6wE6YYDnw.roa
Signing time: Sun 16 Apr 2023 11:38:41 +0000
ROA not before: Sun 16 Apr 2023 11:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.235.121.0/24 maxlen: 24
37.235.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:89:dc:30:29:c6:7d:2b:65:b8:59:71:6f:19:31:28:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Validity
Not Before: Apr 16 11:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f789deff107e24b07181ed164e3eb013a6180e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b2:58:1f:4a:fe:04:30:15:89:a0:57:af:ea:
19:37:3f:1c:e2:fb:68:1c:ea:ee:06:40:09:18:85:
51:9c:6b:4f:07:76:39:6c:5c:2b:5d:9c:99:82:b6:
1f:07:df:a4:11:23:48:7d:c7:d6:75:d5:ad:12:ba:
80:e8:4d:1e:1a:43:4a:ed:7b:84:66:b9:c8:99:28:
59:a2:46:ec:aa:1c:91:9c:e3:06:33:b5:1a:7f:d9:
5a:39:98:da:be:c2:07:a0:7b:99:f2:7c:e2:0b:e8:
a8:c7:a0:56:5c:4f:ad:6e:3e:16:5d:6a:25:e4:4e:
ad:ec:c8:ea:54:97:cb:9b:19:4d:cd:cf:32:02:27:
a5:0a:ff:95:c2:2d:d9:28:a9:e5:7a:fe:a0:39:0f:
f6:dd:2c:f5:15:da:16:29:8a:4a:17:d8:c4:a7:0e:
78:22:4a:5c:bf:21:a5:3a:a1:0e:7e:05:c6:03:8a:
9b:48:17:d1:ec:65:60:c5:28:21:2d:cb:74:f0:6d:
30:c3:8f:d4:15:dc:94:c0:ad:09:93:e0:35:d9:59:
fb:f1:f2:db:11:ba:31:d0:ff:87:b1:7b:90:1f:dc:
96:c5:e3:19:38:82:d3:87:09:f4:ff:f7:3b:07:27:
cb:ca:55:4c:d1:18:bd:19:7d:a8:a8:90:32:76:53:
85:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:89:DE:FF:10:7E:24:B0:71:81:ED:16:4E:3E:B0:13:A6:18:0E:7C
X509v3 Authority Key Identifier:
keyid:CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/94ne_xB-JLBxge0WTj6wE6YYDnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/zchAgr6W5gnZ3pgI-8N4Zv60xUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.121.0/24
37.235.123.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:8a:1b:10:2d:10:eb:6c:de:ee:a8:5b:af:3a:87:29:c0:be:
91:4e:f3:58:43:64:6c:84:13:8e:89:20:9b:6b:8b:71:87:07:
14:7d:72:8c:84:d4:8b:d4:62:ce:cb:7d:35:3b:6c:c6:67:0c:
19:f7:80:20:60:0e:c3:d3:ad:54:b1:c5:5d:2d:1a:f8:8d:05:
a6:f2:ea:73:65:34:7f:26:f1:99:fd:07:de:ad:86:38:90:6d:
e8:45:cd:36:d2:f4:3b:ee:58:91:b6:3a:39:7e:29:6b:44:4a:
b8:bb:3c:0d:87:75:7e:38:ea:53:ea:7a:78:63:07:35:95:9e:
ce:61:d9:77:0b:ac:c8:aa:fc:97:eb:56:52:6c:52:a9:60:88:
3f:07:b1:94:2c:ad:aa:3f:51:09:ab:c1:c9:74:ff:e9:5d:ed:
29:e5:d6:6c:c4:5a:b4:5f:29:10:2e:6f:8e:d5:ff:49:43:8c:
36:4a:6f:98:6d:23:24:87:e0:6b:37:cb:7e:62:2b:14:20:0e:
32:84:2f:37:71:1d:90:05:65:71:02:35:36:ab:05:19:5f:1c:
59:07:90:b5:b4:6f:fe:3b:6d:e5:45:e8:5b:0f:e0:2f:6f:a6:
20:f2:0c:5c:6f:99:bb:3c:47:f4:ac:23:1c:63:f6:c7:62:b9:
c3:83:49:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeJ3DApxn0rZbhZcW8ZMSgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYzg0MDgyYmU5NmU2MDlkOWRlOTgwOGZiYzM3ODY2ZmVi
NGM1NGIwHhcNMjMwNDE2MTEzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg5ZGVmZjEwN2UyNGIwNzE4MWVkMTY0ZTNlYjAxM2E2MTgwZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7JYH0r+BDAViaBXr+oZNz8c4vto
HOruBkAJGIVRnGtPB3Y5bFwrXZyZgrYfB9+kESNIfcfWddWtErqA6E0eGkNK7XuE
ZrnImShZokbsqhyRnOMGM7Uaf9laOZjavsIHoHuZ8nziC+iox6BWXE+tbj4WXWol
5E6t7MjqVJfLmxlNzc8yAielCv+Vwi3ZKKnlev6gOQ/23Sz1FdoWKYpKF9jEpw54
IkpcvyGlOqEOfgXGA4qbSBfR7GVgxSghLct08G0ww4/UFdyUwK0Jk+A12Vn78fLb
Ebox0P+HsXuQH9yWxeMZOILThwn0//c7ByfLylVM0Ri9GX2oqJAydlOFAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPeJ3v8QfiSwcYHtFk4+sBOmGA58MB8GA1UdIwQY
MBaAFM3IQIK+luYJ2d6YCPvDeGb+tMVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMt
Y2JmMTY0ZThiZTAxLzEvOTRuZV94Qi1KTEJ4Z2UwV1RqNndFNllZRG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMtY2JmMTY0ZThiZTAx
LzEvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJet5AwQA
Jet7MA0GCSqGSIb3DQEBCwUAA4IBAQBNihsQLRDrbN7uqFuvOocpwL6RTvNYQ2Rs
hBOOiSCba4txhwcUfXKMhNSL1GLOy301O2zGZwwZ94AgYA7D061UscVdLRr4jQWm
8upzZTR/JvGZ/QferYY4kG3oRc020vQ77liRtjo5filrREq4uzwNh3V+OOpT6np4
Ywc1lZ7OYdl3C6zIqvyX61ZSbFKpYIg/B7GULK2qP1EJq8HJdP/pXe0p5dZsxFq0
XykQLm+O1f9JQ4w2Sm+YbSMkh+BrN8t+YisUIA4yhC83cR2QBWVxAjU2qwUZXxxZ
B5C1tG/+O23lRehbD+Avb6Yg8gxcb5m7PEf0rCMcY/bHYrnDg0kn
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:10 2025 by rpki-client