Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NOifewg6dcuAgzQaQY6Ut-SJsF0.roa
File: NOifewg6dcuAgzQaQY6Ut-SJsF0.roa (raw, json)
Hash identifier: 1LyRq/83Y57hNIbTf6D1U+ItDGEhfHmuog5/TKfAkrc=
Subject key identifier: 34:E8:9F:7B:08:3A:75:CB:80:83:34:1A:41:8E:94:B7:E4:89:B0:5D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58886589870617C59248CE029EC28
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NOifewg6dcuAgzQaQY6Ut-SJsF0.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197649
IP address blocks: 83.147.222.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:88:86:58:98:70:61:7c:59:24:8c:e0:29:ec:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34e89f7b083a75cb8083341a418e94b7e489b05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:78:98:d6:c5:f4:91:69:96:02:61:6f:57:
df:f5:5e:eb:77:9e:97:dc:8b:f0:1b:6e:4a:a1:f3:
6e:41:41:ec:b2:9d:0f:8b:3b:fd:13:c0:4c:91:41:
6c:61:da:56:7b:7f:c1:f5:ca:2d:76:5e:d7:46:7f:
0b:ec:1a:ee:5f:dd:33:80:40:03:f7:df:e6:79:84:
28:1a:37:90:85:e8:b7:8b:4a:77:a1:67:07:57:17:
f7:5c:bc:4d:19:ab:15:79:61:94:ff:37:be:21:cc:
b2:00:f1:c7:37:4e:e6:ea:ea:9a:0e:60:03:17:d8:
a8:cb:d2:d6:7c:a9:0c:c1:69:8c:69:1f:f5:23:a4:
ea:22:e1:52:f5:87:a4:ae:4f:b9:89:51:39:83:86:
5b:9b:a3:e9:67:9c:88:21:e8:e9:94:bf:a2:8a:4a:
95:63:a4:4f:1b:ab:33:3d:53:b7:63:f4:13:8f:1a:
f3:35:38:59:27:a5:b8:18:e1:0b:ea:4b:88:17:d9:
b2:0d:9c:dc:71:6d:a5:7e:cd:2b:c1:4d:82:84:66:
93:f8:86:67:cb:b9:03:71:b9:6d:c6:2d:24:c8:7e:
f8:2c:97:3d:a3:e7:23:bb:5a:9a:63:66:dd:d5:ac:
60:15:fe:f3:d4:fd:06:da:51:a2:40:ad:16:2c:a4:
63:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E8:9F:7B:08:3A:75:CB:80:83:34:1A:41:8E:94:B7:E4:89:B0:5D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NOifewg6dcuAgzQaQY6Ut-SJsF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
Signature Algorithm: sha256WithRSAEncryption
56:6c:5c:26:95:78:94:c8:bb:17:01:eb:67:1c:19:57:38:71:
7a:2d:74:dd:6d:0b:62:d6:c5:aa:da:1c:31:81:4d:50:c1:d3:
70:22:1e:90:9e:0a:36:4e:38:ee:93:fc:d8:81:4c:f0:61:57:
e1:26:d4:03:ee:26:b9:70:2e:64:dd:94:80:30:0f:43:d4:5f:
27:d4:20:eb:f6:07:17:67:71:29:4e:28:69:26:3f:e9:f2:1d:
be:f5:a6:8e:91:c7:50:84:3c:70:11:f8:2a:17:e9:1b:cc:73:
80:0a:9f:35:f3:53:ee:37:68:f0:5b:0a:02:fd:ac:8a:b5:22:
3e:7f:c9:21:97:3b:46:ab:79:2b:67:d5:cf:a7:e9:e4:3f:cc:
f5:52:f8:4c:b1:b4:45:46:9b:05:68:3e:f1:03:ba:50:36:cf:
de:85:cb:e6:2e:a0:39:e2:c8:0b:3f:f6:1f:82:6b:c1:96:94:
1b:f4:08:80:a9:62:c2:bc:9c:a8:e0:99:42:9b:6c:9e:96:bf:
3a:e7:c4:32:4a:e4:bc:58:52:ee:07:b3:9d:ff:be:7d:63:71:
e3:2b:63:cf:e1:42:b0:34:06:3f:95:c2:6d:a0:f3:df:0a:82:
61:58:71:ef:dd:04:c7:a5:33:1a:6d:d3:ce:8b:a9:bf:8b:1a:
1f:0d:3b:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYiGWJhwYXxZJIzgKewoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU4OWY3YjA4M2E3NWNiODA4MzM0MWE0MThlOTRiN2U0ODliMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSZ4mNbF9JFplgJhb1ff9V7rd56X
3IvwG25KofNuQUHssp0Pizv9E8BMkUFsYdpWe3/B9cotdl7XRn8L7BruX90zgEAD
99/meYQoGjeQhei3i0p3oWcHVxf3XLxNGasVeWGU/ze+IcyyAPHHN07m6uqaDmAD
F9ioy9LWfKkMwWmMaR/1I6TqIuFS9Yekrk+5iVE5g4Zbm6PpZ5yIIejplL+iikqV
Y6RPG6szPVO3Y/QTjxrzNThZJ6W4GOEL6kuIF9myDZzccW2lfs0rwU2ChGaT+IZn
y7kDcbltxi0kyH74LJc9o+cju1qaY2bd1axgFf7z1P0G2lGiQK0WLKRj+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTon3sIOnXLgIM0GkGOlLfkibBdMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTk9pZmV3ZzZkY3VBZ3pRYVFZNlV0LVNKc0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PeMA0G
CSqGSIb3DQEBCwUAA4IBAQBWbFwmlXiUyLsXAetnHBlXOHF6LXTdbQti1sWq2hwx
gU1QwdNwIh6Qngo2Tjjuk/zYgUzwYVfhJtQD7ia5cC5k3ZSAMA9D1F8n1CDr9gcX
Z3EpTihpJj/p8h2+9aaOkcdQhDxwEfgqF+kbzHOACp8181PuN2jwWwoC/ayKtSI+
f8khlztGq3krZ9XPp+nkP8z1UvhMsbRFRpsFaD7xA7pQNs/ehcvmLqA54sgLP/Yf
gmvBlpQb9AiAqWLCvJyo4JlCm2yelr8658QySuS8WFLuB7Od/759Y3HjK2PP4UKw
NAY/lcJtoPPfCoJhWHHv3QTHpTMabdPOi6m/ixofDTs0
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:00:08 2025 by rpki-client