Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/d4swgAJtu_GKtJIgKNkNvIMDUmU.roa
File: d4swgAJtu_GKtJIgKNkNvIMDUmU.roa (raw, json)
Hash identifier: q7IRubnwg4uZmA+qGMdEHTUc8R6Wes8x3RgwKbWfvQc=
Subject key identifier: 77:8B:30:80:02:6D:BB:F1:8A:B4:92:20:28:D9:0D:BC:83:03:52:65
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0190898A45D7D7F767161A25F1AD7DD42419
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/d4swgAJtu_GKtJIgKNkNvIMDUmU.roa
Signing time: Sat 06 Jul 2024 19:34:18 +0000
ROA not before: Sat 06 Jul 2024 19:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16200
IP address blocks: 83.147.192.0/24 maxlen: 24
83.147.193.0/24 maxlen: 24
91.186.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:89:8a:45:d7:d7:f7:67:16:1a:25:f1:ad:7d:d4:24:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 6 19:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=778b3080026dbbf18ab4922028d90dbc83035265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:27:79:7d:c5:ba:15:cc:6e:60:c4:f9:0b:60:
26:4a:2c:2b:ed:04:98:6d:c9:fd:c1:4f:ef:6c:e7:
8f:02:94:3e:d8:8e:60:89:99:7b:22:66:42:e4:aa:
42:51:f9:60:89:b2:73:f9:fd:df:f2:5d:e3:81:8d:
7b:62:c6:27:f7:d4:ab:63:19:10:2c:15:d2:38:ca:
0c:cc:ef:4c:2e:99:db:14:88:fe:52:b0:2e:17:07:
9d:87:44:39:56:21:55:b1:9b:dd:a2:65:d2:29:e9:
33:7e:aa:c5:7f:91:88:a9:eb:35:95:c3:77:4a:9d:
63:79:65:69:b7:51:5d:02:9b:15:2c:ef:9f:3b:95:
9d:ab:25:65:e9:32:22:3d:5a:ff:f9:45:a5:2a:49:
91:c1:6d:db:65:a7:e9:96:c9:a2:37:26:dd:3f:63:
3c:cc:e4:3f:9b:b6:c7:b9:42:69:8b:1d:55:db:f0:
8d:0b:57:70:ea:cd:fc:a3:0a:f4:87:89:38:49:0c:
dc:64:f7:6e:23:52:bd:43:69:b1:f0:80:d4:9d:97:
ba:97:cd:61:8c:d1:9b:e9:cd:8e:df:00:39:6f:d3:
e1:d4:31:c6:be:53:63:17:3a:fc:9f:94:69:1f:70:
62:8b:d1:98:d2:05:c9:ed:63:27:7c:d8:00:54:77:
d0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8B:30:80:02:6D:BB:F1:8A:B4:92:20:28:D9:0D:BC:83:03:52:65
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/d4swgAJtu_GKtJIgKNkNvIMDUmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0/23
91.186.192.0/24
Signature Algorithm: sha256WithRSAEncryption
22:78:ef:2c:ec:b9:1d:36:b5:13:8a:80:19:bc:bc:f5:77:b9:
f4:a4:36:c2:5a:6f:b8:6e:06:17:2e:7e:43:4c:11:5e:15:0b:
3b:1d:f8:ee:90:24:77:f4:c0:36:31:5b:5d:34:fc:42:7c:f0:
e2:70:cb:17:df:59:6c:fa:bd:55:ed:66:2f:89:9a:4e:40:97:
d2:a5:56:bc:96:d6:86:d7:07:ba:20:32:72:cf:93:3f:b8:11:
a0:66:fb:fb:9d:8f:0a:ce:62:c0:e1:b2:fe:1b:cc:6f:14:88:
82:ed:ec:c3:ab:26:a0:a6:80:10:80:f2:d8:b6:94:c0:e7:2d:
9a:4c:1a:d3:4f:60:e6:d2:62:a6:d8:a0:de:6f:df:27:1e:83:
3e:f7:c1:4a:12:c1:45:ef:34:3a:12:93:6b:02:fc:3e:72:f2:
1e:9e:24:f3:2e:b8:1e:19:a6:f7:b4:3b:77:f0:ad:1a:7a:42:
a0:fd:46:b6:38:33:50:a1:0b:75:ea:88:19:25:43:c8:f5:d9:
be:b3:70:c0:e1:86:6e:c9:c9:b2:21:4a:fd:33:82:41:1a:4f:
2b:a4:83:be:26:74:78:d1:3d:56:bf:83:ea:15:cd:a1:5a:3b:
f1:d4:12:f7:06:98:92:9b:0d:e2:3f:3a:7b:2d:51:11:a9:52:
5e:4d:d2:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCJikXX1/dnFhol8a191CQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNzA2MTkzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzhiMzA4MDAyNmRiYmYxOGFiNDkyMjAyOGQ5MGRiYzgzMDM1MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Sd5fcW6FcxuYMT5C2AmSiwr7QSY
bcn9wU/vbOePApQ+2I5giZl7ImZC5KpCUflgibJz+f3f8l3jgY17YsYn99SrYxkQ
LBXSOMoMzO9MLpnbFIj+UrAuFwedh0Q5ViFVsZvdomXSKekzfqrFf5GIqes1lcN3
Sp1jeWVpt1FdApsVLO+fO5WdqyVl6TIiPVr/+UWlKkmRwW3bZafplsmiNybdP2M8
zOQ/m7bHuUJpix1V2/CNC1dw6s38owr0h4k4SQzcZPduI1K9Q2mx8IDUnZe6l81h
jNGb6c2O3wA5b9Ph1DHGvlNjFzr8n5RpH3Bii9GY0gXJ7WMnfNgAVHfQIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHeLMIACbbvxirSSICjZDbyDA1JlMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZDRzd2dBSnR1X0dLdEpJZ0tOa052SU1EVW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBU5PAAwQA
W7rAMA0GCSqGSIb3DQEBCwUAA4IBAQAieO8s7LkdNrUTioAZvLz1d7n0pDbCWm+4
bgYXLn5DTBFeFQs7HfjukCR39MA2MVtdNPxCfPDicMsX31ls+r1V7WYviZpOQJfS
pVa8ltaG1we6IDJyz5M/uBGgZvv7nY8KzmLA4bL+G8xvFIiC7ezDqyagpoAQgPLY
tpTA5y2aTBrTT2Dm0mKm2KDeb98nHoM+98FKEsFF7zQ6EpNrAvw+cvIeniTzLrge
Gab3tDt38K0aekKg/Ua2ODNQoQt16ogZJUPI9dm+s3DA4YZuycmyIUr9M4JBGk8r
pIO+JnR40T1Wv4PqFc2hWjvx1BL3BpiSmw3iPzp7LVERqVJeTdI4
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:06 2025 by rpki-client