Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/dipFfpbeo5EQ6ZoigNJVTLQo_MQ.roa
File: dipFfpbeo5EQ6ZoigNJVTLQo_MQ.roa (raw, json)
Hash identifier: iWb9/I6NW7ZsYsW/tZRQKrK/fY2Uu7XyNFRh9QUvReI=
Subject key identifier: 76:2A:45:7E:96:DE:A3:91:10:E9:9A:22:80:D2:55:4C:B4:28:FC:C4
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018CC9BB089E863518DCF20100BAA0F4EC78
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/dipFfpbeo5EQ6ZoigNJVTLQo_MQ.roa
Signing time: Tue 02 Jan 2024 10:32:06 +0000
ROA not before: Tue 02 Jan 2024 10:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 92.51.216.0/22 maxlen: 24
92.51.220.0/22 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.18.0/23 maxlen: 23
37.46.19.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:08:9e:86:35:18:dc:f2:01:00:ba:a0:f4:ec:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 10:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=762a457e96dea39110e99a2280d2554cb428fcc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ec:88:82:ac:77:9f:89:8b:94:4e:76:70:48:
52:2f:c5:03:29:c9:aa:fb:75:2d:92:bb:ce:7e:bb:
cb:ff:23:ed:0a:78:97:41:da:00:01:27:28:ed:86:
34:fe:86:74:c3:b6:34:ea:da:28:41:96:1f:fc:6d:
4c:1e:5e:b5:6e:a8:6e:db:80:9d:7b:cd:b0:b0:2c:
53:c3:f1:5b:50:71:d9:73:c3:dc:01:12:e2:f5:cc:
ec:9f:1c:00:1f:55:c2:db:87:99:a0:3a:50:85:97:
6d:1b:b4:df:0b:85:87:5c:e2:49:80:ea:d8:95:aa:
af:93:8b:d2:5d:f5:50:ae:78:4d:4b:36:96:89:1c:
f0:a3:f8:87:96:e3:54:96:42:4a:af:3b:f0:66:ac:
41:32:bb:78:b1:ac:29:06:11:e4:49:ce:21:0b:1e:
f4:79:31:d4:e6:81:30:41:a6:83:4b:bd:c6:a8:ff:
39:25:fa:c9:64:e7:6d:ed:c9:3e:61:80:c7:46:06:
20:47:13:24:ca:49:04:2f:bf:4c:27:4d:f6:17:d4:
04:2e:19:38:31:d7:fd:a6:e9:7c:b2:2d:6f:b6:0c:
12:62:9d:56:8c:ae:03:b2:c5:7f:ac:57:93:0d:26:
7e:78:b1:59:ce:b1:05:2d:c7:77:77:c6:2b:8d:8f:
06:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:2A:45:7E:96:DE:A3:91:10:E9:9A:22:80:D2:55:4C:B4:28:FC:C4
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/dipFfpbeo5EQ6ZoigNJVTLQo_MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.18.0/23
92.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
cc:0d:a4:6f:75:5c:52:db:c1:d7:64:8a:cc:c7:1f:1b:b4:f4:
55:ae:c6:5c:3a:0f:b0:ce:19:c2:cc:cf:8f:89:75:65:58:a7:
8d:29:0f:4a:18:59:4b:3a:d2:83:b9:c6:47:3b:6c:a4:ac:ac:
ca:d0:e5:e2:3b:f3:64:2f:c1:bd:a5:ff:84:29:fa:01:45:8c:
eb:f2:ff:26:e2:13:1c:85:1e:f5:bf:74:49:52:02:5e:0b:68:
21:f9:0c:ec:29:b0:55:27:03:39:32:f2:17:99:ff:a8:b1:6d:
d9:76:43:99:5e:9a:7d:84:6e:70:57:ca:4e:f0:fa:f6:02:b0:
e8:43:60:70:e7:6d:14:8f:81:fe:45:41:b7:32:25:c6:d1:21:
6b:bd:64:b5:69:93:6d:62:43:95:2a:07:ec:68:6c:3b:c4:ef:
80:fe:ec:e0:81:6f:79:3a:26:8d:04:9a:78:e6:52:67:b8:00:
e0:c9:6f:a4:a7:bf:6d:d1:ee:60:6c:0c:d7:03:c2:7f:ac:66:
1a:da:a3:7e:ef:57:75:a9:f1:97:06:5c:20:69:34:d9:ef:18:
1c:61:26:0d:e6:11:44:31:f4:76:60:4b:1e:20:a6:8b:38:0e:
4e:1e:4e:06:a3:56:5f:ab:8a:26:12:a3:ae:84:a0:f6:c9:6c:
9a:7d:fc:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJuwiehjUY3PIBALqg9Ox4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQwMTAyMTAzMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjJhNDU3ZTk2ZGVhMzkxMTBlOTlhMjI4MGQyNTU0Y2I0MjhmY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOyIgqx3n4mLlE52cEhSL8UDKcmq
+3UtkrvOfrvL/yPtCniXQdoAASco7YY0/oZ0w7Y06tooQZYf/G1MHl61bqhu24Cd
e82wsCxTw/FbUHHZc8PcARLi9czsnxwAH1XC24eZoDpQhZdtG7TfC4WHXOJJgOrY
laqvk4vSXfVQrnhNSzaWiRzwo/iHluNUlkJKrzvwZqxBMrt4sawpBhHkSc4hCx70
eTHU5oEwQaaDS73GqP85JfrJZOdt7ck+YYDHRgYgRxMkykkEL79MJ032F9QELhk4
Mdf9pul8si1vtgwSYp1WjK4DssV/rFeTDSZ+eLFZzrEFLcd3d8YrjY8G7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYqRX6W3qOREOmaIoDSVUy0KPzEMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvZGlwRmZwYmVvNUVRNlpvaWdOSlZUTFFvX01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJS4SAwQD
XDPYMA0GCSqGSIb3DQEBCwUAA4IBAQDMDaRvdVxS28HXZIrMxx8btPRVrsZcOg+w
zhnCzM+PiXVlWKeNKQ9KGFlLOtKDucZHO2ykrKzK0OXiO/NkL8G9pf+EKfoBRYzr
8v8m4hMchR71v3RJUgJeC2gh+QzsKbBVJwM5MvIXmf+osW3ZdkOZXpp9hG5wV8pO
8Pr2ArDoQ2Bw520Uj4H+RUG3MiXG0SFrvWS1aZNtYkOVKgfsaGw7xO+A/uzggW95
OiaNBJp45lJnuADgyW+kp79t0e5gbAzXA8J/rGYa2qN+71d1qfGXBlwgaTTZ7xgc
YSYN5hFEMfR2YEseIKaLOA5OHk4Go1Zfq4omEqOuhKD2yWyaffz6
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:25:54 2025 by rpki-client