Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/915P1uP0o_oBBWt22nc4iXSd3VI.roa
File: 915P1uP0o_oBBWt22nc4iXSd3VI.roa (raw, json)
Hash identifier: i9rqLjEPgkK58R1rqiDRw/0Ez3sRtt8N6qBzz6qPwmg=
Subject key identifier: F7:5E:4F:D6:E3:F4:A3:FA:01:05:6B:76:DA:77:38:89:74:9D:DD:52
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DF1DEC8063444184DD0AA3CACE8F
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/915P1uP0o_oBBWt22nc4iXSd3VI.roa
Signing time: Sun 01 Jan 2023 16:54:48 +0000
ROA not before: Sun 01 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50527
IP address blocks: 93.114.98.0/24 maxlen: 24
89.35.162.0/24 maxlen: 24
93.114.56.0/24 maxlen: 24
86.106.169.0/24 maxlen: 24
89.36.88.0/24 maxlen: 24
93.114.68.0/24 maxlen: 24
188.241.6.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:df:1d:ec:80:63:44:41:84:dd:0a:a3:ca:ce:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f75e4fd6e3f4a3fa01056b76da773889749ddd52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:37:a2:ed:4e:61:3e:67:bc:71:a0:73:e9:
cd:aa:4e:77:0c:50:05:99:c0:76:5a:71:3b:9c:c8:
9c:74:9d:a8:7d:68:92:a3:56:fa:73:a8:9f:12:29:
06:a0:15:e4:9b:5e:97:e5:2f:aa:38:16:c1:cb:4c:
78:1e:85:ff:eb:ce:e7:27:9f:13:b8:34:21:22:01:
ac:2c:c1:af:84:0e:22:97:18:e1:3c:29:49:cf:3a:
28:17:a6:3e:e2:da:37:5f:e5:a5:be:f7:02:e1:5e:
e8:25:70:91:68:7f:22:4c:b7:85:10:d3:6c:08:93:
e6:00:57:2c:1c:2b:d1:95:d2:4b:45:6d:2a:37:23:
be:c6:b7:94:69:5d:97:a6:d8:68:d3:ae:6c:f9:bf:
75:a0:ad:9f:ba:56:6d:ad:42:59:d7:dd:90:47:f2:
71:39:b8:58:b1:05:83:9c:d3:43:ea:96:2f:2d:2b:
f3:fc:93:b5:a1:5f:22:44:00:29:36:00:e0:3f:1d:
87:bc:c6:a1:a1:fc:dd:17:e4:a3:49:7b:dc:c1:8c:
d9:9f:ff:62:62:08:a2:6a:7d:1e:0d:a0:96:a1:0c:
39:6b:4a:2f:a4:b4:1d:2d:26:70:bd:c3:db:5f:cf:
47:2d:19:69:7e:30:34:f4:05:f3:0d:0e:f5:20:c6:
c0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5E:4F:D6:E3:F4:A3:FA:01:05:6B:76:DA:77:38:89:74:9D:DD:52
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/915P1uP0o_oBBWt22nc4iXSd3VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.169.0/24
89.35.162.0/24
89.36.88.0/24
93.114.56.0/24
93.114.68.0/24
93.114.98.0/24
188.241.6.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:cb:33:52:2c:13:d9:c3:25:21:6e:af:08:77:c5:4d:30:39:
da:d4:4d:57:32:90:45:95:c0:02:5c:57:30:ad:01:f4:46:75:
5d:ba:c8:24:4b:69:34:39:24:5c:be:d3:93:11:ff:8a:79:d1:
73:96:87:6a:8a:7e:69:4f:67:ef:ee:e0:e7:cf:4f:30:2b:02:
8b:0b:50:2a:a5:e3:a4:9b:af:26:41:28:6e:65:44:04:21:48:
6f:cb:c6:c8:19:70:ae:39:66:17:cb:34:01:0c:ee:f5:2d:4e:
24:84:fb:41:a2:c6:13:d5:97:28:92:f3:cb:63:6b:fc:95:0d:
a6:15:08:c2:53:92:a6:21:37:6f:34:b1:21:cb:f1:bc:a4:ba:
3b:67:a2:6f:07:6f:7a:6d:83:55:ba:dd:c9:06:de:0c:f4:52:
fd:0c:c4:5e:91:c1:aa:a4:2a:e2:87:0f:aa:4c:a3:ab:c9:6c:
13:09:54:76:e6:b7:4c:37:f3:9a:72:aa:b9:b8:83:50:00:ee:
d0:79:00:9b:13:57:d5:68:3f:65:30:89:5e:9f:26:bb:73:1f:
5e:b3:9e:38:58:79:a2:1c:7d:ca:bf:41:aa:d5:fe:10:8d:2a:
b1:ca:21:6e:b3:1e:15:be:0c:47:60:f0:ff:10:e4:8a:07:b5:
fa:00:64:ab
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVuQd8d7IBjREGE3Qqjys6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzVlNGZkNmUzZjRhM2ZhMDEwNTZiNzZkYTc3Mzg4OTc0OWRkZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjc3ou1OYT5nvHGgc+nNqk53DFAF
mcB2WnE7nMicdJ2ofWiSo1b6c6ifEikGoBXkm16X5S+qOBbBy0x4HoX/687nJ58T
uDQhIgGsLMGvhA4ilxjhPClJzzooF6Y+4to3X+WlvvcC4V7oJXCRaH8iTLeFENNs
CJPmAFcsHCvRldJLRW0qNyO+xreUaV2Xptho065s+b91oK2fulZtrUJZ192QR/Jx
ObhYsQWDnNND6pYvLSvz/JO1oV8iRAApNgDgPx2HvMahofzdF+SjSXvcwYzZn/9i
Ygiian0eDaCWoQw5a0ovpLQdLSZwvcPbX89HLRlpfjA09AXzDQ71IMbAxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPdeT9bj9KP6AQVrdtp3OIl0nd1SMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvOTE1UDF1UDBvX29CQld0MjJuYzRpWFNkM1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVmqpAwQA
WSOiAwQAWSRYAwQAXXI4AwQAXXJEAwQAXXJiAwQAvPEGMA0GCSqGSIb3DQEBCwUA
A4IBAQBeyzNSLBPZwyUhbq8Id8VNMDna1E1XMpBFlcACXFcwrQH0RnVdusgkS2k0
OSRcvtOTEf+KedFzlodqin5pT2fv7uDnz08wKwKLC1AqpeOkm68mQShuZUQEIUhv
y8bIGXCuOWYXyzQBDO71LU4khPtBosYT1ZcokvPLY2v8lQ2mFQjCU5KmITdvNLEh
y/G8pLo7Z6JvB296bYNVut3JBt4M9FL9DMRekcGqpCrihw+qTKOryWwTCVR25rdM
N/Oacqq5uINQAO7QeQCbE1fVaD9lMIlenya7cx9es544WHmiHH3Kv0Gq1f4QjSqx
yiFusx4VvgxHYPD/EOSKB7X6AGSr
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:07:08 2025 by rpki-client