Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/BBp92CIn3H8DZfE7ghOE5hu24Ts.roa
File: BBp92CIn3H8DZfE7ghOE5hu24Ts.roa (raw, json)
Hash identifier: 80NURLQevG8xPoYfD4IlvK+UNDFwtAt+Q+xiaPeaGJo=
Subject key identifier: 04:1A:7D:D8:22:27:DC:7F:03:65:F1:3B:82:13:84:E6:1B:B6:E1:3B
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 0182CE4EEEE472F63D13B1F1F4C8C23E166D
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/BBp92CIn3H8DZfE7ghOE5hu24Ts.roa
Signing time: Wed 24 Aug 2022 05:24:15 +0000
ROA not before: Wed 24 Aug 2022 05:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41227
IP address blocks: 78.111.1.0/24 maxlen: 24
78.111.6.0/24 maxlen: 24
87.247.171.0/24 maxlen: 24
87.247.172.0/24 maxlen: 24
87.247.170.0/24 maxlen: 24
87.247.173.0/24 maxlen: 24
87.247.178.0/24 maxlen: 24
87.247.184.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ce:4e:ee:e4:72:f6:3d:13:b1:f1:f4:c8:c2:3e:16:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Aug 24 05:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=041a7dd82227dc7f0365f13b821384e61bb6e13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ee:1e:3b:c8:87:e6:1b:b6:37:93:3b:f6:d5:
58:70:8c:a5:95:8c:f1:8d:8c:a8:77:49:74:b2:02:
46:70:ee:53:4b:b6:8b:da:5d:51:4f:01:a4:aa:f0:
a2:b1:f9:dd:0e:df:91:76:da:2a:5b:be:15:38:1d:
19:3b:e2:7d:56:04:2a:3a:33:e9:96:1b:fb:52:1e:
cd:ab:79:b0:a6:99:cd:71:37:c4:dc:a0:4f:1a:08:
c3:ec:bd:c1:c0:8c:98:64:de:58:6b:ea:35:f0:20:
41:9a:49:44:c5:f4:4f:04:ef:c6:1f:f0:f8:e4:b2:
a0:cb:ec:d9:0c:08:ad:e7:3a:df:69:5e:b1:03:29:
e6:b8:9b:bd:70:93:8c:47:c8:b1:49:ad:b3:8e:ef:
db:7e:c6:4d:78:06:18:f6:13:be:7d:97:e1:f8:fe:
3f:33:8e:1e:76:61:f4:ff:7b:3c:c6:33:8e:de:3f:
e8:5b:df:7f:1c:9a:56:7a:36:2c:2e:b1:a1:91:43:
37:75:27:7f:72:ac:24:4b:f1:29:a4:32:18:53:57:
c8:ff:37:56:31:47:71:07:94:dd:f8:08:51:d6:74:
24:0f:f4:39:64:18:70:ff:1f:e6:1b:fe:44:67:d1:
e4:4b:87:25:43:54:a8:8c:74:e9:ce:1b:77:5d:a4:
ad:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1A:7D:D8:22:27:DC:7F:03:65:F1:3B:82:13:84:E6:1B:B6:E1:3B
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/BBp92CIn3H8DZfE7ghOE5hu24Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.1.0/24
78.111.6.0/24
87.247.170.0-87.247.173.255
87.247.178.0/24
87.247.184.0/21
Signature Algorithm: sha256WithRSAEncryption
88:a2:5e:5f:91:20:cb:e2:1c:6f:50:55:98:0a:e1:64:49:1a:
a3:fd:53:87:16:00:be:a8:99:61:de:c2:91:84:bd:8a:8a:a1:
03:12:23:ce:4c:41:d9:b2:3f:de:07:0f:ec:71:15:ae:5f:80:
06:72:42:fe:9a:65:9b:8a:1d:31:b2:48:e0:99:b8:70:e7:fb:
88:c8:19:83:0a:87:42:e9:f0:f1:77:bb:99:75:b0:42:bb:84:
d2:0f:5a:3f:4f:d1:fe:4a:6d:79:38:9d:c1:42:30:29:28:6a:
23:25:56:a0:76:27:ca:75:c5:3e:9a:57:bf:4f:58:b4:46:83:
41:d0:f6:b7:2e:0a:85:b8:29:8f:7f:55:16:d0:9d:65:58:1e:
2f:16:a8:8d:50:82:b6:5e:0b:d4:93:5f:6c:a7:be:01:3a:55:
16:c0:8b:f9:39:ec:9f:41:ff:af:7f:71:93:65:ed:c1:7a:82:
f7:53:7f:19:2b:6a:63:47:d3:ca:61:95:a2:4e:42:f5:2c:ca:
2b:70:0d:68:98:7c:48:d9:53:47:ed:0b:90:7b:17:f1:fe:61:
5c:e0:bb:af:cc:0a:54:e1:6a:3e:43:8e:ea:c3:0a:e5:68:23:
56:56:d0:0a:1c:75:7d:52:14:a5:19:e6:44:d4:54:43:e2:5b:
e6:f6:fd:fd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYLOTu7kcvY9E7Hx9MjCPhZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NDk3ODc3OWU5MzBlMDFmYmZlN2UwYzVmY2I0MTYxMTEy
OWQ0ZTgwHhcNMjIwODI0MDUyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFhN2RkODIyMjdkYzdmMDM2NWYxM2I4MjEzODRlNjFiYjZlMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO4eO8iH5hu2N5M79tVYcIyllYzx
jYyod0l0sgJGcO5TS7aL2l1RTwGkqvCisfndDt+RdtoqW74VOB0ZO+J9VgQqOjPp
lhv7Uh7Nq3mwppnNcTfE3KBPGgjD7L3BwIyYZN5Ya+o18CBBmklExfRPBO/GH/D4
5LKgy+zZDAit5zrfaV6xAynmuJu9cJOMR8ixSa2zju/bfsZNeAYY9hO+fZfh+P4/
M44edmH0/3s8xjOO3j/oW99/HJpWejYsLrGhkUM3dSd/cqwkS/EppDIYU1fI/zdW
MUdxB5Td+AhR1nQkD/Q5ZBhw/x/mG/5EZ9HkS4clQ1SojHTpzht3XaStiwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAQafdgiJ9x/A2XxO4IThOYbtuE7MB8GA1UdIwQY
MBaAFOlJeHeekw4B+/5+DF/LQWERKdToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3Yzct
OTVjNDJlNGE4NGMwLzEvQkJwOTJDSW4zSDhEWmZFN2doT0U1aHUyNFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3YzctOTVjNDJlNGE4NGMw
LzEvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATm8BAwQA
Tm8GMAwDBAFX96oDBAFX96wDBABX97IDBANX97gwDQYJKoZIhvcNAQELBQADggEB
AIiiXl+RIMviHG9QVZgK4WRJGqP9U4cWAL6omWHewpGEvYqKoQMSI85MQdmyP94H
D+xxFa5fgAZyQv6aZZuKHTGySOCZuHDn+4jIGYMKh0Lp8PF3u5l1sEK7hNIPWj9P
0f5KbXk4ncFCMCkoaiMlVqB2J8p1xT6aV79PWLRGg0HQ9rcuCoW4KY9/VRbQnWVY
Hi8WqI1QgrZeC9STX2ynvgE6VRbAi/k57J9B/69/cZNl7cF6gvdTfxkramNH08ph
laJOQvUsyitwDWiYfEjZU0ftC5B7F/H+YVzgu6/MClThaj5DjurDCuVoI1ZW0Aoc
dX1SFKUZ5kTUVEPiW+b2/f0=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:00:25 2025 by rpki-client