Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/EquEtfjJzr0LRuOp2ztEM9tg9e8.roa
File: EquEtfjJzr0LRuOp2ztEM9tg9e8.roa (raw, json)
Hash identifier: q3qtTZ1GrgMV+HugHWjGA0dTvFfOfVSrN5Ib+i+Usc4=
Subject key identifier: 12:AB:84:B5:F8:C9:CE:BD:0B:46:E3:A9:DB:3B:44:33:DB:60:F5:EF
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0192562F3BC032BA089F165F946D25AECAE0
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/EquEtfjJzr0LRuOp2ztEM9tg9e8.roa
Signing time: Fri 04 Oct 2024 06:19:48 +0000
ROA not before: Fri 04 Oct 2024 06:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197649
IP address blocks: 83.147.222.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:2f:3b:c0:32:ba:08:9f:16:5f:94:6d:25:ae:ca:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 4 06:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12ab84b5f8c9cebd0b46e3a9db3b4433db60f5ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:09:e7:9a:99:f6:ce:b5:97:3b:5c:a4:19:1c:
df:35:fb:5c:2f:33:db:5c:c7:82:7b:ec:86:5b:67:
00:af:19:b0:7a:75:be:4e:6c:5b:a5:73:87:90:64:
38:2f:96:4a:0e:4d:ad:28:a2:64:d9:ef:1e:c6:67:
de:28:25:9e:d2:01:5f:dd:30:08:96:79:4e:4a:ef:
7d:94:71:f2:3c:c1:b8:30:72:4f:81:31:0e:7f:74:
33:07:13:31:09:a2:b1:4d:1e:4d:34:8a:ce:ff:21:
64:39:59:82:93:20:ea:36:92:c2:97:0b:38:72:b6:
69:95:2c:ee:60:a5:ab:32:cf:27:e1:1f:f6:eb:a2:
fe:fb:ff:23:cb:33:8f:1c:57:8b:3d:5c:bc:bf:d0:
de:00:19:fb:0d:d7:9a:18:54:70:5f:74:00:a4:77:
8f:94:ed:fd:06:41:f9:34:9d:53:9d:d6:13:fe:09:
7c:b2:df:d6:08:55:1b:b0:f4:3a:e8:ce:56:5c:81:
1c:34:29:ea:ac:56:92:6d:88:f0:2b:7d:13:08:f4:
5f:31:cb:41:df:7e:ee:2d:c5:4c:bd:db:16:7c:7f:
97:6c:c5:37:eb:54:71:05:40:52:79:d4:49:31:2f:
43:b5:c6:54:8f:24:d5:ce:88:76:79:99:8b:ee:e2:
c5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AB:84:B5:F8:C9:CE:BD:0B:46:E3:A9:DB:3B:44:33:DB:60:F5:EF
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/EquEtfjJzr0LRuOp2ztEM9tg9e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
Signature Algorithm: sha256WithRSAEncryption
67:12:59:4d:4a:99:d8:66:45:9a:a1:63:84:e0:bb:b7:41:a4:
59:8d:98:72:5b:83:7e:c5:0c:49:85:4e:07:fb:a2:7f:12:f4:
8f:b2:7f:d1:e9:6e:66:a9:a4:27:6f:62:54:f6:e2:0b:33:60:
b4:b9:e2:da:9d:c3:f8:1b:b5:c0:70:00:90:c2:65:86:6c:4b:
dd:7f:db:d1:c6:fd:68:a4:7f:b5:d9:6d:5c:dc:02:d8:cc:87:
f1:5a:49:46:18:fc:1b:bc:25:6f:60:b9:91:89:ff:63:35:1e:
9b:1b:60:51:9f:a6:9d:ed:90:ef:c8:3b:ef:ec:b7:d0:e3:f8:
cb:2b:b4:c7:7e:58:84:31:20:c7:b8:d2:ac:d7:05:b3:76:0e:
ec:f4:a1:18:24:8c:a8:9f:f8:5c:fd:56:05:6d:04:53:ff:30:
33:3c:e9:a6:1a:46:be:81:96:3c:da:16:a1:11:19:48:c6:05:
fe:5c:eb:4d:38:f5:cc:5a:1a:e4:7e:00:b5:fa:09:15:92:2b:
14:6a:8e:3e:de:d4:1a:93:1c:11:6c:12:d7:41:5b:96:65:26:
8c:c0:dd:f5:b4:13:38:ca:90:7e:26:08:f1:7b:dc:ec:9a:c2:
63:e5:b8:20:1e:ca:81:f2:b8:7c:9c:a3:32:d0:53:ca:38:3a:
70:5f:30:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJWLzvAMroInxZflG0lrsrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMDA0MDYxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmFiODRiNWY4YzljZWJkMGI0NmUzYTlkYjNiNDQzM2RiNjBmNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAnnmpn2zrWXO1ykGRzfNftcLzPb
XMeCe+yGW2cArxmwenW+TmxbpXOHkGQ4L5ZKDk2tKKJk2e8exmfeKCWe0gFf3TAI
lnlOSu99lHHyPMG4MHJPgTEOf3QzBxMxCaKxTR5NNIrO/yFkOVmCkyDqNpLClws4
crZplSzuYKWrMs8n4R/266L++/8jyzOPHFeLPVy8v9DeABn7DdeaGFRwX3QApHeP
lO39BkH5NJ1TndYT/gl8st/WCFUbsPQ66M5WXIEcNCnqrFaSbYjwK30TCPRfMctB
337uLcVMvdsWfH+XbMU361RxBUBSedRJMS9DtcZUjyTVzoh2eZmL7uLFuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKrhLX4yc69C0bjqds7RDPbYPXvMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRXF1RXRmakp6cjBMUnVPcDJ6dEVNOXRnOWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PeMA0G
CSqGSIb3DQEBCwUAA4IBAQBnEllNSpnYZkWaoWOE4Lu3QaRZjZhyW4N+xQxJhU4H
+6J/EvSPsn/R6W5mqaQnb2JU9uILM2C0ueLancP4G7XAcACQwmWGbEvdf9vRxv1o
pH+12W1c3ALYzIfxWklGGPwbvCVvYLmRif9jNR6bG2BRn6ad7ZDvyDvv7LfQ4/jL
K7THfliEMSDHuNKs1wWzdg7s9KEYJIyon/hc/VYFbQRT/zAzPOmmGka+gZY82hah
ERlIxgX+XOtNOPXMWhrkfgC1+gkVkisUao4+3tQakxwRbBLXQVuWZSaMwN31tBM4
ypB+Jgjxe9zsmsJj5bggHsqB8rh8nKMy0FPKODpwXzAj
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:04:10 2025 by rpki-client