Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/CurH0neit6mwUOJCujymcbAcz1o.roa
File: CurH0neit6mwUOJCujymcbAcz1o.roa (raw, json)
Hash identifier: kaT9G4LaumOydUTFNX6h/mIOsRC+vafHwk5au9qFPkY=
Subject key identifier: 0A:EA:C7:D2:77:A2:B7:A9:B0:50:E2:42:BA:3C:A6:71:B0:1C:CF:5A
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 019427B479D0A4FEEE900A856F6C271BB142
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/CurH0neit6mwUOJCujymcbAcz1o.roa
Signing time: Thu 02 Jan 2025 15:48:46 +0000
ROA not before: Thu 02 Jan 2025 15:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 109.196.160.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:79:d0:a4:fe:ee:90:0a:85:6f:6c:27:1b:b1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Jan 2 15:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aeac7d277a2b7a9b050e242ba3ca671b01ccf5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:31:36:6a:f0:1c:da:50:fb:1a:7d:d8:31:b0:
f4:32:9c:69:c1:08:ca:bc:79:1c:8e:4e:73:eb:39:
19:43:7e:85:3b:f7:67:ba:2a:68:24:dc:2e:fe:27:
86:ea:cf:c5:82:78:2b:c2:69:0f:f8:47:bc:e1:77:
50:3f:ee:9a:9f:78:6d:8b:d1:4c:35:d6:1c:7c:01:
34:25:0d:ba:df:0d:8c:a4:b5:5c:1f:08:8c:8d:6e:
9f:0e:ba:42:a5:71:2e:b6:c1:40:96:42:b5:03:ff:
92:87:06:5d:a4:eb:27:64:94:ee:c1:e3:53:c5:ab:
3d:3c:19:18:39:f0:2c:70:6e:f3:ab:0f:4e:79:f6:
70:17:57:31:bd:85:9d:e3:87:07:c9:98:98:0c:fa:
63:11:4d:65:be:ab:3d:d7:2c:0c:b1:f2:82:5a:bc:
ab:0a:ed:0c:fa:e5:7d:e2:e8:09:fd:bb:f4:2e:18:
1a:bc:11:63:47:93:b8:c0:70:85:66:4e:ef:d4:5c:
5f:42:89:d4:5a:d1:34:d6:ca:d6:0d:1c:09:57:09:
c4:02:19:da:30:7f:1d:d2:d8:7d:9f:ff:77:fb:1a:
f0:3e:3a:f6:3a:cd:da:21:67:bd:45:5c:1b:3a:35:
e4:aa:77:2c:d4:33:de:4b:2c:27:a0:85:50:2a:a5:
b8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EA:C7:D2:77:A2:B7:A9:B0:50:E2:42:BA:3C:A6:71:B0:1C:CF:5A
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/CurH0neit6mwUOJCujymcbAcz1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:b8:b6:69:86:96:2f:74:26:83:6e:4e:38:cc:59:c9:e1:7a:
1e:9f:0a:1d:c2:c5:33:1c:60:45:ec:3e:00:6a:a3:44:a3:bc:
72:92:ac:71:17:99:dd:e1:61:84:1c:68:37:eb:18:1b:0d:2b:
70:a7:05:f2:ca:58:98:d8:ff:84:0d:09:f6:b7:c2:52:5d:cc:
73:f9:8a:b6:70:20:7f:c9:a6:22:63:8a:ed:8a:d0:f0:bc:fc:
e9:e1:3a:76:46:7b:01:ab:b3:4e:c6:18:c1:87:56:b9:da:4b:
8d:94:d1:0e:b6:4b:3f:f0:7f:d4:ba:cb:b5:c5:99:8a:6b:71:
1c:82:94:a6:4d:ad:cb:08:07:f4:18:aa:57:e0:8f:9f:e8:58:
7f:c3:2c:84:b8:81:e2:a8:3a:99:65:81:bb:f9:38:9e:ec:9d:
ce:64:b3:69:87:0a:24:71:fe:da:a4:d9:fe:9e:0c:4e:cc:d3:
00:b3:b6:cc:19:29:de:1a:35:66:b7:d1:c7:1a:0c:b5:b5:87:
e0:93:fc:8b:48:2a:95:b0:23:b2:00:60:c6:02:db:ca:c1:4b:
e1:a8:5d:f8:aa:4b:42:d7:bf:a7:f9:25:c0:1f:5c:fa:a4:d5:
9f:c3:0a:1a:e7:2f:3b:92:8d:fb:1b:46:c5:d3:12:a7:7c:c4:
50:ea:5c:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntHnQpP7ukAqFb2wnG7FCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjUwMTAyMTU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVhYzdkMjc3YTJiN2E5YjA1MGUyNDJiYTNjYTY3MWIwMWNjZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDE2avAc2lD7Gn3YMbD0MpxpwQjK
vHkcjk5z6zkZQ36FO/dnuipoJNwu/ieG6s/FgngrwmkP+Ee84XdQP+6an3hti9FM
NdYcfAE0JQ263w2MpLVcHwiMjW6fDrpCpXEutsFAlkK1A/+ShwZdpOsnZJTuweNT
xas9PBkYOfAscG7zqw9OefZwF1cxvYWd44cHyZiYDPpjEU1lvqs91ywMsfKCWryr
Cu0M+uV94ugJ/bv0LhgavBFjR5O4wHCFZk7v1FxfQonUWtE01srWDRwJVwnEAhna
MH8d0th9n/93+xrwPjr2Os3aIWe9RVwbOjXkqncs1DPeSywnoIVQKqW4twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArqx9J3orepsFDiQro8pnGwHM9aMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvQ3VySDBuZWl0Nm13VU9KQ3VqeW1jYkFjejFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbcSgMA0G
CSqGSIb3DQEBCwUAA4IBAQB8uLZphpYvdCaDbk44zFnJ4XoenwodwsUzHGBF7D4A
aqNEo7xykqxxF5nd4WGEHGg36xgbDStwpwXyyliY2P+EDQn2t8JSXcxz+Yq2cCB/
yaYiY4rtitDwvPzp4Tp2RnsBq7NOxhjBh1a52kuNlNEOtks/8H/Uusu1xZmKa3Ec
gpSmTa3LCAf0GKpX4I+f6Fh/wyyEuIHiqDqZZYG7+Tie7J3OZLNphwokcf7apNn+
ngxOzNMAs7bMGSneGjVmt9HHGgy1tYfgk/yLSCqVsCOyAGDGAtvKwUvhqF34qktC
17+n+SXAH1z6pNWfwwoa5y87ko37G0bF0xKnfMRQ6lx8
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:50:20 2025 by rpki-client