Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/DxGFhUctTufDxZgSMO1d7kygyCQ.roa
File: DxGFhUctTufDxZgSMO1d7kygyCQ.roa (raw, json)
Hash identifier: RNuyDBA+0YLFY0kexLhJ5MB5myW25a/jJA4znkKpvDI=
Subject key identifier: 0F:11:85:85:47:2D:4E:E7:C3:C5:98:12:30:ED:5D:EE:4C:A0:C8:24
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58C8535F79F071A01ED211E5B3521
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/DxGFhUctTufDxZgSMO1d7kygyCQ.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215238
IP address blocks: 83.147.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8c:85:35:f7:9f:07:1a:01:ed:21:1e:5b:35:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f118585472d4ee7c3c5981230ed5dee4ca0c824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a1:18:a1:09:2b:a1:2a:a8:37:b1:48:a7:39:
88:c4:60:31:e3:56:d1:0c:cc:93:65:49:1e:86:07:
46:e7:7b:09:12:91:a3:cc:52:a4:32:0d:5f:e8:67:
12:15:98:14:a0:7b:27:0a:91:39:4d:45:47:e3:16:
25:d4:dd:80:1d:25:c0:d8:a1:70:c9:0d:ef:4e:c3:
54:6e:6d:57:12:20:a2:ea:0a:ae:d1:f9:1a:4c:8e:
08:fa:14:4d:00:b5:35:7b:7c:86:20:a6:68:df:e5:
c7:92:c8:64:6d:9b:6b:27:af:01:cb:ce:0b:71:a7:
cc:10:10:68:ad:a9:73:1d:c9:bf:80:be:65:0f:c5:
c2:60:22:a7:96:cc:82:d4:f5:fe:1d:76:b9:cd:39:
b4:9a:79:56:de:da:d8:f4:dc:8a:bc:23:75:19:46:
8c:b7:16:88:6a:ba:88:91:7e:22:fe:82:66:55:aa:
c1:df:9b:f5:c0:26:df:33:de:a3:bd:c1:45:48:d5:
5a:4c:f9:75:17:4e:b3:81:bc:ba:77:6c:44:1e:b3:
be:68:1a:59:ac:21:d2:f3:54:a5:5d:52:05:0b:30:
35:0e:42:9a:69:b4:38:df:ab:6e:db:0f:3a:92:d9:
16:ba:43:01:d4:9b:bd:b0:dd:62:86:58:aa:54:81:
d4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:11:85:85:47:2D:4E:E7:C3:C5:98:12:30:ED:5D:EE:4C:A0:C8:24
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/DxGFhUctTufDxZgSMO1d7kygyCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:23:1d:1e:c2:d2:28:b2:49:40:8a:3d:a5:3a:6d:32:0c:65:
30:3b:20:69:b4:36:5c:0d:ea:df:c4:ab:f0:55:2f:2e:64:b6:
e6:26:0e:6a:0f:84:ea:83:44:b1:87:66:35:3f:d0:e5:b3:f3:
d9:0d:3a:6f:bf:8f:39:fc:8e:72:9b:a4:40:dc:c4:d2:b5:5c:
81:7e:dd:94:ae:65:48:4d:56:68:a5:87:76:42:42:a4:b3:4e:
16:a2:c0:ed:80:3e:6d:6c:c5:ad:09:c1:cc:a4:f4:a1:69:90:
4b:08:7c:09:9a:5f:66:12:42:54:30:36:25:32:81:f8:38:f4:
c1:2a:fb:87:27:3c:9d:13:3d:b6:28:ae:ac:14:a8:bc:b1:e4:
4f:b4:9d:b3:d1:d5:8c:9d:ed:da:92:9a:a9:02:4c:b2:3e:4e:
ab:11:3c:5a:69:8b:9b:7f:60:a2:a8:6f:43:95:58:f5:30:1c:
50:6a:a3:c5:ba:1a:78:71:73:84:60:83:f9:b8:23:e5:a7:80:
cf:40:eb:c7:9f:a4:c8:93:f3:1d:ed:9c:94:8a:74:a5:51:c1:
2f:7c:ea:13:62:aa:31:36:7b:e5:51:86:93:22:28:cf:5b:8a:
a8:76:ba:8d:44:c8:9f:e8:e9:9a:47:bb:e2:b6:49:80:60:fc:
b9:15:eb:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYyFNfefBxoB7SEeWzUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjExODU4NTQ3MmQ0ZWU3YzNjNTk4MTIzMGVkNWRlZTRjYTBjODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaEYoQkroSqoN7FIpzmIxGAx41bR
DMyTZUkehgdG53sJEpGjzFKkMg1f6GcSFZgUoHsnCpE5TUVH4xYl1N2AHSXA2KFw
yQ3vTsNUbm1XEiCi6gqu0fkaTI4I+hRNALU1e3yGIKZo3+XHkshkbZtrJ68By84L
cafMEBBoralzHcm/gL5lD8XCYCKnlsyC1PX+HXa5zTm0mnlW3trY9NyKvCN1GUaM
txaIarqIkX4i/oJmVarB35v1wCbfM96jvcFFSNVaTPl1F06zgby6d2xEHrO+aBpZ
rCHS81SlXVIFCzA1DkKaabQ436tu2w86ktkWukMB1Ju9sN1ihliqVIHU+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8RhYVHLU7nw8WYEjDtXe5MoMgkMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRHhHRmhVY3RUdWZEeFpnU01PMWQ3a3lneUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PAMA0G
CSqGSIb3DQEBCwUAA4IBAQAuIx0ewtIosklAij2lOm0yDGUwOyBptDZcDerfxKvw
VS8uZLbmJg5qD4Tqg0Sxh2Y1P9Dls/PZDTpvv485/I5ym6RA3MTStVyBft2UrmVI
TVZopYd2QkKks04WosDtgD5tbMWtCcHMpPShaZBLCHwJml9mEkJUMDYlMoH4OPTB
KvuHJzydEz22KK6sFKi8seRPtJ2z0dWMne3akpqpAkyyPk6rETxaaYubf2CiqG9D
lVj1MBxQaqPFuhp4cXOEYIP5uCPlp4DPQOvHn6TIk/Md7ZyUinSlUcEvfOoTYqox
NnvlUYaTIijPW4qodrqNRMif6OmaR7vitkmAYPy5Fesz
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:43:34 2025 by rpki-client