Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/24Z4TCTPwgzvie-gobg1-5uzU9w.roa
File: 24Z4TCTPwgzvie-gobg1-5uzU9w.roa (raw, json)
Hash identifier: o6bIQ11jKK1i6cOfE8jo3bSo8pFMwfK2IN+Zpi/v9Dw=
Subject key identifier: DB:86:78:4C:24:CF:C2:0C:EF:89:EF:A0:A1:B8:35:FB:9B:B3:53:DC
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58BD12FC8B4247E2D351199E5249B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/24Z4TCTPwgzvie-gobg1-5uzU9w.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214693
IP address blocks: 83.147.222.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8b:d1:2f:c8:b4:24:7e:2d:35:11:99:e5:24:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db86784c24cfc20cef89efa0a1b835fb9bb353dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:34:bb:0e:96:57:2b:63:0f:d8:6d:63:40:41:
0b:a3:1a:5a:e2:ac:b1:d8:f7:5a:3b:d8:d0:b6:99:
93:32:04:d2:55:7c:0c:fc:e7:21:f3:07:c9:f5:1d:
6c:e1:f6:3f:41:46:1f:9d:c4:dd:89:e3:1d:f8:ef:
e8:17:c4:6a:f7:e7:c0:94:01:92:c7:78:c3:b4:ee:
55:d7:47:f3:94:48:13:c9:99:8d:81:0a:b9:fc:1c:
0e:9f:24:66:a7:82:c5:bf:d6:5d:0d:90:c2:c6:79:
79:4d:75:7f:03:b2:eb:1c:2b:f9:a7:3d:ba:dc:b9:
17:64:6b:4e:9e:6b:d6:29:6c:dc:10:fe:69:d7:f4:
c7:b9:5c:21:4f:36:bf:fb:6e:cf:c4:8f:aa:1b:75:
06:51:33:d8:cb:f9:6e:7c:49:f7:70:a2:ad:26:81:
94:69:3a:15:26:9c:31:2a:1c:d1:d0:7b:0d:ee:a8:
0c:bf:18:f2:13:39:8a:37:9d:da:73:9d:2b:5a:2b:
e2:eb:b2:62:8f:b0:52:11:7c:9f:f5:d3:be:64:0c:
09:d2:f5:3d:71:e3:38:0c:e9:e9:3a:a1:08:48:02:
6b:59:02:21:8c:b4:52:18:45:8d:2a:9a:1b:0e:ea:
18:08:2a:76:d3:28:17:c0:4d:54:4a:9d:2b:cc:cb:
86:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:86:78:4C:24:CF:C2:0C:EF:89:EF:A0:A1:B8:35:FB:9B:B3:53:DC
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/24Z4TCTPwgzvie-gobg1-5uzU9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0e:78:59:ba:93:cf:50:d1:73:80:eb:1f:3e:ad:97:df:de:
47:f5:c7:d0:5d:97:b1:ac:6b:07:d6:90:af:ee:bc:ec:ee:07:
77:c0:3c:07:f3:ca:26:d2:61:36:36:61:dc:71:d9:fd:43:54:
62:9f:4d:f6:1f:3c:65:28:65:d6:66:80:8b:08:f9:d0:42:e0:
a8:df:d8:b4:2f:fd:9d:4b:26:ac:0a:2a:3b:8e:0f:4d:a0:d1:
15:5b:6c:4f:44:01:7e:0c:04:f1:67:25:54:29:9b:fc:2b:b6:
5d:68:ed:c9:9e:65:8b:46:f7:46:5c:80:7f:09:98:57:48:c4:
66:e9:b3:29:fd:f8:48:cf:64:de:19:71:8d:bc:d9:27:de:1a:
87:84:2a:13:2d:0c:e7:a6:34:4d:db:26:ee:fa:5c:cc:2e:29:
c9:b3:a6:53:05:9e:27:d9:3a:ef:ba:15:ec:64:55:a6:9d:6a:
48:1d:10:41:2b:a9:d4:59:f5:9d:14:08:5e:55:bc:b0:ba:43:
31:08:07:c5:16:26:42:1e:26:06:6a:16:26:17:30:29:cb:a8:
e6:5a:8b:b8:26:23:78:00:c6:89:fb:77:10:f6:c6:50:29:84:
5e:01:56:1e:e2:9c:fa:1f:0e:4b:04:97:9a:30:75:11:c3:8e:
31:d5:7a:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYvRL8i0JH4tNRGZ5SSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg2Nzg0YzI0Y2ZjMjBjZWY4OWVmYTBhMWI4MzVmYjliYjM1M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTS7DpZXK2MP2G1jQEELoxpa4qyx
2PdaO9jQtpmTMgTSVXwM/Och8wfJ9R1s4fY/QUYfncTdieMd+O/oF8Rq9+fAlAGS
x3jDtO5V10fzlEgTyZmNgQq5/BwOnyRmp4LFv9ZdDZDCxnl5TXV/A7LrHCv5pz26
3LkXZGtOnmvWKWzcEP5p1/THuVwhTza/+27PxI+qG3UGUTPYy/lufEn3cKKtJoGU
aToVJpwxKhzR0HsN7qgMvxjyEzmKN53ac50rWivi67Jij7BSEXyf9dO+ZAwJ0vU9
ceM4DOnpOqEISAJrWQIhjLRSGEWNKpobDuoYCCp20ygXwE1USp0rzMuGhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuGeEwkz8IM74nvoKG4Nfubs1PcMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMjRaNFRDVFB3Z3p2aWUtZ29iZzEtNXV6VTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PeMA0G
CSqGSIb3DQEBCwUAA4IBAQBSDnhZupPPUNFzgOsfPq2X395H9cfQXZexrGsH1pCv
7rzs7gd3wDwH88om0mE2NmHccdn9Q1Rin032HzxlKGXWZoCLCPnQQuCo39i0L/2d
SyasCio7jg9NoNEVW2xPRAF+DATxZyVUKZv8K7ZdaO3JnmWLRvdGXIB/CZhXSMRm
6bMp/fhIz2TeGXGNvNkn3hqHhCoTLQznpjRN2ybu+lzMLinJs6ZTBZ4n2TrvuhXs
ZFWmnWpIHRBBK6nUWfWdFAheVbywukMxCAfFFiZCHiYGahYmFzApy6jmWou4JiN4
AMaJ+3cQ9sZQKYReAVYe4pz6Hw5LBJeaMHURw44x1XrT
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:54:26 2025 by rpki-client