Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/FtOsqLuCzHnNBQp_FCQ6xxYlCII.roa
File: FtOsqLuCzHnNBQp_FCQ6xxYlCII.roa (raw, json)
Hash identifier: 0E6W8MKkQ5+v/3Zb66NSu8lG+9AMcz++vfngUbEPj1U=
Subject key identifier: 16:D3:AC:A8:BB:82:CC:79:CD:05:0A:7F:14:24:3A:C7:16:25:08:82
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 0C9DDBCF
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/FtOsqLuCzHnNBQp_FCQ6xxYlCII.roa
Signing time: Sun 13 Mar 2022 20:02:55 +0000
ROA not before: Sun 13 Mar 2022 20:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30902
IP address blocks: 87.247.168.0/24 maxlen: 24
87.247.168.0/23 maxlen: 23
87.247.169.0/24 maxlen: 24
87.247.174.0/24 maxlen: 24
87.247.174.0/23 maxlen: 23
87.247.175.0/24 maxlen: 24
87.247.177.0/24 maxlen: 24
87.247.176.0/23 maxlen: 23
87.247.176.0/24 maxlen: 24
78.111.0.0/23 maxlen: 23
78.111.0.0/24 maxlen: 24
78.111.0.0/22 maxlen: 22
78.111.2.0/24 maxlen: 24
78.111.3.0/24 maxlen: 24
78.111.2.0/23 maxlen: 23
78.111.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211672015 (0xc9ddbcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Mar 13 20:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16d3aca8bb82cc79cd050a7f14243ac716250882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:59:83:e2:97:90:c6:6c:82:bc:f3:2f:8f:b8:
b3:48:aa:27:5a:fa:c6:64:6a:bc:cc:3e:7c:ba:37:
78:ff:72:ab:ff:08:0d:9e:34:8d:e0:c6:14:51:10:
48:ec:c2:04:99:e4:ed:3d:43:d0:6e:e4:e8:89:a1:
ee:99:6b:24:29:2e:e8:4f:87:bf:b7:bf:de:a5:34:
a7:72:2a:7c:30:2f:c1:a7:88:9e:89:b2:78:b6:f2:
9f:2f:1b:b0:d1:5a:14:f7:71:46:13:29:c2:7a:16:
2b:43:e0:b2:14:fd:c7:9f:41:d8:68:41:92:53:87:
ae:ce:f2:b6:ed:2e:a2:20:50:5e:09:7f:e4:d2:a4:
67:5f:b4:53:5b:ce:ea:3e:ad:18:9f:a1:4e:55:45:
8d:6f:06:08:23:ad:0c:04:c1:36:17:c1:f4:ea:8b:
37:7b:a9:9e:bd:55:89:a8:e0:dc:3d:db:fb:1a:ba:
3f:c8:a2:65:33:ff:a0:04:88:c3:3c:e1:12:16:b1:
91:76:f2:3f:68:4a:cd:a2:5c:c8:5f:5e:c9:7b:4d:
20:c1:e8:65:8a:e3:ca:7f:98:52:5d:66:62:ec:2e:
56:b3:83:4c:70:0d:75:0b:0d:64:21:b9:9b:3c:81:
bd:92:c2:e2:b7:85:6f:a0:1b:38:9c:c5:d6:a9:15:
75:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D3:AC:A8:BB:82:CC:79:CD:05:0A:7F:14:24:3A:C7:16:25:08:82
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/FtOsqLuCzHnNBQp_FCQ6xxYlCII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.0.0-78.111.4.255
87.247.168.0/23
87.247.174.0-87.247.177.255
Signature Algorithm: sha256WithRSAEncryption
98:d0:2f:64:a6:9c:1d:75:e3:ee:3c:0b:32:ca:bf:7f:5c:54:
9f:14:52:2d:ae:8f:44:97:63:99:56:c4:2c:91:b8:a9:92:d1:
a9:5d:80:43:a9:11:51:97:e1:f5:aa:34:41:bf:b7:a1:b5:31:
1f:b6:55:cc:55:22:07:41:40:3c:04:07:b2:87:65:20:27:85:
d9:06:77:df:f8:fd:7d:73:f6:7c:b3:ea:b5:9f:36:90:f7:14:
d7:f8:05:dd:e3:bb:7a:98:4a:c7:c7:ff:cd:bf:8d:d8:af:a1:
63:9d:ee:cd:32:8d:54:2a:02:75:5f:8e:39:fc:74:35:28:31:
7a:ca:fe:da:fd:e8:85:11:1d:35:a5:ae:dd:6c:4a:76:0d:27:
f4:3e:6b:94:58:e3:3d:fb:ae:6a:2b:8b:57:46:a3:98:f2:2b:
a5:fc:be:d9:65:9f:52:3f:49:fe:a4:b1:b1:a8:3d:85:41:3d:
53:a9:88:8c:f5:38:1a:06:9c:c3:ba:8d:de:31:0e:d6:b6:19:
1e:bb:f2:60:c1:50:e6:e5:9c:39:3c:84:08:cc:30:ba:eb:cb:
e6:92:cc:17:0f:51:a7:bc:47:1e:37:5e:cb:e0:e2:d9:cb:d8:
a8:43:2c:c0:6c:4b:28:39:ab:5d:46:07:e4:3e:01:5e:bf:1d:
95:6f:c1:f2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDJ3bzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTQ5Nzg3NzllOTMwZTAxZmJmZTdlMGM1ZmNiNDE2MTExMjlkNGU4MB4XDTIyMDMx
MzIwMDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZkM2FjYThiYjgy
Y2M3OWNkMDUwYTdmMTQyNDNhYzcxNjI1MDg4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhZg+KXkMZsgrzzL4+4s0iqJ1r6xmRqvMw+fLo3eP9yq/8I
DZ40jeDGFFEQSOzCBJnk7T1D0G7k6Imh7plrJCku6E+Hv7e/3qU0p3IqfDAvwaeI
nomyeLbyny8bsNFaFPdxRhMpwnoWK0PgshT9x59B2GhBklOHrs7ytu0uoiBQXgl/
5NKkZ1+0U1vO6j6tGJ+hTlVFjW8GCCOtDATBNhfB9OqLN3upnr1Viajg3D3b+xq6
P8iiZTP/oASIwzzhEhaxkXbyP2hKzaJcyF9eyXtNIMHoZYrjyn+YUl1mYuwuVrOD
THANdQsNZCG5mzyBvZLC4reFb6AbOJzF1qkVdQ0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQW06you4LMec0FCn8UJDrHFiUIgjAfBgNVHSMEGDAWgBTpSXh3npMOAfv+
fgxfy0FhESnU6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZVbDRkNTZURGdIN19uNE1YOHRCWVJFcDFPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzhkYjI5LWU0NmQtNDFmNC04N2M3LTk1YzQyZTRhODRjMC8x
L0Z0T3NxTHVDekhuTkJRcF9GQ1E2eHhZbENJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzhkYjI5LWU0NmQtNDFmNC04N2M3LTk1YzQyZTRhODRjMC8xLzZVbDRkNTZURGdI
N19uNE1YOHRCWVJFcDFPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwJwQCAAEwITALAwMATm8DBABObwQDBAFX96gwDAME
AVf3rgMEAVf3sDANBgkqhkiG9w0BAQsFAAOCAQEAmNAvZKacHXXj7jwLMsq/f1xU
nxRSLa6PRJdjmVbELJG4qZLRqV2AQ6kRUZfh9ao0Qb+3obUxH7ZVzFUiB0FAPAQH
sodlICeF2QZ33/j9fXP2fLPqtZ82kPcU1/gF3eO7ephKx8f/zb+N2K+hY53uzTKN
VCoCdV+OOfx0NSgxesr+2v3ohREdNaWu3WxKdg0n9D5rlFjjPfuuaiuLV0ajmPIr
pfy+2WWfUj9J/qSxsag9hUE9U6mIjPU4Ggacw7qN3jEO1rYZHrvyYMFQ5uWcOTyE
CMwwuuvL5pLMFw9Rp7xHHjdey+Di2cvYqEMswGxLKDmrXUYH5D4BXr8dlW/B8g==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:49:10 2025 by rpki-client