Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/ES8dk2ad03Tef6nUizUKegj91fA.roa
File: ES8dk2ad03Tef6nUizUKegj91fA.roa (raw, json)
Hash identifier: 7Wbbqgi3Lkjb/kEayO32dPAnvXRwITvS7WEsg2rAoAI=
Subject key identifier: 11:2F:1D:93:66:9D:D3:74:DE:7F:A9:D4:8B:35:0A:7A:08:FD:D5:F0
Certificate issuer: /CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Certificate serial: 019421445FB560B0A3B7CD875C74482BC5DB
Authority key identifier: F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/ES8dk2ad03Tef6nUizUKegj91fA.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212699
IP address blocks: 89.38.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5f:b5:60:b0:a3:b7:cd:87:5c:74:48:2b:c5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=112f1d93669dd374de7fa9d48b350a7a08fdd5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:c6:1a:65:6d:6a:6c:74:80:b5:0e:8e:e5:
97:0f:87:85:fa:06:52:e2:5d:2e:79:34:c8:c6:41:
c5:27:be:0e:de:68:24:c6:11:8d:08:4b:db:34:6e:
e1:00:9d:a2:17:58:26:27:ad:70:bd:b9:eb:57:97:
f2:de:72:81:17:43:d3:f1:bc:5b:56:bc:fc:51:ac:
f2:e3:34:9e:2a:10:fd:c3:13:94:7f:86:9e:da:df:
85:ac:f3:8d:80:ff:6e:10:55:75:f8:a6:aa:c6:2c:
00:ff:0e:54:98:f3:c6:eb:a9:b4:74:48:55:8f:c2:
63:e2:d1:ee:60:03:aa:3a:f7:90:32:eb:20:6b:4e:
61:4b:7c:94:4e:b7:ca:fe:b8:f2:bc:32:2d:1e:13:
5b:9f:26:24:88:a2:0b:d5:9a:d8:8c:81:35:b3:e7:
93:47:55:10:52:1a:92:14:d3:15:91:bb:41:45:59:
3c:68:d1:83:39:79:92:43:25:0a:c5:bb:f4:ea:d1:
a5:66:30:c5:21:49:a9:fc:a1:e7:dd:02:19:39:3a:
a2:b5:2c:4a:5b:6a:0e:21:8f:ee:cb:be:f9:58:4b:
85:87:df:16:ee:a4:03:6b:d5:53:bb:8b:b6:e7:54:
36:30:d1:95:62:04:c8:9c:6c:e3:d9:30:c6:92:2f:
b4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2F:1D:93:66:9D:D3:74:DE:7F:A9:D4:8B:35:0A:7A:08:FD:D5:F0
X509v3 Authority Key Identifier:
keyid:F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/ES8dk2ad03Tef6nUizUKegj91fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.105.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ac:a0:df:bc:a7:a9:74:07:0c:d8:22:0b:0a:e8:6e:ee:7d:
7f:ab:0a:a1:37:8a:54:44:ab:15:f7:97:9f:16:06:82:05:84:
84:8a:8a:7e:77:96:55:d6:d3:59:ed:fe:38:32:74:d5:72:3e:
cd:7a:1b:97:d7:7b:69:b4:a1:f5:da:53:f3:b2:97:11:72:75:
96:fa:57:58:ab:b5:75:96:c6:1e:b4:28:bd:b1:e2:32:fe:aa:
61:4a:55:3b:d1:8e:fb:3c:3c:33:b5:b4:cb:92:b3:b9:b7:4d:
d8:bc:dc:da:18:9a:ee:78:b9:d5:0d:53:d5:d6:04:6e:85:3e:
80:be:65:d6:28:e2:ec:ac:5e:b1:33:2d:b9:5b:59:0a:7a:29:
55:af:3b:9a:e2:dc:b8:63:70:98:da:b5:11:5a:bb:f8:64:b7:
b7:28:fc:d9:95:8c:24:96:9f:82:ea:aa:8a:57:ff:94:32:25:
bc:1a:95:25:a1:09:6d:c1:be:6a:b3:46:13:6d:13:57:63:6a:
90:72:1a:65:43:ef:0f:54:e4:45:1b:b2:f5:4d:48:50:12:4e:
9b:ba:4b:9b:ce:ca:9a:23:8b:88:1c:c3:eb:39:48:49:ba:5a:
29:fd:36:fd:eb:1f:d2:e2:8d:93:92:bd:69:e2:69:eb:8a:ac:
65:6f:0d:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRF+1YLCjt82HXHRIK8XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2N2VkNGY3ZDM1NTc1MjgxYzE3NmNhZTNkZGNiZDQwY2M1
YzFkZDYwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJmMWQ5MzY2OWRkMzc0ZGU3ZmE5ZDQ4YjM1MGE3YTA4ZmRkNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjnGGmVtamx0gLUOjuWXD4eF+gZS
4l0ueTTIxkHFJ74O3mgkxhGNCEvbNG7hAJ2iF1gmJ61wvbnrV5fy3nKBF0PT8bxb
Vrz8Uazy4zSeKhD9wxOUf4ae2t+FrPONgP9uEFV1+KaqxiwA/w5UmPPG66m0dEhV
j8Jj4tHuYAOqOveQMusga05hS3yUTrfK/rjyvDItHhNbnyYkiKIL1ZrYjIE1s+eT
R1UQUhqSFNMVkbtBRVk8aNGDOXmSQyUKxbv06tGlZjDFIUmp/KHn3QIZOTqitSxK
W2oOIY/uy775WEuFh98W7qQDa9VTu4u251Q2MNGVYgTInGzj2TDGki+0ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEvHZNmndN03n+p1Is1CnoI/dXwMB8GA1UdIwQY
MBaAFPZ+1PfTVXUoHBdsrj3cvUDMXB3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjct
ZjQ0ODVhZWQ3NDI5LzEvRVM4ZGsyYWQwM1RlZjZuVWl6VUtlZ2o5MWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjctZjQ0ODVhZWQ3NDI5
LzEvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSZpMA0G
CSqGSIb3DQEBCwUAA4IBAQAerKDfvKepdAcM2CILCuhu7n1/qwqhN4pURKsV95ef
FgaCBYSEiop+d5ZV1tNZ7f44MnTVcj7NehuX13tptKH12lPzspcRcnWW+ldYq7V1
lsYetCi9seIy/qphSlU70Y77PDwztbTLkrO5t03YvNzaGJrueLnVDVPV1gRuhT6A
vmXWKOLsrF6xMy25W1kKeilVrzua4ty4Y3CY2rURWrv4ZLe3KPzZlYwklp+C6qqK
V/+UMiW8GpUloQltwb5qs0YTbRNXY2qQchplQ+8PVORFG7L1TUhQEk6bukubzsqa
I4uIHMPrOUhJulop/Tb96x/S4o2Tkr1p4mnriqxlbw0d
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:05 2025 by rpki-client