Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/SgeyF5FTQcQK3me1LpOa6YhoLGk.roa
File: SgeyF5FTQcQK3me1LpOa6YhoLGk.roa (raw, json)
Hash identifier: 1+1CCPbULC+fiR6W67K0gSc3It0PqLBJ9gPnlXC5YHQ=
Subject key identifier: 4A:07:B2:17:91:53:41:C4:0A:DE:67:B5:2E:93:9A:E9:88:68:2C:69
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 039A78CE
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/SgeyF5FTQcQK3me1LpOa6YhoLGk.roa
Signing time: Sat 01 Jan 2022 00:51:13 +0000
ROA not before: Sat 01 Jan 2022 00:51:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212939
IP address blocks: 195.28.10.0/24 maxlen: 24
195.28.168.0/24 maxlen: 24
195.28.168.0/23 maxlen: 23
195.28.169.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60455118 (0x39a78ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 00:51:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a07b217915341c40ade67b52e939ae988682c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:48:e0:46:80:d4:92:2c:61:a0:da:8b:ff:e0:
47:3e:11:b7:e2:b6:19:ae:9c:af:b8:3e:6d:51:89:
bb:2a:50:80:b0:bb:6c:08:77:62:c1:a5:df:00:3e:
4e:60:6a:eb:6e:78:35:31:80:b4:3c:e7:6d:be:78:
a5:8c:d0:c6:00:34:52:b5:e1:64:92:e5:98:a1:1b:
87:dd:31:d6:a7:98:1b:1f:83:2b:23:a3:c2:cb:fe:
66:8c:a9:74:40:64:bf:27:5c:75:63:b8:ca:27:29:
63:a1:d1:75:8e:69:1b:ee:bc:e2:13:9c:3c:33:c7:
c2:ff:83:c9:f3:ad:1e:b7:34:28:41:ae:13:49:28:
f4:e2:73:f3:72:38:ce:fe:c8:9e:ac:1c:aa:97:f3:
f1:1e:76:ee:80:49:89:be:d1:86:62:c7:08:f6:57:
22:44:31:5e:d1:eb:d7:02:fb:da:90:f9:fa:ea:97:
c4:5e:75:8f:8c:6e:b0:4c:32:b9:79:0b:e7:00:a8:
ff:4e:13:8c:e7:4c:b7:5e:d4:89:5c:52:52:b3:63:
3d:cb:e2:b2:ae:d4:dc:b1:09:f9:d0:c6:62:f3:fa:
04:1f:2b:16:f3:03:0e:d9:8c:a5:a1:fc:4f:e5:03:
65:60:08:b8:49:bc:38:30:35:9a:b7:f5:a8:23:99:
c6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:07:B2:17:91:53:41:C4:0A:DE:67:B5:2E:93:9A:E9:88:68:2C:69
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/SgeyF5FTQcQK3me1LpOa6YhoLGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.10.0/24
195.28.168.0/23
Signature Algorithm: sha256WithRSAEncryption
70:57:27:4e:3c:7b:68:d7:64:7b:49:3e:57:b1:d0:7e:58:eb:
fe:f6:7e:89:c4:6c:37:ff:28:3a:2f:f2:cf:9a:e1:a5:e6:b2:
cd:47:3d:37:6d:dd:a0:c9:22:20:f2:99:03:44:86:dd:4b:bd:
7e:8a:2d:86:68:55:dc:b9:48:4f:74:e6:0f:cb:b7:86:74:c5:
a3:55:17:ba:f1:7a:26:db:d3:26:80:0d:ce:1d:e2:8f:41:51:
63:2c:a0:8d:af:63:d6:ae:0e:0d:ec:d2:54:32:ba:2f:bf:6d:
e2:29:ad:b9:86:12:5b:df:0a:b6:5c:ed:e5:82:ba:b3:fb:5c:
da:e5:ab:16:a9:96:a4:11:a3:8a:fc:ce:d0:cb:f7:cf:b9:7e:
2e:19:6b:60:6f:10:e3:fb:4b:2b:b1:ba:56:58:b9:f6:0d:2a:
6d:a5:a0:df:60:24:54:49:62:fe:71:1e:92:4b:a0:f2:3a:5f:
cd:02:0d:09:52:2a:75:ac:51:88:9d:5c:49:81:6c:2b:c4:a6:
f8:6f:6c:af:f0:da:f5:c1:15:68:2c:4a:a9:79:ae:8c:2f:03:
f2:ea:77:5e:f6:f6:6f:36:2f:43:8d:fc:07:4b:4f:1e:c0:e2:
cb:a4:17:ee:e1:a6:18:11:9b:53:9a:4b:41:5e:62:2f:98:e2:
bb:25:69:b2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA5p4zjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjczNDEwODcwNWE5NTc5NmU4NTc3MTI1ZGQzMDBjNzUxZGZkOWE4MB4XDTIyMDEw
MTAwNTExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGEwN2IyMTc5MTUz
NDFjNDBhZGU2N2I1MmU5MzlhZTk4ODY4MmM2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdI4EaA1JIsYaDai//gRz4Rt+K2Ga6cr7g+bVGJuypQgLC7
bAh3YsGl3wA+TmBq6254NTGAtDznbb54pYzQxgA0UrXhZJLlmKEbh90x1qeYGx+D
KyOjwsv+ZoypdEBkvydcdWO4yicpY6HRdY5pG+684hOcPDPHwv+DyfOtHrc0KEGu
E0ko9OJz83I4zv7Inqwcqpfz8R527oBJib7RhmLHCPZXIkQxXtHr1wL72pD5+uqX
xF51j4xusEwyuXkL5wCo/04TjOdMt17UiVxSUrNjPcvisq7U3LEJ+dDGYvP6BB8r
FvMDDtmMpaH8T+UDZWAIuEm8ODA1mrf1qCOZxpUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRKB7IXkVNBxAreZ7Uuk5rpiGgsaTAfBgNVHSMEGDAWgBSvc0EIcFqVeW6F
dxJd0wDHUd/ZqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IzTkJDSEJhbFhsdWhYY1NYZE1BeDFIZjJhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8x
L1NnZXlGNUZUUWNRSzNtZTFMcE9hNllob0xHay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8xL3IzTkJDSEJhbFhs
dWhYY1NYZE1BeDFIZjJhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMMcCgMEAcMcqDANBgkqhkiG9w0B
AQsFAAOCAQEAcFcnTjx7aNdke0k+V7HQfljr/vZ+icRsN/8oOi/yz5rhpeayzUc9
N23doMkiIPKZA0SG3Uu9foothmhV3LlIT3TmD8u3hnTFo1UXuvF6JtvTJoANzh3i
j0FRYyygja9j1q4ODezSVDK6L79t4imtuYYSW98Ktlzt5YK6s/tc2uWrFqmWpBGj
ivzO0Mv3z7l+LhlrYG8Q4/tLK7G6Vli59g0qbaWg32AkVEli/nEekkug8jpfzQIN
CVIqdaxRiJ1cSYFsK8Sm+G9sr/Da9cEVaCxKqXmujC8D8up3Xvb2bzYvQ438B0tP
HsDiy6QX7uGmGBGbU5pLQV5iL5jiuyVpsg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:17 2025 by rpki-client