Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/z-F1ysmyeBSYfdkdvmnUp1Xys3I.roa
File: z-F1ysmyeBSYfdkdvmnUp1Xys3I.roa (raw, json)
Hash identifier: aoZ5WUckr0Qtgd9hmkTwL8k872Hd0Hj213xIjxk5Z5A=
Subject key identifier: CF:E1:75:CA:C9:B2:78:14:98:7D:D9:1D:BE:69:D4:A7:55:F2:B3:72
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 17479FED
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/z-F1ysmyeBSYfdkdvmnUp1Xys3I.roa
Signing time: Sat 01 Jan 2022 16:03:48 +0000
ROA not before: Sat 01 Jan 2022 16:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42285
IP address blocks: 188.241.71.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390569965 (0x17479fed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfe175cac9b27814987dd91dbe69d4a755f2b372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9d:c4:90:15:0b:28:d5:c3:44:11:24:8d:35:
e0:e2:94:73:f6:55:20:ad:47:c0:9a:6e:41:c6:7d:
77:1c:c3:73:59:be:4b:97:87:ba:ff:a0:84:7e:37:
60:e0:f5:09:4d:d9:49:5e:f1:4a:b7:37:1c:3b:45:
74:08:c7:af:e9:43:34:85:8d:e9:b0:f0:d3:e0:99:
bc:4e:4c:26:fe:e1:fb:b8:9b:e1:21:82:50:16:ca:
23:c1:23:6e:46:f1:63:2e:ab:39:6a:a8:a7:77:17:
b4:7d:89:e9:00:f1:ec:d6:b7:5e:28:b0:5f:29:84:
14:2c:56:8b:2f:4d:27:e8:bd:36:58:19:85:35:18:
9d:bc:63:80:ce:12:b8:99:2c:eb:80:8b:52:6f:dd:
f3:f7:a3:ca:9b:5e:10:79:18:0b:6f:d8:39:34:b9:
a0:55:3d:53:1a:52:88:53:bb:70:96:98:f4:b2:f6:
d2:a4:4c:c1:c7:8f:6b:41:b1:45:0b:6a:05:d5:22:
d6:0e:ec:c0:32:d2:e6:f8:3d:ce:2e:8e:b9:aa:25:
8d:bb:cd:77:ff:b3:b3:1e:dc:67:c7:27:01:76:58:
c0:f4:c7:13:62:bb:77:d6:3f:15:11:50:a0:8d:58:
cd:50:00:08:bf:c0:e9:ed:0d:c7:03:3f:4f:11:5d:
83:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E1:75:CA:C9:B2:78:14:98:7D:D9:1D:BE:69:D4:A7:55:F2:B3:72
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/z-F1ysmyeBSYfdkdvmnUp1Xys3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.71.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:f1:6a:1e:08:7b:91:93:05:0d:e3:89:e9:01:35:1a:1a:32:
87:38:ab:37:fa:ce:6b:04:ff:4f:55:0d:76:e8:02:47:4a:a6:
28:e3:fd:a8:c4:2a:ed:94:da:71:47:b2:b3:f8:aa:bb:59:1f:
71:13:b6:17:c5:55:92:3b:98:66:72:19:62:c6:6c:5b:df:28:
0e:8c:a4:4d:e2:95:0c:c1:5e:62:56:52:5e:2d:2d:7a:5c:e1:
17:61:ed:18:f7:f4:1d:0e:24:d1:0e:2b:5c:e8:32:fe:a9:66:
f9:65:26:43:b1:34:d4:a8:20:e1:31:c1:71:55:1b:c6:dd:8f:
b2:bd:52:98:c6:09:2c:ee:45:f8:88:0c:1e:ac:ed:48:17:44:
bd:3e:d5:80:b1:56:a6:0f:71:4a:4f:10:b5:63:2e:c6:29:c2:
52:33:77:cc:1f:51:64:63:9f:21:7a:63:8b:5d:65:93:c7:76:
66:54:d9:93:9e:e7:83:a9:e7:11:62:63:23:26:04:e5:1f:fc:
b3:f9:b8:72:ba:28:e0:c0:2d:e7:e2:bc:b0:1d:37:32:23:7e:
d8:13:7b:6d:dc:1d:54:ea:48:92:87:7d:64:12:fc:9a:fb:53:
da:99:ef:c0:d5:49:0c:6d:55:a6:e6:88:48:22:e2:19:37:7c:
55:43:e7:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF0ef7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ZlMTc1Y2FjOWIy
NzgxNDk4N2RkOTFkYmU2OWQ0YTc1NWYyYjM3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKdxJAVCyjVw0QRJI014OKUc/ZVIK1HwJpuQcZ9dxzDc1m+
S5eHuv+ghH43YOD1CU3ZSV7xSrc3HDtFdAjHr+lDNIWN6bDw0+CZvE5MJv7h+7ib
4SGCUBbKI8EjbkbxYy6rOWqop3cXtH2J6QDx7Na3XiiwXymEFCxWiy9NJ+i9NlgZ
hTUYnbxjgM4SuJks64CLUm/d8/ejypteEHkYC2/YOTS5oFU9UxpSiFO7cJaY9LL2
0qRMwcePa0GxRQtqBdUi1g7swDLS5vg9zi6OuaoljbvNd/+zsx7cZ8cnAXZYwPTH
E2K7d9Y/FRFQoI1YzVAACL/A6e0NxwM/TxFdgwkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTP4XXKybJ4FJh92R2+adSnVfKzcjAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
L3otRjF5c215ZUJTWWZka2R2bW5VcDFYeXMzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALzxRzANBgkqhkiG9w0BAQsFAAOC
AQEAnPFqHgh7kZMFDeOJ6QE1GhoyhzirN/rOawT/T1UNdugCR0qmKOP9qMQq7ZTa
cUeys/iqu1kfcRO2F8VVkjuYZnIZYsZsW98oDoykTeKVDMFeYlZSXi0telzhF2Ht
GPf0HQ4k0Q4rXOgy/qlm+WUmQ7E01Kgg4THBcVUbxt2Psr1SmMYJLO5F+IgMHqzt
SBdEvT7VgLFWpg9xSk8QtWMuxinCUjN3zB9RZGOfIXpji11lk8d2ZlTZk57ng6nn
EWJjIyYE5R/8s/m4croo4MAt5+K8sB03MiN+2BN7bdwdVOpIkod9ZBL8mvtT2pnv
wNVJDG1VpuaISCLiGTd8VUPnwQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:19 2025 by rpki-client