Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/DPIFVxe6N4jFrqihA-mYloyuE6Y.roa
File: DPIFVxe6N4jFrqihA-mYloyuE6Y.roa (raw, json)
Hash identifier: niVNLoQ6bJld4w9ZouDNBwPmQriMuPMIp+mj8EF3yOI=
Subject key identifier: 0C:F2:05:57:17:BA:37:88:C5:AE:A8:A1:03:E9:98:96:8C:AE:13:A6
Certificate issuer: /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial: 01942369569152CB58362AA64B30D2F577CF
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/DPIFVxe6N4jFrqihA-mYloyuE6Y.roa
Signing time: Wed 01 Jan 2025 19:48:13 +0000
ROA not before: Wed 01 Jan 2025 19:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209369
IP address blocks: 77.78.90.0/24 maxlen: 24
81.0.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:56:91:52:cb:58:36:2a:a6:4b:30:d2:f5:77:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Validity
Not Before: Jan 1 19:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cf2055717ba3788c5aea8a103e998968cae13a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:8f:c9:fa:5d:1d:e7:60:c4:f7:49:51:4c:
8f:f0:6c:15:6d:7e:43:42:38:7e:a5:5c:f7:9a:84:
8d:d6:a2:86:67:d1:bb:1e:4b:79:04:75:fe:02:d8:
68:54:45:97:71:d0:e3:18:15:f0:d8:f1:68:df:63:
19:90:0f:39:7c:7f:d0:9e:a3:46:24:a9:d9:60:af:
6c:dc:7b:bd:dc:5c:d2:98:1e:31:66:15:93:ae:f6:
4d:e0:1b:3d:2f:d8:cf:d8:49:7c:7b:d1:98:d1:0a:
d8:e8:d3:3d:55:fc:24:9e:c7:5f:40:0e:15:65:a6:
d5:47:ea:70:ae:b0:61:2a:6a:4a:1a:96:0a:c6:26:
d6:51:46:4c:71:8c:98:fb:05:9e:e6:5a:aa:fb:fb:
41:8d:6d:f7:8a:65:d7:b4:55:6d:b1:78:93:b9:62:
ed:b1:4d:00:d7:46:fa:41:a2:3c:3c:ef:41:66:7c:
24:12:b1:4f:e8:be:3e:85:9c:05:15:90:04:f4:ce:
1d:6c:07:14:85:1c:3e:07:2f:e1:1f:a9:82:9b:9f:
33:1f:28:37:2b:05:e3:86:ba:3d:c5:74:3d:bb:c0:
eb:20:13:b1:0b:71:25:30:13:b8:eb:e1:33:e1:c9:
13:a6:0d:d4:b0:10:cd:7c:d0:8b:2b:89:81:88:24:
09:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F2:05:57:17:BA:37:88:C5:AE:A8:A1:03:E9:98:96:8C:AE:13:A6
X509v3 Authority Key Identifier:
keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/DPIFVxe6N4jFrqihA-mYloyuE6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.90.0/24
81.0.223.0/24
Signature Algorithm: sha256WithRSAEncryption
23:71:35:84:f7:71:ee:44:6c:28:a5:28:1d:22:79:1f:d2:50:
71:a2:62:e7:d1:45:7e:6c:51:fb:20:5b:50:1b:34:e5:f6:f0:
82:35:ee:eb:8b:fb:d7:e2:30:d8:c5:5e:62:d9:74:e7:82:40:
d4:01:56:1d:48:04:28:7c:22:ac:fe:62:20:81:19:cc:e4:54:
98:12:61:31:98:6f:fe:ba:4d:5c:23:78:be:22:37:1c:fb:39:
93:9e:21:42:eb:58:d8:5a:14:a4:3d:b3:d5:0f:90:c8:c1:a7:
c2:ce:be:10:86:da:70:0f:ac:d9:d7:6a:6b:30:41:57:7e:4a:
6d:a3:60:a3:9b:de:ed:b6:e5:14:83:e1:8f:bd:b7:43:15:93:
35:30:86:c8:8b:e0:bd:a7:37:31:67:22:af:63:0e:c7:13:b0:
6a:b8:3d:c5:a0:68:fb:a7:1c:6a:c7:b0:5d:e5:fe:73:70:7f:
ed:9b:c5:03:f0:5f:03:f1:d3:9d:e6:4f:88:db:e4:35:78:7c:
9f:0f:8d:d8:fd:2f:52:5c:ae:30:85:e6:37:47:8e:50:37:02:
71:71:43:bb:f4:1f:f5:bb:4c:fd:85:6a:aa:26:c7:21:43:13:
30:a4:9a:3d:a6:fb:9f:13:9b:32:cb:77:1a:ce:11:02:97:63:
60:a6:9d:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaVaRUstYNiqmSzDS9XfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjUwMTAxMTk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2YyMDU1NzE3YmEzNzg4YzVhZWE4YTEwM2U5OTg5NjhjYWUxM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6uPyfpdHedgxPdJUUyP8GwVbX5D
Qjh+pVz3moSN1qKGZ9G7Hkt5BHX+AthoVEWXcdDjGBXw2PFo32MZkA85fH/QnqNG
JKnZYK9s3Hu93FzSmB4xZhWTrvZN4Bs9L9jP2El8e9GY0QrY6NM9VfwknsdfQA4V
ZabVR+pwrrBhKmpKGpYKxibWUUZMcYyY+wWe5lqq+/tBjW33imXXtFVtsXiTuWLt
sU0A10b6QaI8PO9BZnwkErFP6L4+hZwFFZAE9M4dbAcUhRw+By/hH6mCm58zHyg3
KwXjhro9xXQ9u8DrIBOxC3ElMBO46+Ez4ckTpg3UsBDNfNCLK4mBiCQJkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAzyBVcXujeIxa6ooQPpmJaMrhOmMB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvRFBJRlZ4ZTZONGpGcnFpaEEtbVlsb3l1RTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATU5aAwQA
UQDfMA0GCSqGSIb3DQEBCwUAA4IBAQAjcTWE93HuRGwopSgdInkf0lBxomLn0UV+
bFH7IFtQGzTl9vCCNe7ri/vX4jDYxV5i2XTngkDUAVYdSAQofCKs/mIggRnM5FSY
EmExmG/+uk1cI3i+Ijcc+zmTniFC61jYWhSkPbPVD5DIwafCzr4QhtpwD6zZ12pr
MEFXfkpto2Cjm97ttuUUg+GPvbdDFZM1MIbIi+C9pzcxZyKvYw7HE7BquD3FoGj7
pxxqx7Bd5f5zcH/tm8UD8F8D8dOd5k+I2+Q1eHyfD43Y/S9SXK4wheY3R45QNwJx
cUO79B/1u0z9hWqqJschQxMwpJo9pvufE5syy3cazhECl2Ngpp36
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:28:18 2025 by rpki-client