Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2jAi00S_LLMhGVquXKDVe_W82bQ.roa
File: 2jAi00S_LLMhGVquXKDVe_W82bQ.roa (raw, json)
Hash identifier: Wi4/+gi76s8+38ASNuIt26mTOhUVUXIP/NIbqyMtmdI=
Subject key identifier: DA:30:22:D3:44:BF:2C:B3:21:19:5A:AE:5C:A0:D5:7B:F5:BC:D9:B4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B5801D8D1051E9E73C6A2A7F4C1605
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2jAi00S_LLMhGVquXKDVe_W82bQ.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25184
IP address blocks: 83.147.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:80:1d:8d:10:51:e9:e7:3c:6a:2a:7f:4c:16:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da3022d344bf2cb321195aae5ca0d57bf5bcd9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:30:c3:b3:d4:3c:1f:83:0f:92:83:9b:01:
45:3e:b4:b2:72:a7:3e:b0:d5:0b:89:04:02:17:56:
b3:38:79:c0:52:8e:22:32:c6:a9:52:9e:5d:33:f3:
02:eb:c9:fd:02:1b:d2:d9:db:28:3c:24:03:5a:ea:
53:87:d5:cc:e1:53:4f:f9:e3:3f:02:45:e9:e1:da:
d4:a8:ae:98:50:6e:36:73:d4:f6:7e:ba:bb:5d:1f:
e8:26:e6:4f:c0:55:c5:78:ac:bb:0a:eb:f6:47:7c:
42:a6:08:b6:e1:49:1c:54:68:3e:51:3a:d8:b1:fc:
fc:64:59:90:b2:73:af:55:8c:0a:fe:62:10:72:87:
be:4a:1d:b0:b9:f9:0d:7b:2b:95:00:c5:8e:1b:85:
de:95:80:0f:6c:02:47:1f:1e:9c:eb:65:af:ac:9d:
fb:55:38:b4:f8:e3:bd:77:14:b7:ed:c9:8f:93:fd:
04:90:14:10:a1:26:22:eb:49:81:bf:7d:13:5b:81:
de:72:00:ba:3e:2f:2f:eb:00:29:7d:d5:62:6f:99:
c1:3e:5c:0c:9a:cb:20:3d:03:e0:e7:c8:53:b0:04:
49:aa:74:36:66:64:79:31:ca:38:13:11:65:f3:64:
e9:dd:e9:60:af:3b:96:ea:8d:de:19:38:72:19:3e:
93:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:30:22:D3:44:BF:2C:B3:21:19:5A:AE:5C:A0:D5:7B:F5:BC:D9:B4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2jAi00S_LLMhGVquXKDVe_W82bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.193.0/24
Signature Algorithm: sha256WithRSAEncryption
76:1f:d4:89:81:f8:82:5b:95:ea:3f:69:67:9c:d5:30:92:88:
15:4f:a1:14:25:6a:9b:58:62:49:3d:4c:78:99:8d:72:8a:8c:
46:64:fa:fd:ca:db:74:e5:9d:2b:b0:12:9f:27:87:f0:36:cd:
33:3e:36:c9:5b:0d:db:97:ab:0c:07:8d:38:2e:ef:11:8e:b8:
fb:94:31:3a:38:d8:34:ef:d0:c8:40:ed:e3:55:af:f7:a2:8b:
55:2b:8f:9d:b3:8e:df:a6:30:8e:70:3e:86:68:5d:34:95:a9:
fc:0f:cf:7d:21:a3:ba:1f:3c:f5:d2:45:34:d7:13:a6:b7:41:
a0:4e:c0:bb:bf:ea:d0:8e:98:0d:71:ae:3d:da:80:fb:1d:5d:
60:76:17:82:9c:54:e4:c0:27:08:c0:ac:7f:e3:9c:a0:fb:1c:
14:26:c9:ee:d7:37:de:0b:8a:f5:6c:29:2f:65:50:88:d0:c0:
64:4f:c6:3a:45:32:d8:0c:54:bf:7b:20:e1:11:7e:e8:9c:d7:
5d:b6:52:8e:34:13:c1:36:d2:e5:c3:7a:c0:68:74:c3:f3:a1:
40:83:2b:47:06:48:d6:c9:e4:53:7d:48:96:a6:ad:78:23:b3:
2b:76:bd:3b:2e:57:49:96:58:d9:33:da:57:27:09:a6:44:68:
01:52:ac:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYAdjRBR6ec8aip/TBYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMwMjJkMzQ0YmYyY2IzMjExOTVhYWU1Y2EwZDU3YmY1YmNkOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXAww7PUPB+DD5KDmwFFPrSycqc+
sNULiQQCF1azOHnAUo4iMsapUp5dM/MC68n9AhvS2dsoPCQDWupTh9XM4VNP+eM/
AkXp4drUqK6YUG42c9T2frq7XR/oJuZPwFXFeKy7Cuv2R3xCpgi24UkcVGg+UTrY
sfz8ZFmQsnOvVYwK/mIQcoe+Sh2wufkNeyuVAMWOG4XelYAPbAJHHx6c62WvrJ37
VTi0+OO9dxS37cmPk/0EkBQQoSYi60mBv30TW4HecgC6Pi8v6wApfdVib5nBPlwM
mssgPQPg58hTsARJqnQ2ZmR5Mco4ExFl82Tp3elgrzuW6o3eGThyGT6TtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNowItNEvyyzIRlarlyg1Xv1vNm0MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMmpBaTAwU19MTE1oR1ZxdVhLRFZlX1c4MmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PBMA0G
CSqGSIb3DQEBCwUAA4IBAQB2H9SJgfiCW5XqP2lnnNUwkogVT6EUJWqbWGJJPUx4
mY1yioxGZPr9ytt05Z0rsBKfJ4fwNs0zPjbJWw3bl6sMB404Lu8Rjrj7lDE6ONg0
79DIQO3jVa/3ootVK4+ds47fpjCOcD6GaF00lan8D899IaO6Hzz10kU01xOmt0Gg
TsC7v+rQjpgNca492oD7HV1gdheCnFTkwCcIwKx/45yg+xwUJsnu1zfeC4r1bCkv
ZVCI0MBkT8Y6RTLYDFS/eyDhEX7onNddtlKONBPBNtLlw3rAaHTD86FAgytHBkjW
yeRTfUiWpq14I7Mrdr07LldJlljZM9pXJwmmRGgBUqys
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:42:32 2025 by rpki-client