Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/5KcLRy-cZuSsgteyBc4ZCpbOBgE.roa
File: 5KcLRy-cZuSsgteyBc4ZCpbOBgE.roa (raw, json)
Hash identifier: vlMY9M8ZCYNSJr7C0tbuNcxuWWhYbZY+IB3rhRzuBaE=
Subject key identifier: E4:A7:0B:47:2F:9C:66:E4:AC:82:D7:B2:05:CE:19:0A:96:CE:06:01
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 018DDBC79C2EB9399E9530A2D7EDBC4D1BB9
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/5KcLRy-cZuSsgteyBc4ZCpbOBgE.roa
Signing time: Sat 24 Feb 2024 15:41:48 +0000
ROA not before: Sat 24 Feb 2024 15:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3920
IP address blocks: 37.49.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:c7:9c:2e:b9:39:9e:95:30:a2:d7:ed:bc:4d:1b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Feb 24 15:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4a70b472f9c66e4ac82d7b205ce190a96ce0601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:1b:2d:b2:d4:a1:3b:50:d9:3a:da:f3:a3:
f9:72:79:79:a7:6f:96:27:15:92:c8:4c:6d:fd:32:
86:66:87:ec:e8:c7:8e:05:71:84:f2:ab:d7:d9:db:
c3:6c:df:7d:3d:5c:b5:1c:ed:0f:ab:87:f7:f1:3c:
f7:fd:11:23:b2:9a:d9:88:1d:38:6b:49:a3:20:51:
d2:c6:ae:c5:4d:59:13:87:24:27:5f:70:18:79:f5:
8c:6f:28:53:a0:e6:e4:f9:c5:41:87:a6:61:16:4f:
ab:d8:be:7a:4a:40:b7:51:17:25:19:0f:4c:8e:d3:
ec:2c:ce:b0:d8:64:56:93:41:8d:2d:9b:6c:0c:47:
83:4c:af:ed:12:ef:fa:7d:57:ec:e3:ac:95:47:c6:
f7:1e:98:6b:97:99:aa:3b:2b:70:20:e8:5a:aa:42:
33:72:0a:36:9d:5e:1a:8c:65:af:ec:3d:34:5e:12:
0b:27:b0:63:f5:45:b2:4d:aa:a9:7b:ac:08:c8:e8:
39:88:6b:b6:c3:ce:a7:84:ef:d1:e0:c5:b1:2b:ea:
06:c3:f6:b3:f6:0b:e0:2a:25:29:c2:8a:09:6c:71:
d9:8b:18:e2:c3:7c:1d:1f:cf:17:11:4c:80:47:58:
72:19:b2:9a:97:91:54:6a:b0:3d:cc:27:b2:7c:47:
a6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A7:0B:47:2F:9C:66:E4:AC:82:D7:B2:05:CE:19:0A:96:CE:06:01
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/5KcLRy-cZuSsgteyBc4ZCpbOBgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e7:27:b3:6f:ce:16:0c:5d:bd:35:51:91:cd:d6:c3:2e:b9:
c9:40:21:76:28:99:fb:0d:8d:2c:78:f9:ac:e0:8d:de:d1:ec:
92:a7:be:1f:71:64:e3:6c:58:aa:1e:a5:c8:a7:b6:25:d7:7c:
c2:09:4f:bc:99:4e:28:96:b9:35:49:26:0b:db:50:43:c8:e4:
5f:51:85:9f:f0:8c:9d:06:ca:7b:06:f7:a7:26:39:71:55:e4:
ad:cb:ac:58:5c:47:5f:5f:cf:8f:d3:f2:37:42:21:29:f0:d3:
35:02:08:43:b5:be:36:15:b3:d5:d6:88:e6:3f:87:d0:d2:f9:
6e:1a:0f:02:3f:65:66:23:29:73:81:63:4a:0a:6c:0a:6e:80:
cb:47:38:11:52:b6:27:5c:e9:67:35:92:b9:1d:30:dd:ad:3c:
23:85:b7:32:78:64:0a:50:81:cd:e1:56:13:4f:d6:7b:d4:bd:
23:2e:bf:7d:d5:cd:19:1f:ee:28:6d:e8:bc:84:92:34:9f:3c:
f0:9a:0c:50:a6:39:60:22:73:d8:db:f2:73:5a:d0:4b:01:f7:
46:d9:fa:09:a5:f6:54:9e:b2:54:e3:29:99:ce:25:5a:c9:a0:
2c:78:94:ac:b1:e7:3d:39:f7:da:d5:f5:6e:04:ea:9a:ad:8c:
1d:c2:a8:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3bx5wuuTmelTCi1+28TRu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjQwMjI0MTU0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGE3MGI0NzJmOWM2NmU0YWM4MmQ3YjIwNWNlMTkwYTk2Y2UwNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8UbLbLUoTtQ2Tra86P5cnl5p2+W
JxWSyExt/TKGZofs6MeOBXGE8qvX2dvDbN99PVy1HO0Pq4f38Tz3/REjsprZiB04
a0mjIFHSxq7FTVkThyQnX3AYefWMbyhToObk+cVBh6ZhFk+r2L56SkC3URclGQ9M
jtPsLM6w2GRWk0GNLZtsDEeDTK/tEu/6fVfs46yVR8b3Hphrl5mqOytwIOhaqkIz
cgo2nV4ajGWv7D00XhILJ7Bj9UWyTaqpe6wIyOg5iGu2w86nhO/R4MWxK+oGw/az
9gvgKiUpwooJbHHZixjiw3wdH88XEUyAR1hyGbKal5FUarA9zCeyfEemYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSnC0cvnGbkrILXsgXOGQqWzgYBMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvNUtjTFJ5LWNadVNzZ3RleUJjNFpDcGJPQmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTHjMA0G
CSqGSIb3DQEBCwUAA4IBAQAu5yezb84WDF29NVGRzdbDLrnJQCF2KJn7DY0sePms
4I3e0eySp74fcWTjbFiqHqXIp7Yl13zCCU+8mU4olrk1SSYL21BDyORfUYWf8Iyd
Bsp7BvenJjlxVeSty6xYXEdfX8+P0/I3QiEp8NM1AghDtb42FbPV1ojmP4fQ0vlu
Gg8CP2VmIylzgWNKCmwKboDLRzgRUrYnXOlnNZK5HTDdrTwjhbcyeGQKUIHN4VYT
T9Z71L0jLr991c0ZH+4obei8hJI0nzzwmgxQpjlgInPY2/JzWtBLAfdG2foJpfZU
nrJU4ymZziVayaAseJSssec9Offa1fVuBOqarYwdwqgf
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:44:45 2025 by rpki-client