Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/u-Ld0JSV4Sx2PXy2J0_8lDIxo3A.roa
File: u-Ld0JSV4Sx2PXy2J0_8lDIxo3A.roa (raw, json)
Hash identifier: DILSVGOgUwvV62ztX+a7CtwUrOSCdGw6V1fPvBCS5yU=
Subject key identifier: BB:E2:DD:D0:94:95:E1:2C:76:3D:7C:B6:27:4F:FC:94:32:31:A3:70
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 0C9C55C2
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/u-Ld0JSV4Sx2PXy2J0_8lDIxo3A.roa
Signing time: Sun 13 Mar 2022 19:39:15 +0000
ROA not before: Sun 13 Mar 2022 19:39:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.4.0/23 maxlen: 23
78.111.0.0/21 maxlen: 21
87.247.172.0/23 maxlen: 23
87.247.168.0/21 maxlen: 21
87.247.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211572162 (0xc9c55c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Mar 13 19:39:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbe2ddd09495e12c763d7cb6274ffc943231a370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dc:de:df:96:9e:19:53:d3:1d:e1:71:5e:29:
b8:58:62:21:ca:a8:a6:03:f4:5d:7e:86:cf:ad:82:
52:9c:2c:98:f6:1f:45:aa:d7:2c:1f:5b:ec:cc:dc:
4e:7a:65:e5:72:4b:32:e5:06:b7:ed:1e:00:0b:3d:
b8:fd:2e:32:3d:5b:c5:5e:6e:04:70:fa:e3:65:cf:
1d:8f:84:5c:af:ad:5c:42:de:1f:42:0f:f4:b3:e6:
40:98:9b:f2:6c:35:69:c5:b6:d3:9f:e3:d1:4a:a3:
ee:30:70:a8:df:e6:18:07:88:94:5f:7d:7e:cb:2d:
9d:6b:b4:02:06:ee:ef:9d:fe:c6:b2:ae:12:90:03:
ec:91:f8:99:2f:12:f4:ad:53:1b:20:9b:ae:b3:ac:
a2:8f:a3:28:c4:4b:60:06:ec:f3:6f:40:7b:d8:9d:
00:05:82:97:15:6c:e3:2f:a5:d2:e9:f7:8b:d1:0b:
61:8b:5f:f4:b7:fc:c0:cc:c6:f3:4f:fd:a3:ad:56:
b7:cb:f3:f6:22:e2:d6:fa:8c:78:88:2d:e0:6f:65:
f7:1f:06:69:3c:11:ed:78:0a:cb:95:da:59:02:89:
32:89:27:77:a0:ac:f0:2c:f2:df:bc:eb:a9:6b:ee:
4f:fe:14:7d:d7:bd:20:9e:50:07:3c:c8:90:70:81:
82:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E2:DD:D0:94:95:E1:2C:76:3D:7C:B6:27:4F:FC:94:32:31:A3:70
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/u-Ld0JSV4Sx2PXy2J0_8lDIxo3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.0.0/21
87.247.168.0/21
Signature Algorithm: sha256WithRSAEncryption
05:4a:da:95:19:9a:68:c8:15:8f:bd:80:14:95:4b:51:63:8e:
bf:c5:64:ad:9b:a4:fd:b6:58:01:96:fe:0c:bf:c3:bf:5b:f4:
7a:f9:04:8f:ad:98:d2:1e:06:94:76:b4:3d:36:90:28:28:82:
f3:23:6a:f7:6f:95:5c:f7:7d:5d:06:bf:3a:aa:3b:ae:cd:0d:
63:93:66:87:5b:e6:6f:76:3e:10:02:1c:38:6b:9f:79:50:dd:
27:c6:2e:71:b2:fa:ce:f4:ff:fd:90:11:93:d1:ab:47:18:6d:
2b:60:3d:27:fe:f7:22:a1:14:04:34:2c:53:2a:3b:ec:c4:84:
db:cb:99:35:e6:12:7d:d0:9c:24:f0:44:d8:3d:a6:c4:83:ae:
a5:1e:96:24:e2:da:0e:71:02:4f:3f:c3:d3:42:be:f9:b3:da:
e7:d7:3d:92:95:30:98:d0:2e:5f:cd:8d:d6:0c:78:c5:66:87:
ac:0f:1e:bd:2e:b5:80:07:7f:56:61:c4:ee:67:f5:37:ae:dc:
8a:dd:77:0d:a1:8a:77:f2:3a:d3:36:1c:03:2f:ec:97:69:02:
90:57:8c:7a:30:8e:5d:eb:9a:9f:dc:18:b0:a2:18:a3:84:78:
f9:9f:41:9f:0f:95:38:dc:67:bf:04:99:0a:f5:a8:c2:9e:07:
78:02:2a:ac
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDJxVwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTQ5Nzg3NzllOTMwZTAxZmJmZTdlMGM1ZmNiNDE2MTExMjlkNGU4MB4XDTIyMDMx
MzE5MzkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJlMmRkZDA5NDk1
ZTEyYzc2M2Q3Y2I2Mjc0ZmZjOTQzMjMxYTM3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvc3t+WnhlT0x3hcV4puFhiIcqopgP0XX6Gz62CUpwsmPYf
RarXLB9b7MzcTnpl5XJLMuUGt+0eAAs9uP0uMj1bxV5uBHD642XPHY+EXK+tXELe
H0IP9LPmQJib8mw1acW205/j0Uqj7jBwqN/mGAeIlF99fsstnWu0Agbu753+xrKu
EpAD7JH4mS8S9K1TGyCbrrOsoo+jKMRLYAbs829Ae9idAAWClxVs4y+l0un3i9EL
YYtf9Lf8wMzG80/9o61Wt8vz9iLi1vqMeIgt4G9l9x8GaTwR7XgKy5XaWQKJMokn
d6Cs8Czy37zrqWvuT/4Ufde9IJ5QBzzIkHCBgp0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS74t3QlJXhLHY9fLYnT/yUMjGjcDAfBgNVHSMEGDAWgBTpSXh3npMOAfv+
fgxfy0FhESnU6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZVbDRkNTZURGdIN19uNE1YOHRCWVJFcDFPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzhkYjI5LWU0NmQtNDFmNC04N2M3LTk1YzQyZTRhODRjMC8x
L3UtTGQwSlNWNFN4MlBYeTJKMF84bERJeG8zQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzhkYjI5LWU0NmQtNDFmNC04N2M3LTk1YzQyZTRhODRjMC8xLzZVbDRkNTZURGdI
N19uNE1YOHRCWVJFcDFPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA05vAAMEA1f3qDANBgkqhkiG9w0B
AQsFAAOCAQEABUralRmaaMgVj72AFJVLUWOOv8VkrZuk/bZYAZb+DL/Dv1v0evkE
j62Y0h4GlHa0PTaQKCiC8yNq92+VXPd9XQa/Oqo7rs0NY5Nmh1vmb3Y+EAIcOGuf
eVDdJ8YucbL6zvT//ZARk9GrRxhtK2A9J/73IqEUBDQsUyo77MSE28uZNeYSfdCc
JPBE2D2mxIOupR6WJOLaDnECTz/D00K++bPa59c9kpUwmNAuX82N1gx4xWaHrA8e
vS61gAd/VmHE7mf1N67cit13DaGKd/I60zYcAy/sl2kCkFeMejCOXeuan9wYsKIY
o4R4+Z9Bnw+VONxnvwSZCvWowp4HeAIqrA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:43:57 2025 by rpki-client