Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tjqNorvdv9MRIpWxgfNXy7Qdob0.roa
File: tjqNorvdv9MRIpWxgfNXy7Qdob0.roa (raw, json)
Hash identifier: Y8IUhdMHBIxv5d46xHufKJzvZ31u3oq73SqrQ2aN2ZY=
Subject key identifier: B6:3A:8D:A2:BB:DD:BF:D3:11:22:95:B1:81:F3:57:CB:B4:1D:A1:BD
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01870EE11CC73415B4FF32A9C411F7078FF0
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tjqNorvdv9MRIpWxgfNXy7Qdob0.roa
Signing time: Thu 23 Mar 2023 14:30:46 +0000
ROA not before: Thu 23 Mar 2023 14:30:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204206
IP address blocks: 213.42.84.0/22 maxlen: 24
213.42.48.0/21 maxlen: 24
213.42.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:e1:1c:c7:34:15:b4:ff:32:a9:c4:11:f7:07:8f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Mar 23 14:30:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63a8da2bbddbfd3112295b181f357cbb41da1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:54:23:c2:d6:b4:a7:63:87:7f:51:9b:f9:2c:
23:0e:59:28:21:02:99:fa:30:c7:0d:22:44:92:34:
4d:e7:da:d4:65:ed:1c:85:5c:b8:70:6b:bf:4f:34:
05:9c:32:6b:e7:b1:0f:c3:0d:4b:4a:9b:6c:43:a5:
57:bf:4c:72:6a:19:b2:a9:f4:5e:53:7b:23:29:86:
8f:9b:51:e8:c4:0f:f2:b4:49:22:3f:5a:b8:36:a1:
1a:8e:0d:18:ea:5c:23:c1:af:06:31:1f:26:fa:7d:
7a:0f:19:40:6f:fe:21:63:3c:93:f0:89:01:f3:de:
45:d8:99:c4:07:bb:d2:ab:df:49:c2:84:22:09:df:
59:ec:bf:11:39:05:92:b0:3e:5a:1e:2a:6a:dd:15:
0a:6b:09:7e:a7:c3:d9:35:c3:8d:a1:b3:37:8f:85:
56:3e:cb:09:02:de:b3:da:b1:96:74:0d:85:ba:a2:
7c:4f:63:96:33:0c:5b:83:1a:46:8a:76:8d:27:d0:
78:16:dc:68:69:0b:57:6b:83:2c:2f:e8:40:ff:f8:
d5:47:44:a8:c4:33:e8:38:f6:f3:31:28:2e:03:e7:
0e:f4:03:7c:21:83:73:50:74:9f:6c:98:64:d2:ba:
1a:35:63:4b:81:ec:60:cd:c5:23:a0:d0:92:ed:f9:
df:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3A:8D:A2:BB:DD:BF:D3:11:22:95:B1:81:F3:57:CB:B4:1D:A1:BD
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tjqNorvdv9MRIpWxgfNXy7Qdob0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.42.48.0-213.42.56.255
213.42.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:af:0d:24:6c:0d:86:77:a6:62:7a:cb:3b:de:f9:54:4d:9b:
1e:b2:72:f7:7a:b9:6b:2d:98:94:6b:20:c3:ad:4c:09:00:02:
18:35:0c:83:2c:4d:9a:fc:75:e3:cb:66:cd:b7:b5:27:c4:89:
db:5a:5d:9d:c2:ea:bf:a5:55:fa:be:ce:36:39:b2:fc:2a:74:
6a:69:85:29:84:f5:9a:57:4f:c1:a8:ac:86:e6:62:f6:f8:60:
59:dc:40:a9:7d:ca:a9:20:6e:2a:31:6f:9d:e1:bb:30:14:62:
32:c0:73:73:ed:91:de:f7:c7:fb:e4:80:d7:a8:d4:2e:e7:4a:
a2:e1:6e:97:fa:f7:78:a0:da:32:05:51:4e:62:26:49:78:43:
b5:5c:f2:44:f4:a3:16:31:22:04:5b:d1:57:66:a9:22:b9:fa:
46:52:96:b6:52:e7:81:ac:a6:de:96:28:07:d4:9f:03:eb:d6:
92:b3:5b:05:01:d7:dc:3d:78:e9:78:5d:0c:7d:cf:8b:45:c7:
b7:5e:c3:86:35:66:44:14:b8:fb:4e:15:8b:c8:33:67:5d:2f:
9c:84:fc:d4:a6:cf:71:62:0c:51:5a:fa:8c:08:8d:b9:86:4a:
1e:b8:2e:60:4b:7d:c5:b9:53:db:4b:23:67:9d:bd:7c:76:97:
38:cd:76:79
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYcO4RzHNBW0/zKpxBH3B4/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwMzIzMTQzMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNhOGRhMmJiZGRiZmQzMTEyMjk1YjE4MWYzNTdjYmI0MWRhMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklQjwta0p2OHf1Gb+SwjDlkoIQKZ
+jDHDSJEkjRN59rUZe0chVy4cGu/TzQFnDJr57EPww1LSptsQ6VXv0xyahmyqfRe
U3sjKYaPm1HoxA/ytEkiP1q4NqEajg0Y6lwjwa8GMR8m+n16DxlAb/4hYzyT8IkB
895F2JnEB7vSq99JwoQiCd9Z7L8ROQWSsD5aHipq3RUKawl+p8PZNcONobM3j4VW
PssJAt6z2rGWdA2FuqJ8T2OWMwxbgxpGinaNJ9B4FtxoaQtXa4MsL+hA//jVR0So
xDPoOPbzMSguA+cO9AN8IYNzUHSfbJhk0roaNWNLgexgzcUjoNCS7fnfSQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLY6jaK73b/TESKVsYHzV8u0HaG9MB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvdGpxTm9ydmR2OU1SSXBXeGdmTlh5N1Fkb2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBATVKjAD
BADVKjgDBALVKlQwDQYJKoZIhvcNAQELBQADggEBAF+vDSRsDYZ3pmJ6yzve+VRN
mx6ycvd6uWstmJRrIMOtTAkAAhg1DIMsTZr8dePLZs23tSfEidtaXZ3C6r+lVfq+
zjY5svwqdGpphSmE9ZpXT8GorIbmYvb4YFncQKl9yqkgbioxb53huzAUYjLAc3Pt
kd73x/vkgNeo1C7nSqLhbpf693ig2jIFUU5iJkl4Q7Vc8kT0oxYxIgRb0VdmqSK5
+kZSlrZS54Gspt6WKAfUnwPr1pKzWwUB19w9eOl4XQx9z4tFx7dew4Y1ZkQUuPtO
FYvIM2ddL5yE/NSmz3FiDFFa+owIjbmGSh64LmBLfcW5U9tLI2edvXx2lzjNdnk=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:51:53 2025 by rpki-client